www.therams.com Open in urlscan Pro
151.101.129.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://therams.com/
Effective URL:
https://www.therams.com/
Submission: On January 26 via api (January 26th 2024, 6:28:35 am UTC) from US — Scanned from DE

Summary HTTP 209 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 39 domains to perform 209 HTTP transactions. The main IP is 151.101.129.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 236606.
TLS certificate: Issued by R3 on January 13th 2024. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.65.153 151.101.65.153	54113 (FASTLY) (FASTLY)
47	151.101.129.153 151.101.129.153	54113 (FASTLY) (FASTLY)
11	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:980::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.60.198.68 23.60.198.68	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.153 151.101.193.153	54113 (FASTLY) (FASTLY)
11	151.101.1.153 151.101.1.153	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 15	54.171.67.28 54.171.67.28	16509 (AMAZON-02) (AMAZON-02)
9	65.9.66.7 65.9.66.7	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.152 151.101.65.152	54113 (FASTLY) (FASTLY)
2	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
8 8	52.212.233.39 52.212.233.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
1	18.245.86.107 18.245.86.107	16509 (AMAZON-02) (AMAZON-02)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 ^_^) (CDN77 ^_^)
15	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 2	35.158.172.152 35.158.172.152	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
12	63.33.146.168 63.33.146.168	16509 (AMAZON-02) (AMAZON-02)
1 1	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
12	2600:9000:223... 2600:9000:223f:200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2600:1f18:1ac... 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea	14618 (AMAZON-AES) (AMAZON-AES)
7 8	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6 12	99.80.28.62 99.80.28.62	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 4	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
7 7	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1 1	18.232.230.211 18.232.230.211	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
209	42

1 151.101.65.153 (United States) 1 redirects

ASN54113 (FASTLY, US)

therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 151.101.129.153 (United States)

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:980::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.60.198.68 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-198-68.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.153 (United States)

ASN54113 (FASTLY, US)

p.nfltags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.1.153 (United States)

ASN54113 (FASTLY, US)

static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.171.67.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.66.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-7.fra56.r.cloudfront.net

auth-id.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.152 (United States)

ASN54113 (FASTLY, US)

api.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

smetrics.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.212.233.39 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-233-39.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

207fc6b302864d99d7e75246082c0b5d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

sedge.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-107.fra60.r.cloudfront.net

auth-id.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.172.152 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-172-152.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 63.33.146.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.221 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:223f:200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.80.28.62 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-28-62.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.130.49 (United States) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.230.211 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-230-211.compute-1.amazonaws.com

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	therams.com 1 redirects therams.com — Cisco Umbrella Rank: 225294 www.therams.com — Cisco Umbrella Rank: 236606 auth-id.therams.com — Cisco Umbrella Rank: 835735	564 KB
36	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 851 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	627 KB
27	everesttech.net 21 redirects cm.everesttech.net — Cisco Umbrella Rank: 1278 pixel.everesttech.net — Cisco Umbrella Rank: 5652 sync-tm.everesttech.net — Cisco Umbrella Rank: 716	10 KB
26	nfl.com static.clubs.nfl.com — Cisco Umbrella Rank: 20369 auth-id.nfl.com — Cisco Umbrella Rank: 18203 api.nfl.com — Cisco Umbrella Rank: 18184 smetrics.nfl.com — Cisco Umbrella Rank: 33364 sedge.nfl.com — Cisco Umbrella Rank: 22120 static.www.nfl.com — Cisco Umbrella Rank: 19499	919 KB
23	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	193 KB
20	googlesyndication.com 207fc6b302864d99d7e75246082c0b5d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	405 KB
16	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239 nfl.demdex.net — Cisco Umbrella Rank: 26311 adobedc.demdex.net — Cisco Umbrella Rank: 7980	16 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 364	227 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	390 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388 ads.yahoo.com — Cisco Umbrella Rank: 7013	764 B
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326	2 KB
3	google.com apis.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 2	117 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1780 load77.exelator.com — Cisco Umbrella Rank: 4039	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 423	758 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	656 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	1 KB
1	undertone.com 1 redirects usr.undertone.com — Cisco Umbrella Rank: 2036	334 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 646	418 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 912	225 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 524	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1375	204 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	418 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 1803	330 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	149 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 789	394 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1651	175 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1381	402 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1331	697 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	303 B
1	nfltags.com p.nfltags.com — Cisco Umbrella Rank: 20266	156 KB
1	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 12395	169 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 460	79 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 485	30 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
209	39

	Domain	Requested by
45	www.therams.com	www.therams.com p.nfltags.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
15	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net www.googletagservices.com
14	dpm.demdex.net	2 redirects www.therams.com
12	pixel.everesttech.net	6 redirects
12	dt.adsafeprotected.com
12	static.adsafeprotected.com	pixel.adsafeprotected.com www.therams.com
12	pixel.adsafeprotected.com	www.therams.com
11	static.clubs.nfl.com	www.therams.com
11	cdn.cookielaw.org	www.therams.com cdn.cookielaw.org
9	auth-id.nfl.com	cdns.us1.gigya.com auth-id.nfl.com
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
7	sync-tm.everesttech.net	7 redirects
6	www.googletagservices.com	securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	s.amazon-adsystem.com	2 redirects
3	ib.adnxs.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	gum.criteo.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	cdns.us1.gigya.com connect.facebook.net
2	apis.google.com	cdns.us1.gigya.com apis.google.com
2	pm.w55c.net	2 redirects
2	loadm.exelator.com	2 redirects
2	static.www.nfl.com	www.therams.com
2	api.nfl.com	p.nfltags.com
1	usr.undertone.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	pixel.advertising.com	1 redirects
1	match.adsrvr.org
1	www.google.com	tpc.googlesyndication.com
1	analytics.twitter.com
1	x.dlx.addthis.com	1 redirects
1	d.turn.com	1 redirects
1	load77.exelator.com	www.therams.com
1	auth-id.therams.com	cdns.us1.gigya.com
1	sedge.nfl.com	assets.adobedtm.com
1	sync.mathtag.com	1 redirects
1	207fc6b302864d99d7e75246082c0b5d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adobedc.demdex.net	assets.adobedtm.com
1	smetrics.nfl.com	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	p.nfltags.com	www.therams.com
1	cdns.us1.gigya.com	www.therams.com
1	assets.adobedtm.com	www.therams.com
1	imasdk.googleapis.com	www.therams.com
1	therams.com	1 redirects
0	sync.search.spotxchange.com Failed
0	adb2waycm-atl.netmng.com Failed
209	59

This site contains links to these domains. Also see Links.

Domain
ramsnewlook.com
www.ramsfanshop.com
www.pntrac.com
sports.yahoo.com
metabilia.io
itunes.apple.com
play.google.com
www.ramssuites.com
am.ticketmaster.com
www.facebook.com
www.instagram.com
www.snapchat.com
www.youtube.com
www.tiktok.com
open.spotify.com
www.linkedin.com
rams.formstack.com
twitter.com
www.teamworkonline.com
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.commanders.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com
www.ticketmaster.com
privacyportal.onetrust.com
www.onetrust.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2024-01-13` - `2024-04-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
cdns.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
ndc-production-san.nfl.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
auth-id.nfl.com Amazon RSA 2048 M02	`2023-09-22` - `2024-10-20`	a year	crt.sh
clubsweb.san1.nfl.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
smetrics.nfl.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-30` - `2024-08-29`	a year	crt.sh
adobedc.demdex.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-22` - `2024-11-21`	a year	crt.sh
sedge.nfl.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-04` - `2024-09-03`	a year	crt.sh
auth-id.therams.com Amazon RSA 2048 M02	`2023-09-18` - `2024-10-17`	a year	crt.sh
static.www.nfl.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.therams.com/
Frame ID: E44D998FCB0A3EDFF51828E885126B5B
Requests: 114 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: B9FF3993BB202D6E0F8C2BAF9D45376F
Requests: 34 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=15686
Frame ID: B63E8AEC32D3620C74FBB2CEBC0278EA
Requests: 2 HTTP requests in this frame

Frame: https://207fc6b302864d99d7e75246082c0b5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26F096A19BF1161A70686B81B0CCEF60
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ3lw-NtBxUBGVhr_04aLBsQ1dqSbU3jhys1FpK7XePuVk7oJANrnsQQi0O3p84rzuJRVmssdfaqhkj20rQLrHPK0pxhdwXFbrR7kE2s8iIlZFngCd00HdietsuqlZqmElcbeBPhtIE4xEcF9pfHXlhyhl3X_oUE5cMg_qg7rTFewECtKYOOxI4No5dEWlnsmacUwlnzxsXM4x7Gt1XQG7kFofwVyqCBEUqmszmY-n9xNPrhBrN4pSy0O5LLoCLkR5Veer7QF5FkkqArH5HS0b00F60RPSLqcSWKkWW-gABvi07F5ZC8QTkUJyZVSFepgByRCBh9zq1pf11HCA&sai=AMfl-YTOXTMc526P1fsoWZgzJzFo7z6AYuqVAuyJPbzGlI0Pc4bdm4t0Cl913LyQr0aVJ9YjufGPUs-KUlbY453_LfGmp2haE8NVioyC3CEpfXqgOCGoeSRnIOpOpMy5kXxzpMR_u38ch5SlxP0CAXAKsrCE&sig=Cg0ArKJSzAW_nDzeEnPiEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3166C6BD817E632AD004B96BAF2532F2
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbayYWFlCNOQWcrafgc4uqpzHD64hyE9hMzQQ0g1prN19CsoNqPKADJ6BnwTVPbDZ-pOrUenPZWmQROA3jPcbSrInvXF_NPIhm1xVMCORC_yeuD81EMymQvnPdb7QmTLFEvxJuF6Pge-_LAGWBXEI3EKhJT5yPOU32WbwR6pAe8dOkNi2Oby7U74tPzAbvBkooDv4bB_EuiDwPNAl0mAJKVxAItzabjVTNS1D4nzHn-ToIEDLM2s154mVzuNX5JVj5vP2ImcEwhpRO4W9KMgiZApChFAa89Q1h1Atpm2Fiq3XN8teS5PFLoXmo6KNhbps6MgN0GBqaOmlFucI8&sai=AMfl-YQySRKCMt1Cd-FpIE3lECG3O81ZKjfvc_kM-m5emEi82oKMcFOQF9m6rS5R8YUdcwFe_PnDzU9fIENS2kWGhb3wRsw2dtXQOXgzMg0TzpVN5FcxY0PIah8QJuXNcrIhAQEjLyC1ymJsD3bI-90nMyq8&sig=Cg0ArKJSzLDFggh6m_goEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 03C6E64C9C99786B7DE2F078A8D44478
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5fg0gQD0Q-mh0d7KYz741b79jfJ6XOnL9moX6AwRCEBbOr3uGKgcIrTQA-c9iN92LTN6O-9x4ror8uycUtwYrBv7a6mteE84P-vkw8Hh-ddGYmzQXj7UEdyZZWAwY90Fi_kSOY6BsADshx-KvIvk329k_DTa9NAbCwlKN1PqCl9gi1Zt5zdZrGPH1lw-60JqP5D0OoF2vpEFk9zQzDkdmLelvE4-7gDgp9KNA3Pc_aN28H1maKIwdcrTVwmbibam48Oh0su4dB5M7F8FWh24xDnCLw4Bt2hzeS9XlYyy_V-edMGkk40c5wu2el92qH-65djPhJUi0B41eVCah&sai=AMfl-YRFw9YhNTA28J5JKX9KiSQoJ-C6aYw7eM624NZ14sW9OjashcZZSNS9CKjUuMyW7mJu0DT3geiGJUAL9UZ_wGAomxw2Zyl6BmkdviF-43eezPOKVupZU0jFxnnCo3GkpjN6o9SaV58lzlsTuavMtF3a&sig=Cg0ArKJSzGBOAvJM2qAFEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: BBD220FA996200B8C24B1C16FBEF51E1
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssguLiBpIJyTEKBTtXKCjJtyKl2DChLO6JuglCFmXtU-FUbdvUvpb4DIO1RXrUZiUwdP1yDZlRs2BKiTTEhZHWMqYefHbtkVCHLl9QKYIN4_xtD8Fk8sPzZFWQHAO5xwTtozZMKH6Tc-MDeTgJ82susdB1vmql9q2pUPwzEvVTKRc8GPwVMxMjokpDlgtbPvaFSGzsMpqyJ_jL5WsSYPtFH3TNRvclPDHJsZt2J7ccTl7SZAY_EdRjttKKPDWPp7b2mx_0B2G0sIF8gbejKahIgcgtsanYzZ_Vc6hqDwIKNHqUWSWvMYftogRNZMDy-RnTPloKOW7ckO68aAJHf&sai=AMfl-YRiqgSTRkB0N7o1KHIlwJxQ8CF6-AxYoZdSeD-dUKDywWeqEA7s3ehMozdFuJjJgXJYm2D7Liv3sA8885tUR6o0v5W9L_WHbqZrxRjBGpfY4V38Rq4a6th4HZEvSU-17kuj0j3Ao_XMUJhZj4RmMAbt&sig=Cg0ArKJSzGy7btfwEmQUEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 50C43D2A4B4F8A35887D3B2544403A75
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYV7g8HE63Y-PNFxDvkbexgITmxxLZctw5Eqe2VWisFpMkt7hdP5N7wRDeVZwsiL0M_aTWZmEEBe6rS5FvZnuYqyGYLW30Nw5PPaA5yyccm9vrhqZqMlTDY7zV8y80zRMg7Vf57FhCGBDuzNDGHrqKArRbKSSoP_CszN93PHN4qei_6IzURY87VvrR0ytsZdtHvNBYe8Aphk7V_lpGqp3Y_bm60cYLU4iqa4Wsuzs4esGaMSVGLotUcDIg3gJhIrjfNGhKq9upQ6iQBMjKlJk0SvyBzXRJfU1jrYrXbrIIcD6mwE7tUin1ZN2ZscUXMFWZ97QJm7__FqpNouju&sai=AMfl-YSjE9GfloWmOByHJufXRQXFE8-z8blH79WieQxoVoq-d0oOWxtV0JPQ3DAHJRsZ0JxOivEPbOY0xvWPQegSZH5numG0k3GSUcNWtmCPe9Rz2qL_EG0Bq5Ps6D3b5bGzZhAynxy_Q5R7ralz4FTxZAr1&sig=Cg0ArKJSzF-ZYSqujZbxEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 191FD33B8F3505F8808471CF543A8D79
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqKpjniV3K1a4Ao3YgZx7dO0jHioCLoDbv7mN1zse3PvU1LMeMGIYRpnDu9M9YJiX4D4O85pTaeBTL-iNmWJe8owFaeZ2TKF2ExTQdjhColoHtt4YxKjcsQwFqNwpkUwoC80JCcs428Ec1AgfFoHiqAmCrhqMcNRt17yqWMhZrl-k2QC9dSNwhCXwtYeKvzg2E69jJofHQp7La3IgZ3QF6oazbCvSvFvDI61v1fwKugDUrOc5mpuuUH8Jn0PXzaShNHEty8ycnIx1dPpsgULnjTkzhXfB9p0Dwg1T6ePUbRjjo5Z9qGynp4v-vB8GR0xLFQ7joW6F4NPQBwBjV&sai=AMfl-YSgzo5uGzEewfPU4JYSsd59ziC1UY4CSZOW2TgH_Q3f8Ht9H8mvWv2vN2VeAaLFgEZuVYttgooF1FEItaIVjdt7wo7Ob855d7HwSRHXuEQ8X6eDiy4O0ezt2uBPEXN2mLbNW3ZMcgY_m7JFTAOOjNai&sig=Cg0ArKJSzNQxunrydq-GEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0ABF8938FC39F2F0F401F6F90FFF89EB
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5222449639&chanId=21734991026&placementId=6295301662&pubCreative=138432734008&pubOrder=3200570583&cb=356466560&adsafe_par&impId=&custom=centerpiece&custom2=home&custom3=
Frame ID: 6AA8EA82B131660341924170000D7A48
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5426111950&chanId=21734991026&placementId=6488692749&pubCreative=138461459928&pubOrder=3337027668&cb=2106554854&adsafe_par&impId=&custom=content-package&custom2=home&custom3=
Frame ID: 5CEB3BC6E3E166DF4E01A750155F9701
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5349386397&chanId=21734991026&placementId=6373810974&pubCreative=138445397198&pubOrder=3248104450&cb=491662692&adsafe_par&impId=&custom=bottom&custom2=home&custom3=
Frame ID: E2427BF996264412CABBA36C51483933
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30702453&chanId=21734991026&placementId=6364618761&pubCreative=138443588493&pubOrder=3244091193&cb=321548275&adsafe_par&impId=&custom=inpage_1&custom2=home&custom3=
Frame ID: 6F979068B2AF70CC06467BB860024AF6
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5240484120&chanId=21734991026&placementId=6401654110&pubCreative=138450969729&pubOrder=3262007264&cb=13504120&adsafe_par&impId=&custom=inpage_2&custom2=home&custom3=
Frame ID: 5AF9A687BE97011674C16ECD1B43D81A
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5331428053&chanId=21734991026&placementId=6337319697&pubCreative=138438359232&pubOrder=3225099811&cb=444867734&adsafe_par&impId=&custom=inpage_3&custom2=home&custom3=
Frame ID: 6CB378B854E97FED3D4FBB8F4C161243
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
Frame ID: 2635A4B81F2EF9D55A8355115AE1F764
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
Frame ID: B75D15A43A8681FA061D4194A7932308
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B7EF25AB27E33A7F5E13C3BD68208FE6
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D986112D6C67CCB4D949F92F93F6654E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 958BFA9095C3D5D98ED8BF38BB271AFA
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 58E7446939858C03D16B4D942AE0332D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 93AF1E1AB2A58AAE5FF517850DEB83B1
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A0098C5F8171B497A39B9F2A8F68DD08
Requests: 1 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
Frame ID: 741D05F7AACE0C8759F141A3EDAD20EB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6888A15C842343E65C6AAAB88AC039E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AADBA51CC2B15CF964F82AFDAEB6BF57
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Los Angeles Rams Home | Los Angeles Rams - therams.comBack ButtonFilter Button

Page URL History Show full URLs

https://therams.com/ HTTP 301
https://www.therams.com/ Page URL

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

209
Requests

85 %
HTTPS

38 %
IPv6

39
Domains

59
Subdomains

42
IPs

5
Countries

3990 kB
Transfer

10909 kB
Size

50
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://ramsnewlook.com/
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://www.pntrac.com/t/2-479175-57835-55814
Title: NFL+

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: https://metabilia.io/platforms/rams/events/230

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8
Title: DOWNLOAD FOR iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams
Title: DOWNLOAD FOR ANDROID

Search URL Search Domain Scan URL

URL: https://www.ramssuites.com/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: ACCOUNT MANAGER

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Rams/
Title: facebook Rams

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rams/
Title: instagram Rams

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/snaptherams
Title: snapchat SnapTheRams

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCyJ6yZdVUkBvt2vl4R03jcA
Title: youtube Los Angeles Rams

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@rams
Title: tiktok Rams

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/5mkt0hgTNL81R8cjngLS1e
Title: spotify Rams Iconic Podcast

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/los-angeles-rams
Title: linkedin Los Angeles Rams

Search URL Search Domain Scan URL

URL: https://rams.formstack.com/forms/preference_ic_final
Title: email Email/SMS

Search URL Search Domain Scan URL

URL: https://twitter.com/ramsnfl
Title: x RamsNFL

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/

Search URL Search Domain Scan URL

URL: https://www.bengals.com/

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/

Search URL Search Domain Scan URL

URL: https://www.steelers.com/

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/

Search URL Search Domain Scan URL

URL: https://www.patriots.com/

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/

Search URL Search Domain Scan URL

URL: https://www.colts.com/

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/

Search URL Search Domain Scan URL

URL: https://www.chargers.com/

Search URL Search Domain Scan URL

URL: https://www.raiders.com/

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/

Search URL Search Domain Scan URL

URL: https://www.packers.com/

Search URL Search Domain Scan URL

URL: https://www.vikings.com/

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/

Search URL Search Domain Scan URL

URL: https://www.giants.com/

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/

Search URL Search Domain Scan URL

URL: https://www.commanders.com/

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/

Search URL Search Domain Scan URL

URL: https://www.panthers.com/

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/

Search URL Search Domain Scan URL

URL: https://www.49ers.com/

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/46acd508-0e8d-40cd-af22-1a8bdfa6da60/224a3598-1b25-497d-9273-be255f55461c
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://therams.com/ HTTP 301
https://www.therams.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1706250509597 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1706250509597

Request Chain 36

https://cm.everesttech.net/cm/dd?d_uuid=77167203466992872660567968044757492851 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZbNRDQAAANuGEwN6

Request Chain 46

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=77167203466992872660567968044757492851&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d77167203466992872660567968044757492851 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=344f65b3-510e-4900-aae5-2a267aefd349&ddsuuid=77167203466992872660567968044757492851

Request Chain 77

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77167203466992872660567968044757492851 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77167203466992872660567968044757492851&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 118

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=PP9psXrI1RtfHw5

Request Chain 121

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6912272092328135261

Request Chain 122

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3217190738923883784

Request Chain 125

https://x.dlx.addthis.com/e/demdex_sync?na_exid=77167203466992872660567968044757492851&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2024012606283000014016612231

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzcxNjcyMDM0NjY5OTI4NzI2NjA1Njc5NjgwNDQ3NTc0OTI4NTE= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELtfew-ysohSVmVKkxlcUUY&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 179

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEBulQgrN2U9IUtA_mljM5CY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 183

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBulQgrN2U9IUtA_mljM5CY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 186

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEBulQgrN2U9IUtA_mljM5CY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 188

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEBulQgrN2U9IUtA_mljM5CY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 191

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBulQgrN2U9IUtA_mljM5CY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 193

https://pixel.advertising.com/ups/28/sync?uid=77167203466992872660567968044757492851&_origin=1&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/28/sync?uid=77167203466992872660567968044757492851&_origin=1&redir=true

Request Chain 194

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBulQgrN2U9IUtA_mljM5CY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 197

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3Bo-4OtyA62csRJZzss-j_59PKYpiPky&gdpr=0&gdpr_consent=

Request Chain 198

https://ps.eyeota.net/match?bid=6j5b2cv&uid=77167203466992872660567968044757492851&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 199

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=77167203466992872660567968044757492851&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=77167203466992872660567968044757492851&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-NexfAUNE2pGGQvRGA0Fnso0LuYCBCRAEMTE-~A

Request Chain 202

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZbNRDQAAANuGEwN6&sigv=1&esig=1~d4ea130b9aff7c105ccc52aff7074cfd74f08d2e

Request Chain 203

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJOUkRRQUFBTnVHRXdONg==

Request Chain 204

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZbNRDQAAANuGEwN6&expires=90

Request Chain 205

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbNRDQAAANuGEwN6 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbNRDQAAANuGEwN6&C=1

Request Chain 206

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZbNRDQAAANuGEwN6

Request Chain 207

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbNRDQAAANuGEwN6

Request Chain 208

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZbNRDQAAANuGEwN6

Request Chain 209

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZbNRDQAAANuGEwN6&img=1

Request Chain 210

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZbNRDQAAANuGEwN6&t=2592000&o=0

Request Chain 212

https://usr.undertone.com/userPixel/syncr?partnerid=32&gdpr=&gdpr_consent=&us_privacy=&r=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D%24UIDENC HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=15w9hz1obdpcvrqyivlpdg0rz

Request Chain 213

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=jSpKdGrSQHigwVRJ-5PR0g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77167203466992872660567968044757492851

209 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.therams.com/
Redirect Chain

https://therams.com/
https://www.therams.com/

510 KB
94 KB

239ms
194ms

Document
text/html

151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fff72fc79ca6bcebb937f4156a84dc4eea443a49195a02cf8a9fb15e844d380c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: public, max-age=5
Connection: keep-alive
Content-Length: 95614
Date: Fri, 26 Jan 2024 06:28:28 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-NFL-Dma: 276004
X-NFL-Geo: country_code=DE
X-Served-By: cache-bur-kbur8200032-BUR, cache-fra-eddf8230072-FRA
X-Timer: S1706250509.595548,VS0,VE186
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
origin-site: LA3
server: envoy
service-worker-allowed: /
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-envoy-upstream-service-time: 63
x-xss-protection: 1; mode=block

Redirect headers

Accept-Ranges: bytes
Cache-Control: private
Connection: close
Content-Length: 0
Date: Fri, 26 Jan 2024 06:28:28 GMT
Location: https://www.therams.com/
Retry-After: 0
Server: Varnish
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-NFL-Dma: 276004
X-NFL-Geo: country_code=DE
X-Served-By: cache-fra-eddf8230135-FRA

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 693 KB
121 KB 8ms
7ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

4b52a34662c5a465a5b3339412a91a8abdbad71bdfdeb321104da2d1486477cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:28 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 32
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 123470
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200160-BUR, cache-fra-eddf8230072-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:16:49 GMT
server: envoy
X-Timer: S1706250509.991218,VS0,VE1
etag: "1da4d5f2a642cbc"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK 73aa97c7b09e54db9991a3b8d928ff60
www.therams.com/compiledassets/theming/ 19 KB
5 KB 17ms
7ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/73aa97c7b09e54db9991a3b8d928ff60

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

4a9e289a3dda7af6cd687c57cbf814c5e29fb4ab990b7002a459ba2fdd6b8ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 775592
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 28
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4021
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200089-BUR, cache-fra-eddf8230072-FRA
X-NFL-Dma: 276004
server: envoy
X-Timer: S1706250509.000808,VS0,VE1
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 33ms
18ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dulN1EiikhiO8GlkrdtHlg==
age: 14125
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6838
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jan 2024 07:36:00 GMT
server: cloudflare
etag: 0x8DC1CAF1C6B4277
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 708858d8-701e-000a-6e3b-4f9d34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84b6b23148045d3a-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 244ms
106ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a17736f1dcbc7001d428bb960455a178bf614a20c570cc8164c24e0a4d06405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29407
x-xss-protection: 0
server: cafe
etag: 586 / 19748 / m202401220101 / config-hash: 11543485900695594775
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:29 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 82 KB
30 KB 183ms
52ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36a4c980bc4024b38e9fd9d167e045c2cba058c6b24b0518facdee5111435578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30223
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 21:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Fri, 26 Jan 2024 06:29:29 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 332 KB
79 KB 44ms
8ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9bac4096a9f98d42d5bd92d50f7cf7f06508cd8997a7c08b95ad567bed8cd71d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 21:57:36 GMT
server: AkamaiNetStorage
etag: "8fa6b95ebe0a00c5a6b330562220d7a9:1704405456.408343"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 80605
expires: Fri, 26 Jan 2024 07:28:29 GMT

GET
H2 200 gigya.js Show response
cdns.us1.gigya.com/js/ 516 KB
169 KB 385ms
340ms Script
text/javascript 23.60.198.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.60.198.68 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-198-68.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3b5b083fa0d4a51d29f733f28ac95bc5ad1cced5ebf0f4d1ce9d1f92752effc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
x-soa: true, Gator
vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin: *
x-callid: 02690ba6b2cd4c76a6942dc239451e32
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-t30
x-error-code: 0
x-robots-tag: none
content-length: 173013
expires: Fri, 26 Jan 2024 06:43:29 GMT

GET
H/1.1 200
OK NflUmdComponents.NFLToken.js Show response
p.nfltags.com/nfl/live/ 426 KB
156 KB 39ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/live/NflUmdComponents.NFLToken.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 6a94d75436ca439f66977aee9f40696609cb8f8f0c71e333a5c3e3822598c889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: Fri, 26 Jan 2024 06:28:59 GMT
Date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 39
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 10
Connection: keep-alive
Content-Length: 159247
X-Served-By: cache-bur-kbur8200059-BUR, cache-fra-eddf8230081-FRA
last-modified: Wed, 24 Jan 2024 19:27:21 GMT
server: envoy
X-Timer: S1706250509.022925,VS0,VE1
etag: W/"65b16499-6a98e"
Vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 375296, 1

GET
H/1.1 200
OK eh9n44eqk2bnwz29jd4u.jpg
static.clubs.nfl.com/image/upload/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/ 6 KB
8 KB 36ms
7ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/eh9n44eqk2bnwz29jd4u.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3408b6970de177a38def029919a6d72a6e629081d3bdbbdb25e5807927bf393e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 46714
Edge-Cache-Tag: 600383695377163217894617516968971774779,480394454469946857818415004125663383920,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 600383695377163217894617516968971774779,480394454469946857818415004125663383920,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="eh9n44eqk2bnwz29jd4u.webp"
Connection: keep-alive
Content-Length: 6574
X-Request-Id: fab747bf5f16c8410b0d5a2b9f2aaa93
X-Served-By: cache-iad-kiad7000129-IAD, cache-iad-kcgs7200078-IAD, cache-fra-eddf8230051-FRA
Last-Modified: Thu, 25 Jan 2024 17:29:56 GMT
Server: cloudinary
Surrogate-Reporting: width=824,height=464,bytes=6574,owidth=1600,oheight=900,obytes=1654691,ef=(1,11,13,17,23,35)
X-Timer: S1706250509.019412,VS0,VE1
Etag: "9dbd142a678fecbabf9a7e69cec2404c"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK wt5eqwdx991f1jifzpqa.jpg
static.clubs.nfl.com/image/upload/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 36ms
8ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/wt5eqwdx991f1jifzpqa.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d7246351e5ad74131a63e1bb9d55bbb6507eb5c5e818d58c7df456c1eb86ff35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 22409
Edge-Cache-Tag: 386593596690397635522824493907425972909,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 386593596690397635522824493907425972909,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="wt5eqwdx991f1jifzpqa.webp"
Connection: keep-alive
Content-Length: 1694
X-Request-Id: 9fcdd2e509a2e36f777f965281f29687
X-Served-By: cache-iad-kiad7000105-IAD, cache-iad-kcgs7200079-IAD, cache-fra-eddf8230029-FRA
Last-Modified: Fri, 26 Jan 2024 00:15:00 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,bytes=1694,owidth=1920,oheight=1080,obytes=978542,ef=(1,11,13,17,23,35)
X-Timer: S1706250509.020110,VS0,VE1
Etag: "ae74652f247f5dcfd1fc9fa86d49116c"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 77, 1

GET
H/1.1 200
OK lwksbz44ohlvosmntjvo.jpg
static.clubs.nfl.com/image/upload/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 8ms
8ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/lwksbz44ohlvosmntjvo.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ea1fc031348ed2234403b920f264b5e4367d851e26dbdeca232be7a973d02b67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 125072
Edge-Cache-Tag: 388819441737233734391432248930444776102,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 388819441737233734391432248930444776102,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="lwksbz44ohlvosmntjvo.webp"
Connection: keep-alive
Content-Length: 1998
X-Request-Id: cc7bd129e45ecb37aea8fd2433406bfd
X-Served-By: cache-iad-kcgs7200063-IAD, cache-iad-kcgs7200063-IAD, cache-fra-eddf8230029-FRA
Last-Modified: Wed, 24 Jan 2024 19:43:58 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,bytes=1998,owidth=1920,oheight=1080,obytes=592169,ef=(1,11,13,17,23,35)
X-Timer: S1706250509.045322,VS0,VE1
Etag: "148dd0f865d91bf6b5eb61cc2a7f8e07"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 2, 1

GET
H/1.1 200
OK jgmzxcdlmc1udcjig1vg.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 8ms
8ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/jgmzxcdlmc1udcjig1vg.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 451d404c418a7bb949e4fc1450eca798734b2fd4e187195a998c3673b0c1b4e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1046532
Edge-Cache-Tag: 414550630393975244236302887934816774136,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 414550630393975244236302887934816774136,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="jgmzxcdlmc1udcjig1vg.webp"
Connection: keep-alive
Content-Length: 1798
X-Served-By: cache-iad-kcgs7200141-IAD, cache-iad-kcgs7200139-IAD, cache-fra-eddf8230051-FRA
Last-Modified: Mon, 24 Jan 2022 16:03:43 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,owidth=1920,oheight=1080,obytes=957666
X-Timer: S1706250509.045869,VS0,VE1
Etag: "5dcee8000b3bbe577a3d8cff8f8c3e48"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 9, 1

GET
H/1.1 200
OK xoaqlyrqdqfldcnul3kg.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 7ms
7ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/xoaqlyrqdqfldcnul3kg.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 82515c0f922258f4154443f676019e7a222f85afb23bc81ceb616ac055ac61bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 87e02820e63ff6cf9cd98d9efbaab1fc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1981616
Edge-Cache-Tag: 577822122912920262004273880752820954225,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 577822122912920262004273880752820954225,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="xoaqlyrqdqfldcnul3kg.webp"
Connection: keep-alive
Content-Length: 1292
X-Served-By: cache-iad-kjyo7100030-IAD, cache-iad-kiad7000128-IAD, cache-fra-eddf8230029-FRA
Last-Modified: Thu, 19 Aug 2021 17:31:28 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,owidth=1920,oheight=1080,obytes=75095
X-Timer: S1706250509.054599,VS0,VE1
Etag: "228d1d1d332588f027c1cf6bf8bec59e"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1011, 1

GET
H/1.1 200
OK ztcma5xrd6glocaalglw.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 8ms
8ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ztcma5xrd6glocaalglw.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e953e253e27a3f7f474759e538f54a2dd15fcf6f900186ddb4d8496365b003c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 841763
Edge-Cache-Tag: 537203403857064632587972563710323570993,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 537203403857064632587972563710323570993,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="ztcma5xrd6glocaalglw.webp"
Connection: keep-alive
Content-Length: 1054
X-Served-By: cache-iad-kcgs7200113-IAD, cache-iad-kjyo7100154-IAD, cache-fra-eddf8230029-FRA
Last-Modified: Fri, 02 Jun 2023 13:31:54 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,owidth=3840,oheight=2160,obytes=5027986
X-Timer: S1706250510.594711,VS0,VE1
Etag: "24f47ba67f32fe739a9fd7cf24467d5a"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 42, 1

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 8ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 32
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200030-BUR, cache-fra-eddf8230054-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:09:55 GMT
server: envoy
X-Timer: S1706250510.611392,VS0,VE1
etag: "1da4d5e33abdeca"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 693 KB
121 KB 18ms
7ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

4b52a34662c5a465a5b3339412a91a8abdbad71bdfdeb321104da2d1486477cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 32
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 123470
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200160-BUR, cache-fra-eddf8230054-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:16:49 GMT
server: envoy
X-Timer: S1706250509.002529,VS0,VE1
etag: "1da4d5f2a642cbc"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK 73aa97c7b09e54db9991a3b8d928ff60
www.therams.com/compiledassets/theming/ 19 KB
5 KB 18ms
7ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/73aa97c7b09e54db9991a3b8d928ff60

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

4a9e289a3dda7af6cd687c57cbf814c5e29fb4ab990b7002a459ba2fdd6b8ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 788881
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 9
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4021
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200089-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
server: envoy
X-Timer: S1706250509.003092,VS0,VE1
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 84aeb24d-03a4-4fdc-8d4b-371212102069.json Show response
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/ 4 KB
2 KB 58ms
30ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/84aeb24d-03a4-4fdc-8d4b-371212102069.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3a20f434154778f2069e00420a934fbe084f7b986288b1eabfa528a29329700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 19639
content-md5: nRW70YTj/QOMhflOC92Ygg==
content-length: 1639
x-ms-lease-status: unlocked
last-modified: Thu, 25 Jan 2024 00:06:38 GMT
server: cloudflare
etag: 0x8DC1D39803917C3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2a4b97df-601e-0064-1822-4fc81b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84b6b231bcd23a6e-FRA
expires: Sat, 27 Jan 2024 06:28:29 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 66ms
37ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 84b6b2321c5a39d4-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/ 429 KB
104 KB 19ms
19ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f397381c3df41ea1a4714a1dfea67c1381e25627a18596201af50c40d93ab06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PypTWx4nlFN0E393LXKANQ==
age: 74208
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106526
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jan 2024 07:01:57 GMT
server: cloudflare
etag: 0x8DC1B18065F5741
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 36e9abe2-a01e-00a0-71c2-4dbd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84b6b2351a3e5d3a-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/ 431 KB
135 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a53ae8e402a25abc88acf3fba1840ae7e371df38eee6dc6fc319462f7c2a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2451
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138344
x-xss-protection: 0
server: cafe
etag: 5355839101460123655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 25 Jan 2025 05:47:38 GMT

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1706250509597
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1706250509597

7 KB
3 KB

31ms
30ms

XHR
application/json

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1706250509597

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e878127502e2973c3f51e75850913de20e4c9ea0f8f49a6c7f5405d5c3d652dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-097c24447.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: CvRYGszqR0g=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.therams.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 2032
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-03a8f348b.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: lNuHTFjZSrY=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1706250509597
access-control-allow-origin: https://www.therams.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ 6 KB
3 KB 95ms
8ms Fetch
text/javascript 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: /
Resource Hash: 4f94e34d9405b21b66c51f109f21d37c847d3a0f3dd62b848823382a20721745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:27:57 GMT
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 32
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=15m
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2279
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 12cbddcc966d43e1a6ca16560928a504
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t33
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ltJxxVMT8td3vYJGjZAqUqlHI-UwTESTPAJRc5CAVvm_jnTqMMVRzA==

HEAD /
www.therams.com/ 0
0

HEAD
H/1.1 200
OK /
www.therams.com/ 0
0 7ms
7ms Fetch
text/html 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/

Requested by

Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/live/NflUmdComponents.NFLToken.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 63
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 95614
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200032-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
server: envoy
X-Timer: S1706250510.737232,VS0,VE1
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/html
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/087b425a-69bb-4e97-b19a-3adb4f46f30b/ 88 KB
22 KB 28ms
28ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/087b425a-69bb-4e97-b19a-3adb4f46f30b/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bab3635185f758bffecbdd713e4118b937cc4f518d385ee907afb508e84d9fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 19639
content-md5: s9WfIvoUnC85BjK9jRyAEg==
content-length: 22198
x-ms-lease-status: unlocked
last-modified: Thu, 25 Jan 2024 00:06:43 GMT
server: cloudflare
etag: 0x8DC1D39839139F4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b01381be-001e-0086-0922-4ff53a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84b6b235e8653a6e-FRA
expires: Sat, 27 Jan 2024 06:28:29 GMT

POST
H2 200 token Show response
api.nfl.com/identity/v3/ 1 KB
1 KB 563ms
563ms Fetch
application/json 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/live/NflUmdComponents.NFLToken.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: be-identity /
Resource Hash: afdf02465bb9070aac746864213bc0b78cc606eb6438a9218c283af0823e052a

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-bur-kbur8200152-BUR, cache-bur-kbur8200152-BUR, cache-fra-eddf8230085-FRA
date: Fri, 26 Jan 2024 06:28:30 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: be-identity
x-timer: S1706250510.802005,VS0,VE557
vary: Accept-Encoding
x-cache: MISS, MISS, MISS
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
content-length: 1211
x-cache-hits: 0, 0, 0

OPTIONS
H2 200 token
api.nfl.com/identity/v3/ Frame 0
0 50ms
6ms Preflight
text/html 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Fri, 26 Jan 2024 06:28:29 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230085-FRA

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 9ms
8ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Age: 32
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19260
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200115-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:09:54 GMT
server: envoy
X-Timer: S1706250510.764494,VS0,VE1
etag: "1da4d5e33134e3c"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 9ms
9ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Age: 32
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18232
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200169-BUR, cache-fra-eddf8230072-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:09:54 GMT
server: envoy
X-Timer: S1706250510.764712,VS0,VE1
etag: "1da4d5e33134238"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 7ms
7ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Age: 32
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19208
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200160-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:09:54 GMT
server: envoy
X-Timer: S1706250510.764648,VS0,VE1
etag: "1da4d5e33134e08"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 17ms
7ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Age: 32
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18524
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200160-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:09:54 GMT
server: envoy
X-Timer: S1706250510.775215,VS0,VE1
etag: "1da4d5e33134d5c"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 dest5.html Show response
nfl.demdex.net/ Frame B9FF 7 KB
3 KB 54ms
29ms Document
text/html 54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 26 Jan 2024 06:28:29 GMT
dcs: dcs-prod-irl1-2-v054-074d8d8ae.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 17 Nov 2023 11:52:55 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: T0SuXnXsQx0=

GET
H2 200 id Show response
smetrics.nfl.com/ 48 B
456 B 101ms
21ms XHR
application/x-javascript 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&mid=77362575210299858850552300711940905164&ts=1706250509784

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

c65fffadee44e2a2c126e3c27959185aa0a64b44e78ec115b9deb3f98a200646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.therams.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZbNRDQAAANuGEwN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=77167203466992872660567968044757492851
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZbNRDQAAANuGEwN6

42 B
717 B

34ms
33ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZbNRDQAAANuGEwN6

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0422bf190.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: ghTEKWMqRSo=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZbNRDQAAANuGEwN6
Date: Fri, 26 Jan 2024 06:28:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 731 B
919 B 84ms
37ms Fetch
application/json 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=d06b2111-c846-41e1-a5bc-d1a821277b46&requestId=7bc87c2d-6f4d-4776-a74d-975ce4b3c80e

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

24b472fc4054b5edf1a0c5c93f086a1fe8f432496c3fc457f87edc69f929ead4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 26 Jan 2024 06:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 7bc87c2d-6f4d-4776-a74d-975ce4b3c80e

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 9 KB
3 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=c41cce6388fc9de648a5b106494e7a75

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3a422bdcfc06c5eed831f1729318713595998afd558efae65717e4c017dcb7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 32
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2155
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200103-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.802481,VS0,VE1
etag: "1da4d5f3490dfa7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 Api.aspx Show response
auth-id.nfl.com/gs/webSdk/ Frame B63E 123 KB
44 KB 23ms
8ms Document
text/html 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=15686

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-7.fra56.r.cloudfront.net

Software

Resource Hash

4e79ce568e1b90f3af6a9aa5ed12984eace19ab83399937b92faaf36c96f2e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1644
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 44236
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 06:01:05 GMT
edge-cache-tag: siteid_748934946734,ver_latest
edge-control: !no-store,max-age=15m
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id: qLxGJkFVTmh_aiZL6sE5D39CSH5uWGRQp-FRccbGXhwwu526RCk9EA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 99cf515e4a084541b34731b933b091d0
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t20
x-soa: true, Gator

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 288 KB
27 KB 147ms
147ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1234134301444342&correlator=937058941636720&eid=44809527&output=ldjh&gdfp_req=1&vrg=202401220101&ptt=17&impl=fifs&iu_parts=4595%2Cteam.la%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=100x30%2C100x30%2C300x250%2C300x250%2C728x90%7C970x90%7C970x250%2C728x90%7C970x250%7C970x90%2C728x90%7C970x250%7C970x90%2C728x90%7C970x250%7C970x90%2C728x90%7C970x250%7C970x90%2C1x4%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706250509825&lmt=1706250509&adxs=1376%2C1484%2C1058%2C1058%2C436%2C436%2C436%2C436%2C436%2C800%2C800&adys=159%2C159%2C2163%2C11138%2C263%2C13284%2C10834%2C11643%2C12244%2C13965%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0%7C3%7C4%7C5%7C6%7C7%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.therams.com%2F&vis=1&psz=248x32%7C248x32%7C300x250%7C384x413%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x13964%7C1600x13964&msz=116x0%7C100x0%7C300x250%7C300x413%7C728x0%7C728x0%7C728x0%7C728x0%7C728x0%7C1600x0%7C1600x0&fws=4%2C4%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C4%2C4&ohw=1600%2C1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C1600&ga_vid=1441152227.1706250510&ga_sid=1706250510&ga_hid=58182528&ga_fc=false&dlt=1706250508980&idt=825&prev_scp=slot%3Dbrandedspon%7Cslot%3Dbrandedspon1%7Cslot%3Dcenterpiece%7Cslot%3Dcontent-package%7Cslot%3Dtop%26club%3Dla%26s1%3Dhome%7Cslot%3Dbottom%7Cslot%3Dinpage_1%7Cslot%3Dinpage_2%7Cslot%3Dinpage_3%7Cslot%3Dinterstitial%7Cslot%3Doop&cust_params=s1%3Dhome&adks=635568323%2C1260260643%2C1557077681%2C174351708%2C4025765163%2C3308397316%2C3390192327%2C3390192326%2C3390192321%2C3044010286%2C1381024017&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3105c8995f915f85b37c896de0050697be8b9954b0b13bc8478a53d10ee2bcaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27905
x-xss-protection: 0
google-lineitem-id: -2,-2,6295301662,6488692749,-2,6373810974,6364618761,6401654110,6337319697,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138432734008,138461459928,-2,138445397198,138443588493,138450969729,138438359232,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
207fc6b302864d99d7e75246082c0b5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26F0 6 KB
3 KB 258ms
84ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://207fc6b302864d99d7e75246082c0b5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:28:30 GMT
expires: Sat, 25 Jan 2025 06:28:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 13 KB
3 KB 22ms
22ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ahzhv8ksxqenKV5unOOoXQ==
age: 57840
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jan 2024 07:01:51 GMT
server: cloudflare
etag: 0x8DC1B18029807B2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1877ae59-301e-0024-3677-4dcf23000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84b6b23688cf3a6e-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/ 63 KB
13 KB 25ms
25ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: znhzlsn2QxQm1YhHaMcL8g==
age: 19639
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13587
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jan 2024 07:01:54 GMT
server: cloudflare
etag: 0x8DC1B1804198D20
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 38048f9d-b01e-0015-6977-4d2e30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84b6b23688d03a6e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 21 KB
4 KB 24ms
23ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 54715
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jan 2024 07:02:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e6a312b8-a01e-0054-2377-4d76d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 84b6b23688d13a6e-FRA

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame B63E 6 KB
3 KB 9ms
9ms Fetch
text/javascript 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=15686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: /
Resource Hash: 4f94e34d9405b21b66c51f109f21d37c847d3a0f3dd62b848823382a20721745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=15686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:27:57 GMT
content-encoding: gzip
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 32
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=15m
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2279
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 12cbddcc966d43e1a6ca16560928a504
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t33
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zUQ4Nl1-klJQ_7_OZ4jpP77DBufaBn_N1tMaSAU7xD1ng6cYu3u3tw==

GET
H2

200

ibs:dpid=269&dpuuid=344f65b3-510e-4900-aae5-2a267aefd349&ddsuuid=77167203466992872660567968044757492851
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=77167203466992872660567968044757492851&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d77167203466992...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=344f65b3-510e-4900-aae5-2a267aefd349&ddsuuid=77167203466992872660567968044757492851

42 B
717 B

30ms
29ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=344f65b3-510e-4900-aae5-2a267aefd349&ddsuuid=77167203466992872660567968044757492851

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-089284889.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: vtLlMZi0Tds=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 26 Jan 2024 06:28:30 GMT
Server: MT3 1439 7de8993 master ord ord-pixel-x50 config_version:"539"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=344f65b3-510e-4900-aae5-2a267aefd349&ddsuuid=77167203466992872660567968044757492851
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 26 Jan 2024 06:28:29 GMT

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/functions/ 1 KB
1 KB 20ms
20ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120417
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 558
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200156-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.897204,VS0,VE1
etag: "1da4d5f3490f905"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/functions/ 808 B
1 KB 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120281
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200156-BUR, cache-fra-eddf8230072-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.884757,VS0,VE1
etag: "1da4d5f3490fe28"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/ 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f8a139981532272bfb9a222dca3eecd0302cc336a5b0ec1a4ab4d5de89d7a3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120281
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 15
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1453
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200137-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.884982,VS0,VE1
etag: "1da4d5f3490edec"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/ 2 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120281
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 846
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200052-BUR, cache-fra-eddf8230063-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.884898,VS0,VE1
etag: "1da4d5f3490fa96"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK gigyaLoggedInChecker.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/common/ 4 KB
2 KB 16ms
6ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/common/gigyaLoggedInChecker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

29976a1bb7c213908cf78db48551e916f09fb8b5f0a5c18cb13e8d38a1a943e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120281
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 84
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1686
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200145-BUR, cache-fra-eddf8230063-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.894692,VS0,VE0
etag: "1da4d5f3490f2d8"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 2

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
599 B 31ms
31ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 5189
x-ms-lease-status: unlocked
last-modified: Thu, 25 Jan 2024 20:55:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3b000f05-501e-0050-1d13-50fbd3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 84b6b236eb405d3a-FRA

GET
H/1.1 200
OK All-ProSans--semiBold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
19 KB 8ms
7ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--semiBold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Age: 32
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19112
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200053-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:09:54 GMT
server: envoy
X-Timer: S1706250510.894693,VS0,VE1
etag: "1da4d5e33134fa8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
493 B 22ms
22ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 4396
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jan 2024 07:36:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: edd4a054-a01e-00a0-74be-4ebd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 84b6b236d90d3a6e-FRA

GET
H2 200 National_Football_League_logo.svg.png
cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/ 68 KB
68 KB 20ms
20ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/National_Football_League_logo.svg.png

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Gz5DzPx+xXH6/nhkr1Zhpg==
age: 9756
content-length: 69278
x-ms-lease-status: unlocked
last-modified: Mon, 22 Aug 2022 17:40:20 GMT
server: cloudflare
etag: 0x8DA846562873955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5c917404-901e-005f-6883-f08dbf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84b6b236eb445d3a-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 22ms
21ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Jan 2024 06:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 85262
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jan 2024 07:36:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 184291a8-201e-0038-2a42-4f9d43000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 84b6b236eb475d3a-FRA

POST
H2 200 interact Show response
sedge.nfl.com/ee/irl1/v1/ 587 B
740 B 117ms
61ms Fetch
application/json 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://sedge.nfl.com/ee/irl1/v1/interact?configId=d06b2111-c846-41e1-a5bc-d1a821277b46&requestId=cd8c6c3c-1fcc-46ee-ac60-a32c11ba9458

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

64800b4c232d3c5651b32380e6d40dd7441b24a6379372adf68b36c7540354f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 26 Jan 2024 06:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: cd8c6c3c-1fcc-46ee-ac60-a32c11ba9458

GET
H2 200 accounts.webSdkBootstrap Show response
auth-id.therams.com/ 199 B
1 KB 564ms
473ms XHR
text/javascript 18.245.86.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2F&sdk=js_latest&sdkBuild=15686&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-107.fra60.r.cloudfront.net
Software: /
Resource Hash: 95c3382f5188f2cae047c8177a34a27b66b166789a35aac767019d6db48d4105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
via: 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code: 0
content-length: 174
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.therams.com
x-callid: 2d514180b17d474f888729df257deba6
cache-control: private
access-control-allow-credentials: true
x-server: us1d-nomad-t32
vary: Origin, Accept-Encoding
x-robots-tag: none
x-amz-cf-id: 9iiM_uKMcEpew1EW6puVWy4evgZ3fjVqMjSwwuG7ETLfsJ9_XL1xLQ==

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/ 93 B
910 B 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120280
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200106-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.921684,VS0,VE1
etag: "1da4d5f3490fd5d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/addons/services/ 180 B
951 B 8ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120280
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200067-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.921808,VS0,VE1
etag: "1da4d5f3490fdb4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK locationHelper.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/ 1 KB
1 KB 10ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/locationHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120280
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 550
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200165-BUR, cache-fra-eddf8230063-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.923430,VS0,VE1
etag: "1da4d5f3490f95f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK gigyaHelper.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/ 3 KB
2 KB 10ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/gigyaHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a19a9f185ab862539303b8432d1382f7adf07dcd379052a4e1b8fccd87d06188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120280
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1063
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200077-BUR, cache-fra-eddf8230072-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.923442,VS0,VE1
etag: "1da4d5f3490f763"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK menuDropdownsService.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/services/ 7 KB
3 KB 11ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/services/menuDropdownsService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

21526c41f30608596fa5a57e2c8f77d8443d33b5f6304c5b5f2f7bd47ef3c04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120280
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2117
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200141-BUR, cache-fra-eddf8230126-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.923476,VS0,VE1
etag: "1da4d5f3490e1ac"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 44ms
9ms Image
image/svg+xml 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 6962748
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=4;cpu=2;start=2023-08-16T17:08:40.499Z;desc=hit,rtt;dur=0,content-info;desc="width=500,height=500"
Content-Length: 3390
X-Served-By: cache-iad-kcgs7200127-IAD, cache-fra-eddf8230120-FRA
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1706250510.969110,VS0,VE0
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 55020, 3

GET
H/1.1 200
OK vln0crx1x1jmyo1kv5ys
static.clubs.nfl.com/image/upload/f_auto/rams/ 91 KB
92 KB 10ms
8ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/f_auto/rams/vln0crx1x1jmyo1kv5ys
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ee1624401ac9bb7e00f7d7ec3f1a7fee4dab71e3b3037244783eee706ed698d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 fdb52cd1c10dcf08197f1215fcd8e512.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 558010
Edge-Cache-Tag: 298087173627287296963740229170922957335,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 298087173627287296963740229170922957335,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="vln0crx1x1jmyo1kv5ys.webp"
Connection: keep-alive
Content-Length: 93106
X-Request-Id: 2b1f099749c330d93d7f89921d707231
X-Served-By: cache-iad-kjyo7100161-IAD, cache-iad-kjyo7100087-IAD, cache-fra-eddf8230029-FRA
Last-Modified: Fri, 19 Jan 2024 19:28:21 GMT
Server: cloudinary
Surrogate-Reporting: width=2500,height=350,bytes=93106,owidth=2500,oheight=350,obytes=544427,ef=(1,11,17)
X-Timer: S1706250510.933832,VS0,VE1
Etag: "ecf0e14981fff5d52597a310993a325e"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 18, 1

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/jquery/ 105 KB
40 KB 8ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/jquery/jquery-3.6.0.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120279
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 39864
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200036-BUR, cache-fra-eddf8230126-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.934445,VS0,VE1
etag: "1da4d5f349159e7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK sha256.min.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/sha256/ 9 KB
5 KB 8ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/sha256/sha256.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120279
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3888
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200150-BUR, cache-fra-eddf8230072-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.934869,VS0,VE1
etag: "1da4d5f3490de39"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK nflTokenHelper.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/ 3 KB
2 KB 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/nflTokenHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120279
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1146
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200108-BUR, cache-fra-eddf8230063-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.935158,VS0,VE1
etag: "1da4d5f3490f616"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/ 7 KB
3 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

56369ff57d2e20525b62ef7e4b4d8f55f6de6e15dd3a751a4ba6f06e71bc61d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120190
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2504
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200133-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.936058,VS0,VE0
etag: "1da4d5f3490e168"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 775

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/ 2 KB
2 KB 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120190
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200143-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.936210,VS0,VE1
etag: "1da4d5f3490facf"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK md5.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/md5/ 4 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/md5/md5.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120278
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1714
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200065-BUR, cache-fra-eddf8230110-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.938846,VS0,VE1
etag: "1da4d5f3490f226"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/ 2 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120278
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200068-BUR, cache-fra-eddf8230126-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.984299,VS0,VE1
etag: "1da4d5f3490fb20"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK deferredService.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/services/ 751 B
1 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/services/deferredService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120277
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 402
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200070-BUR, cache-fra-eddf8230072-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.984920,VS0,VE1
etag: "1da4d5f3490ffef"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK stringHelper.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/ 586 B
1 KB 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/stringHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120277
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 392
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200089-BUR, cache-fra-eddf8230110-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.984857,VS0,VE1
etag: "1da4d5f3490ff4a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK dateHelper.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/ 287 B
1004 B 10ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/dateHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120276
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 202
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200030-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.985053,VS0,VE1
etag: "1da4d5f3490fc1f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK objectHelper.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/ 395 B
1 KB 8ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/helpers/objectHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120277
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 262
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200129-BUR, cache-fra-eddf8230063-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.984938,VS0,VE1
etag: "1da4d5f3490fc8b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2

200

pixel.gif
load77.exelator.com/ Frame B9FF
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77167203466992872660567968044757492851
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77167203466992872660567968044757492851&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
461 B

113ms
6ms

Image
image/gif

2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 26 Jan 2024 06:28:30 GMT
x-age-lb: 201379
x-amz-request-id: tx00000c5cc302da9b09107-0065909fa7-5134150-nyc
x-77-cache: HIT
x-accel-date: 1706049131
content-length: 43
x-77-nzt: A9RmOLQ3Nzf/oxIDACUTwjE3Nzexz9PUZsL7wAA
x-accel-expires: @1707085931
x-77-age: 201379
x-cache-lb: HIT
last-modified: Sat, 30 Dec 2023 22:32:08 GMT
server: CDN77-Turbo
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray: 6d204d11c5e6917b0e51b3650ad6f70f
content-type: image/gif
x-rgw-object-type: Normal
accept-ranges: bytes

Redirect headers

date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/jquery/plugins/ 803 B
1 KB 10ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120278
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200143-BUR, cache-fra-eddf8230126-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.995273,VS0,VE1
etag: "1da4d5f3490fe23"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/js-cookie/ 2 KB
2 KB 11ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120278
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200060-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.995289,VS0,VE1
etag: "1da4d5f3490fae6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3166 0
0 88ms
87ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ3lw-NtBxUBGVhr_04aLBsQ1dqSbU3jhys1FpK7XePuVk7oJANrnsQQi0O3p84rzuJRVmssdfaqhkj20rQLrHPK0pxhdwXFbrR7kE2s8iIlZFngCd00HdietsuqlZqmElcbeBPhtIE4xEcF9pfHXlhyhl3X_oUE5cMg_qg7rTFewECtKYOOxI4No5dEWlnsmacUwlnzxsXM4x7Gt1XQG7kFofwVyqCBEUqmszmY-n9xNPrhBrN4pSy0O5LLoCLkR5Veer7QF5FkkqArH5HS0b00F60RPSLqcSWKkWW-gABvi07F5ZC8QTkUJyZVSFepgByRCBh9zq1pf11HCA&sai=AMfl-YTOXTMc526P1fsoWZgzJzFo7z6AYuqVAuyJPbzGlI0Pc4bdm4t0Cl913LyQr0aVJ9YjufGPUs-KUlbY453_LfGmp2haE8NVioyC3CEpfXqgOCGoeSRnIOpOpMy5kXxzpMR_u38ch5SlxP0CAXAKsrCE&sig=Cg0ArKJSzAW_nDzeEnPiEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 3166 3 KB
2 KB 170ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:33:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3166 205 KB
65 KB 198ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 394546832393105155
tpc.googlesyndication.com/simgad/ Frame 3166 99 KB
99 KB 316ms
199ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/394546832393105155

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6e9d3723d44cbff030dc5f5ef771f9e664a34c8b045513ecfaa47329238a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 05:19:15 GMT
date: Wed, 24 Jan 2024 05:19:15 GMT
x-content-type-options: nosniff
age: 176955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101302
x-xss-protection: 0
last-modified: Fri, 05 May 2023 21:47:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03C6 0
0 86ms
85ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbayYWFlCNOQWcrafgc4uqpzHD64hyE9hMzQQ0g1prN19CsoNqPKADJ6BnwTVPbDZ-pOrUenPZWmQROA3jPcbSrInvXF_NPIhm1xVMCORC_yeuD81EMymQvnPdb7QmTLFEvxJuF6Pge-_LAGWBXEI3EKhJT5yPOU32WbwR6pAe8dOkNi2Oby7U74tPzAbvBkooDv4bB_EuiDwPNAl0mAJKVxAItzabjVTNS1D4nzHn-ToIEDLM2s154mVzuNX5JVj5vP2ImcEwhpRO4W9KMgiZApChFAa89Q1h1Atpm2Fiq3XN8teS5PFLoXmo6KNhbps6MgN0GBqaOmlFucI8&sai=AMfl-YQySRKCMt1Cd-FpIE3lECG3O81ZKjfvc_kM-m5emEi82oKMcFOQF9m6rS5R8YUdcwFe_PnDzU9fIENS2kWGhb3wRsw2dtXQOXgzMg0TzpVN5FcxY0PIah8QJuXNcrIhAQEjLyC1ymJsD3bI-90nMyq8&sig=Cg0ArKJSzLDFggh6m_goEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 03C6 3 KB
1 KB 154ms
55ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:33:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03C6 205 KB
65 KB 320ms
213ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 16779562288960477255
tpc.googlesyndication.com/simgad/ Frame 03C6 44 KB
45 KB 311ms
212ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16779562288960477255

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c80afcd3ad2e0f5c0b1590b635b69e3999a3ff7f69967b1221c71f742358be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 22:49:49 GMT
date: Tue, 23 Jan 2024 22:49:49 GMT
x-content-type-options: nosniff
age: 200321
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45465
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 18:35:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBD2 0
0 85ms
85ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5fg0gQD0Q-mh0d7KYz741b79jfJ6XOnL9moX6AwRCEBbOr3uGKgcIrTQA-c9iN92LTN6O-9x4ror8uycUtwYrBv7a6mteE84P-vkw8Hh-ddGYmzQXj7UEdyZZWAwY90Fi_kSOY6BsADshx-KvIvk329k_DTa9NAbCwlKN1PqCl9gi1Zt5zdZrGPH1lw-60JqP5D0OoF2vpEFk9zQzDkdmLelvE4-7gDgp9KNA3Pc_aN28H1maKIwdcrTVwmbibam48Oh0su4dB5M7F8FWh24xDnCLw4Bt2hzeS9XlYyy_V-edMGkk40c5wu2el92qH-65djPhJUi0B41eVCah&sai=AMfl-YRFw9YhNTA28J5JKX9KiSQoJ-C6aYw7eM624NZ14sW9OjashcZZSNS9CKjUuMyW7mJu0DT3geiGJUAL9UZ_wGAomxw2Zyl6BmkdviF-43eezPOKVupZU0jFxnnCo3GkpjN6o9SaV58lzlsTuavMtF3a&sig=Cg0ArKJSzGBOAvJM2qAFEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BBD2 3 KB
1 KB 357ms
263ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:33:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBD2 205 KB
65 KB 267ms
165ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 2396762351439815156
tpc.googlesyndication.com/simgad/ Frame BBD2 36 KB
36 KB 349ms
255ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2396762351439815156

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0089b4981938f78d1fce5e2142ad697be916e711d779652c51ba08c228f280c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36356
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 20:56:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Jan 2025 06:28:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 50C4 0
0 86ms
86ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssguLiBpIJyTEKBTtXKCjJtyKl2DChLO6JuglCFmXtU-FUbdvUvpb4DIO1RXrUZiUwdP1yDZlRs2BKiTTEhZHWMqYefHbtkVCHLl9QKYIN4_xtD8Fk8sPzZFWQHAO5xwTtozZMKH6Tc-MDeTgJ82susdB1vmql9q2pUPwzEvVTKRc8GPwVMxMjokpDlgtbPvaFSGzsMpqyJ_jL5WsSYPtFH3TNRvclPDHJsZt2J7ccTl7SZAY_EdRjttKKPDWPp7b2mx_0B2G0sIF8gbejKahIgcgtsanYzZ_Vc6hqDwIKNHqUWSWvMYftogRNZMDy-RnTPloKOW7ckO68aAJHf&sai=AMfl-YRiqgSTRkB0N7o1KHIlwJxQ8CF6-AxYoZdSeD-dUKDywWeqEA7s3ehMozdFuJjJgXJYm2D7Liv3sA8885tUR6o0v5W9L_WHbqZrxRjBGpfY4V38Rq4a6th4HZEvSU-17kuj0j3Ao_XMUJhZj4RmMAbt&sig=Cg0ArKJSzGy7btfwEmQUEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 50C4 3 KB
1 KB 259ms
259ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:33:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50C4 205 KB
65 KB 278ms
181ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 9569120225884267243
tpc.googlesyndication.com/simgad/ Frame 50C4 119 KB
119 KB 124ms
56ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9569120225884267243

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0287efa7f1ed49b833957fe52fd39abbcaa5bfa7cdc96906678371855d6ba505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:06:08 GMT
date: Wed, 24 Jan 2024 01:06:08 GMT
x-content-type-options: nosniff
age: 192142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121402
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 00:21:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 191F 0
0 86ms
86ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYV7g8HE63Y-PNFxDvkbexgITmxxLZctw5Eqe2VWisFpMkt7hdP5N7wRDeVZwsiL0M_aTWZmEEBe6rS5FvZnuYqyGYLW30Nw5PPaA5yyccm9vrhqZqMlTDY7zV8y80zRMg7Vf57FhCGBDuzNDGHrqKArRbKSSoP_CszN93PHN4qei_6IzURY87VvrR0ytsZdtHvNBYe8Aphk7V_lpGqp3Y_bm60cYLU4iqa4Wsuzs4esGaMSVGLotUcDIg3gJhIrjfNGhKq9upQ6iQBMjKlJk0SvyBzXRJfU1jrYrXbrIIcD6mwE7tUin1ZN2ZscUXMFWZ97QJm7__FqpNouju&sai=AMfl-YSjE9GfloWmOByHJufXRQXFE8-z8blH79WieQxoVoq-d0oOWxtV0JPQ3DAHJRsZ0JxOivEPbOY0xvWPQegSZH5numG0k3GSUcNWtmCPe9Rz2qL_EG0Bq5Ps6D3b5bGzZhAynxy_Q5R7ralz4FTxZAr1&sig=Cg0ArKJSzF-ZYSqujZbxEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 191F 3 KB
1 KB 260ms
260ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:33:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 191F 205 KB
65 KB 295ms
204ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 1638750143394135045
tpc.googlesyndication.com/simgad/ Frame 191F 16 KB
16 KB 188ms
120ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1638750143394135045

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cec2a74d34a2dfb29d277f7f579c29f04154b10de5219b50999f105e89ce7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:06:08 GMT
date: Wed, 24 Jan 2024 01:06:08 GMT
x-content-type-options: nosniff
age: 192142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16035
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:09:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0ABF 0
0 85ms
85ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqKpjniV3K1a4Ao3YgZx7dO0jHioCLoDbv7mN1zse3PvU1LMeMGIYRpnDu9M9YJiX4D4O85pTaeBTL-iNmWJe8owFaeZ2TKF2ExTQdjhColoHtt4YxKjcsQwFqNwpkUwoC80JCcs428Ec1AgfFoHiqAmCrhqMcNRt17yqWMhZrl-k2QC9dSNwhCXwtYeKvzg2E69jJofHQp7La3IgZ3QF6oazbCvSvFvDI61v1fwKugDUrOc5mpuuUH8Jn0PXzaShNHEty8ycnIx1dPpsgULnjTkzhXfB9p0Dwg1T6ePUbRjjo5Z9qGynp4v-vB8GR0xLFQ7joW6F4NPQBwBjV&sai=AMfl-YSgzo5uGzEewfPU4JYSsd59ziC1UY4CSZOW2TgH_Q3f8Ht9H8mvWv2vN2VeAaLFgEZuVYttgooF1FEItaIVjdt7wo7Ob855d7HwSRHXuEQ8X6eDiy4O0ezt2uBPEXN2mLbNW3ZMcgY_m7JFTAOOjNai&sig=Cg0ArKJSzNQxunrydq-GEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 0ABF 3 KB
1 KB 261ms
261ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:33:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ABF 205 KB
65 KB 316ms
234ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 16080041927139280030
tpc.googlesyndication.com/simgad/ Frame 0ABF 41 KB
41 KB 313ms
245ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16080041927139280030

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3da4da16760caf1db80c47705dc61efdd0a41555b34d38a241861a22cb70893f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42070
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 21:42:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Jan 2025 06:28:30 GMT

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/autocomplete/ 13 KB
6 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120189
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200154-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.056858,VS0,VE1
etag: "1da4d5f3490cf9b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK carousel.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/ 3 KB
2 KB 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/carousel.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c1427ebe9e4aea71d8320c0ca7e13d059cbdbaa6d0c5456d29f8d714e2bb076b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120186
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1191
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200127-BUR, cache-fra-eddf8230126-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.056617,VS0,VE2
etag: "1da4d5f3490f62d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK tabs.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/ 822 B
1 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/tabs.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120176
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 471
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200110-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.056742,VS0,VE1
etag: "1da4d5f3490fe36"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
DATA 200
OK truncated
/ Frame 3166 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f40afc8457ed1add36faccb0c26e8d65d5c613e3bc236f1bb093293cbfee9a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 03C6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228642054750cd29bfdbba2288f9df9e10f4c1d46da5ea1ccfa926598f09d04f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BBD2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0ac6fc0c8fd6868ff7653040cbd859ec3d8799fb6352e1272053ee8a84d92bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 50C4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abf45f81e139a0f47ace8c3996c513a75806377d830ce79de97041b7a851d66f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 191F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56fcaa6ca0bbb2ce7bc8450a449052c284d62103d7c18689b899394aceaf94b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0ABF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58ffee43acf37dc1b773550c480c64e9c3a36ed7065013d38873e3c7556b03ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK tabsCore.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/core/ 1 KB
1 KB 8ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/core/tabsCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120176
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 581
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200109-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.072202,VS0,VE1
etag: "1da4d5f3490f9f3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK carouselCore.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/core/ 2 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/core/carouselCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

90ada510953d8fdbbf2337a3eecfeed8788fd036fce40714c4b1ec1d47170317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120186
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 766
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200174-BUR, cache-fra-eddf8230126-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.075236,VS0,VE1
etag: "1da4d5f3490fb6a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK keyboardNavigationService.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/services/carousel/ 4 KB
2 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/services/carousel/keyboardNavigationService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bcd2cdc5985a1cac0f1ee443788c768f2f9a5524aafbe9b2e2b4456575b8f2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120185
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1374
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200035-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.075202,VS0,VE2
etag: "1da4d5f3490f23d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/ 530 B
1 KB 8ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120186
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200093-BUR, cache-fra-eddf8230110-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.075251,VS0,VE1
etag: "1da4d5f3490ff12"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK owl.carousel-2.3.4.min.js Show response
www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/owlcarousel2/ 49 KB
15 KB 13ms
13ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/vendor/owlcarousel2/owl.carousel-2.3.4.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 120185
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 14875
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200063-BUR, cache-fra-eddf8230110-FRA
X-NFL-Dma: 276004
last-modified: Mon, 22 Jan 2024 18:17:06 GMT
server: envoy
X-Timer: S1706250510.095718,VS0,VE1
etag: "1da4d5f34903e49"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2

200

ibs:dpid=359&dpuuid=PP9psXrI1RtfHw5
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=PP9psXrI1RtfHw5

42 B
717 B

30ms
30ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=PP9psXrI1RtfHw5

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: XHY00rLRSSk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 06:28:29 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-01d275e55739701ae@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=PP9psXrI1RtfHw5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uvgflu8sw6mbdgminnyj.jpg
static.clubs.nfl.com/image/upload/rams/ 441 KB
442 KB 10ms
10ms Image
image/jpeg 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/rams/uvgflu8sw6mbdgminnyj.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b7864b0025eda57823ecbe67b5921e4d3e1e7447aecd6049b9263140e4ab1b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 312f8b716ad43246758aa8031a8e0342.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 956720
Edge-Cache-Tag: 497601724912251320536419746849778368762,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 497601724912251320536419746849778368762,c34f21cfe162ce329654d565922e8c70
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Connection: keep-alive
Content-Length: 451979
X-Served-By: cache-iad-kcgs7200143-IAD, cache-iad-kcgs7200045-IAD, cache-fra-eddf8230029-FRA
Last-Modified: Mon, 15 Jan 2024 04:43:01 GMT
Server: cloudinary
Surrogate-Reporting: width=3000,height=200,bytes=451979,o=1,ef=(17)
X-Timer: S1706250510.099350,VS0,VE3
Etag: "cb35a4d7d0cc7d4c58033e6a905a47a1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 89, 1

GET
H/1.1 200
OK eh9n44eqk2bnwz29jd4u.jpg
static.clubs.nfl.com/image/upload/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 52 KB
54 KB 7ms
7ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/t_editorial_landscape_8_desktop_mobile/f_auto/rams/eh9n44eqk2bnwz29jd4u.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2394606566bd2d0792b4829cedb17f1c18af0009d537f2b25ecee8ec84b9c0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 46676
Edge-Cache-Tag: 600383695377163217894617516968971774779,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 600383695377163217894617516968971774779,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, MISS, HIT
Content-Disposition: inline; filename="eh9n44eqk2bnwz29jd4u.webp"
Connection: keep-alive
Content-Length: 53702
X-Request-Id: 37bf66b1732e69b1424afc616c1f02cf
X-Served-By: cache-iad-kjyo7100176-IAD, cache-iad-kiad7000113-IAD, cache-fra-eddf8230051-FRA
Last-Modified: Thu, 25 Jan 2024 17:30:35 GMT
Server: cloudinary
Surrogate-Reporting: width=824,height=464,bytes=53702,owidth=1600,oheight=900,obytes=1654691,ef=(1,11,17,23)
X-Timer: S1706250510.099567,VS0,VE1
Etag: "3677ffdac15e891227f1bd5ecf8b4fee"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 0, 1

GET
H2

200

ibs:dpid=358&dpuuid=6912272092328135261
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6912272092328135261

42 B
718 B

30ms
30ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=6912272092328135261

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-077de999d.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: +xziC/TQQeY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
an-x-request-uuid: cf591a73-d77e-43c9-8b77-05a46f8faa1b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=6912272092328135261
x-proxy-origin: 185.213.155.161; 185.213.155.161; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ibs:dpid=470&dpuuid=3217190738923883784
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3217190738923883784

42 B
717 B

31ms
30ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3217190738923883784

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0fcaa6a4f.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Oudf89H6RSY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3217190738923883784
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6AA8 60 KB
15 KB 108ms
35ms Script
application/javascript 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5222449639&chanId=21734991026&placementId=6295301662&pubCreative=138432734008&pubOrder=3200570583&cb=356466560&adsafe_par&impId=&custom=centerpiece&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f82ffdc673fa4a7a394571fe0a6321cfb93d693ea62ae58db9b9e4946086ac32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3166 0
0 188ms
85ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutNga5i1IxqegWk09Dk8qnHlHsI9ocxhB2Td65Sq1M-ix3CKgk3cPfBqgUAC5MfDSLbTT2es6S3CCNUX-1Y3LMmx-zCUF3plnD4GNbP8K67kgjm07d_vudqYlF7XVg5-8J3jGbMEWMhFtWoT723E8rC_l1FmVjX_3jkHpDwfR8eX5oWtq-2hmWrD5CCbjg9d_mjfa7JuIoAQu-CQBvdPhlYzlP8-czVaZq06hgz3UjPjnL42VVuGwVWlX-PE0x3zxSfOXZB7eEie8GKnJWZvXWiKZdtuvvkztUgprK8aWYly79ELnZ-b-8YdSwpBypa3A-bN6-p83zaUTsfGpfcIs&sai=AMfl-YQ81nXOKOY_VK9Mg_TNxXAi54fQQt8oR6bxT5AfwBtYDA3SreJcAmalKcM8K_JCQhzEQ1f3HN7cn9i0IVyStog749lBhiN9tZlv6kkDls1-TQHGPL5ilt9-ejw3-NXEIslHY-0zjvQfJd_hjF9x-9wO&sig=Cg0ArKJSzMPYhTsUW-b_EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2

200

ibs:dpid=134096&dpuuid=2024012606283000014016612231
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=77167203466992872660567968044757492851&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2024012606283000014016612231

42 B
717 B

30ms
29ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2024012606283000014016612231

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-026f8435a.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Uq4QO69eTn4=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2024012606283000014016612231
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03C6 0
0 145ms
84ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUQC3iwq2Yhm01mWu0av17bkhwws9Dx2o3-Sc-B4RlqCpZdjtRJaAvIjWcvTrd_lhdGExv7q3zrqFPmKetFLh8Px5phrQrucO3boSfl3hO3RCZQbTrpNRTg_1M2nPcm02Znce-UAdXlyTSamHCFusZSJkp7jQVO7UX0-nK5uzK2-CzNPs6tMXVkEy8esOxDK9aTB5naOCH55blwHptT39CPNfw9a2ftIJLauhA03v7bWcV7mZTrY6aRMUlDbowYA-CIWpbE0wHOueGK-XvajUETr1Kp5rkR-VfsoJHCDKjKPbt4vqGU-D8lO8P_PwWAmEtdOm_02fWS_qkCN39Pgc&sai=AMfl-YQxvmtG2FY9bRHN2AnCuNMmHzaj8My4dazgPV3KD2VOIfCbocYCOU80i0P6o6Bthb1kh3Pe1J6E7lFxE5dmmF4KLX6wwP3fqBTLsRoFtUjyvQes_clOQQZl6aU3RFOHkA_k718w37WoOCmHfccyu9ZF&sig=Cg0ArKJSzLE0vOqFjXMjEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 5CEB 61 KB
15 KB 38ms
37ms Script
application/javascript 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5426111950&chanId=21734991026&placementId=6488692749&pubCreative=138461459928&pubOrder=3337027668&cb=2106554854&adsafe_par&impId=&custom=content-package&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9abb02fbc0db35214be997cd7f31d1223da13ec62dd002207df1fdf8aa18ee7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBD2 0
0 125ms
86ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9SH0OPUEUwzKaFmfEPyR5_WvAybvf6rod00Uxs7UG2E9nCB3yZCBRUvUxgoxF1ueytkmAaMcKAUaK9dIltOxOOAh236hQN-3xuq6GLMurgifIZrBEm83aHHCdDVi_FyvzkQgUmWB8lsFuc75-fLa07S40_S7iZtOWqHxrH3_DZuU-hZwZjuI5-frueXZ7FmYnHyXjy0JYwUmnh82bUDvYj6Sq3MoQynGnr7BluHwskCxuNCn0buZwqOLSNtQJmgMx1JFrjLEbBcJkTcSFdncTev924OWqJDE5_eO8efuKyhnqZzbDR5TDc9iid1K9zjcQNPKRFHjhaWNskYJ74Pw&sai=AMfl-YRXElRUE2Norb_B1s6IzdBpsm1Wtk5x6TAC-2aHBm_TwX2_YXE2OFR5AUKLsFs3ibtp5f2HH_DyQ9QIQSx33wwCzVP-YM2AruIbIs5pAukU2jP1S_d7cG_6D3RBMgxledrRxGp7QzBWijXm6W-4yaTq&sig=Cg0ArKJSzKSHjbjc3O0wEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame E242 60 KB
15 KB 37ms
37ms Script
application/javascript 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5349386397&chanId=21734991026&placementId=6373810974&pubCreative=138445397198&pubOrder=3248104450&cb=491662692&adsafe_par&impId=&custom=bottom&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3777a970c481189b7cedba929e89a12fae4e88f672527fe1c41586c5553cf62a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 50C4 0
0 110ms
86ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdQuUvo8JMFuHXzkevZ6ZpXEjQRcGdUSZHTIczmuhnXyiOKPUTW92uNcwLhSUDRnkYm3xEx6TotsfMPboxZbuevFBQ5NqZUTQheaa-E8WEPBZVgOGv30ArSElFz5K0CgEEC-7jGQ_fwzxkvUldeJ3FmXhwQUfzuMiPB9YbjlSAo4lXRewigBN6dxiBasukCWmzpt6fYCNAsNLkoxyupYuIw9fZ8CajB7Q6gjQZAsDVKr_zqFa3SuUavV14qcC4f9p5lRSbrQ0PgQSuFBw-_ntB6kMjwtkIhN3ZMo0O8ScxdkPqjnfX-IBs3BApLyQgDhMHrgOxqpfO81sWEPIJuFg&sai=AMfl-YRHvBoShznUdSB33O_ujvW9ZEJ862BpxjFx39fWnC_-WOs_YtwbIn191sRST2oWOZ2L043POjulNAFVAKhik-K_W4sdJHcYg3Node57Pfd048II4GiI30C92uKQxtX2wuCxqZK__ZG8FX_QpYI1el1G&sig=Cg0ArKJSzApt4MRlwyCYEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6F97 60 KB
15 KB 38ms
37ms Script
application/javascript 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30702453&chanId=21734991026&placementId=6364618761&pubCreative=138443588493&pubOrder=3244091193&cb=321548275&adsafe_par&impId=&custom=inpage_1&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b2250c4990755371008b32908df9b73ca7b4013599dc24f73f9fbc7e32241636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 191F 0
0 91ms
86ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstq5x0lKQqrVMBnoAJGaeKYJs8bMXZOaOK6yB1Kg9WZksbuXsFArmwDXkbSz5_KAw_9J5pqQhQlIPsOLBuzL7GVRugbmz9Vm_t-oD8HyMgcuAYV_ab2wIXSIRJwjWXZNr3ahzaE0VGAA2FmuGQCJU31ms1X8prehnoy2zAXc1DkQBn4xaCT5GeAWzCg7PJ1OO3d1pEAi20vaRkTxinURAPDQRcMy3OCXBaN8G5uoQuW4vRKbLTgEUXhw6txGBMBMXBOC-JzT5plHXOxY2rizcLTAVhfUfToQAeFjsD7y5Kkecca9MpdHXGeztjI0ANdGBRvuhozo-8z6_QG40Mb4d0&sai=AMfl-YTHLkKiGwk-NxQXxTyyiRT7QZDHyHSklqwhB4XHZP2ptl4Sy7B8bRXLNwE40JBIXqsgujjZdP79WpmktoGSVVd77mm_u3miOxA5KH6yzGGGVL0YpoZkzAM_0KdMzA8fFzVh0Gckznxc5-pO2RDU0i0o&sig=Cg0ArKJSzFn7pYxEdG5SEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 5AF9 60 KB
15 KB 38ms
38ms Script
application/javascript 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5240484120&chanId=21734991026&placementId=6401654110&pubCreative=138450969729&pubOrder=3262007264&cb=13504120&adsafe_par&impId=&custom=inpage_2&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a4362ccc76243f769ad5e6741022149daa11d6a012a336a8c0b4de087288e3d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0ABF 0
0 85ms
85ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmt4C3jRdMdRv62B3ylIcyEnJSHFOVfsBk7v2NyG_8RPshU2MC0tlEIGoexGvwWo_R8UPFwIPRCRPyquZKtHBaY1oBjuYAHCZe7UNXZxB_nN50C-8Hsa3_nPMYzdNqbP-gdL8VXYYdupc4UbYJos0BguUz-Bu3GZUtyRwPBjn5JoWS40R-LUHonMkKlO_YAtOWu-5sM9GHyBg6rzUHXudkdr3MpJRGIUE1r6uM3t5FU_Trq_GsKLmLaCqJfHB7YiEbP_ZiFohsSpLQFxzgMkUOJY0awxPnPHWCq-VlUYA6U87QdYfokiffDDCORgwS2W0ilsUClQ1WXgWkIw1_MoE&sai=AMfl-YS0P47YAfSZi2jk1V0QFK2l2369IFtT7qeCll-pdtCfEpU2uLBIoekQj7vVwmKzuNLZ30xS2jVfRo5S0ZfcEoJVmlaW_3rZ8MWim_HUMDi9yaBjhlY6dREt6Eky6HU_TB6unSbMAaUTIWVXAnHDoNc9&sig=Cg0ArKJSzMtGkdn75jBPEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6CB3 60 KB
15 KB 35ms
34ms Script
application/javascript 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5331428053&chanId=21734991026&placementId=6337319697&pubCreative=138438359232&pubOrder=3225099811&cb=444867734&adsafe_par&impId=&custom=inpage_3&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9c059e216fcca43b5c7ec4d4587332f2a71fb541f84838e9736138427ca97c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 207ms
97ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fff7310fff3c4d95e3a11e414e3d3987ff10b09e3e03122584b6d6f1c7f2ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12268
x-xss-protection: 0

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 2635 94 KB
33 KB 7ms
7ms Document
text/html 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-7.fra56.r.cloudfront.net

Software

Resource Hash

8fdff8dc0c13d4e94cedd8c000fdf91607166c5178189d289fbe2161e478db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1506
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 33037
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 06:03:24 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=15m
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id: MK3-UeHiv8N6dYpWTnC5adbpkCAgohz2hXIhMuB0HnXcDx9pgbPsnA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0bba1636000245d7859976a7e126ea96
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t23
x-soa: true, Gator

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame B75D 94 KB
33 KB 8ms
8ms Document
text/html 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-7.fra56.r.cloudfront.net

Software

Resource Hash

8fdff8dc0c13d4e94cedd8c000fdf91607166c5178189d289fbe2161e478db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1506
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 33037
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 06:03:24 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=15m
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id: 0yfRMjHkbYnSNLhJsNF2cIT3jI_YhQQn88vzt14IWcpl03C8CkBwSA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0bba1636000245d7859976a7e126ea96
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t23
x-soa: true, Gator

GET /
adb2waycm-atl.netmng.com/cm/ Frame B9FF 0
0

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 6ms
6ms Image
image/svg+xml 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 6962749
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=4;cpu=2;start=2023-08-16T17:08:40.499Z;desc=hit,rtt;dur=0,content-info;desc="width=500,height=500"
Content-Length: 3390
X-Served-By: cache-iad-kcgs7200127-IAD, cache-fra-eddf8230120-FRA
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1706250511.538017,VS0,VE0
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 55020, 4

GET
H/1.1 200
OK vln0crx1x1jmyo1kv5ys
static.clubs.nfl.com/image/upload/f_auto/rams/ 91 KB
92 KB 7ms
7ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/f_auto/rams/vln0crx1x1jmyo1kv5ys
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/e0972fc4f045b100702750941f0a30ea/functions/intersectionObserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ee1624401ac9bb7e00f7d7ec3f1a7fee4dab71e3b3037244783eee706ed698d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:30 GMT
Via: 1.1 fdb52cd1c10dcf08197f1215fcd8e512.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 558011
Edge-Cache-Tag: 298087173627287296963740229170922957335,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 298087173627287296963740229170922957335,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="vln0crx1x1jmyo1kv5ys.webp"
Connection: keep-alive
Content-Length: 93106
X-Request-Id: 2b1f099749c330d93d7f89921d707231
X-Served-By: cache-iad-kjyo7100161-IAD, cache-iad-kjyo7100087-IAD, cache-fra-eddf8230029-FRA
Last-Modified: Fri, 19 Jan 2024 19:28:21 GMT
Server: cloudinary
Surrogate-Reporting: width=2500,height=350,bytes=93106,owidth=2500,oheight=350,obytes=544427,ef=(1,11,17)
X-Timer: S1706250511.538309,VS0,VE0
Etag: "ecf0e14981fff5d52597a310993a325e"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 18, 2

GET
H2 200 main.19.8.476.js Show response
static.adsafeprotected.com/ Frame 6AA8 214 KB
67 KB 40ms
16ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.476.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5222449639&chanId=21734991026&placementId=6295301662&pubCreative=138432734008&pubOrder=3200570583&cb=356466560&adsafe_par&impId=&custom=centerpiece&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:51:43 GMT
x-amz-version-id: 13aFAFQbOW1qsA26vxpqAkiT2qAXWsDK
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 203808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 23 Jan 2024 20:34:43 GMT
server: AmazonS3
etag: W/"77d80e0eab989d48e932a266a346e250"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: rL0qy23EYTAqIofSkn3-ROgzerBejq-PR04eTSVr_eDTG-xfyZXXnw==

GET
H2 200 main.19.8.476.js Show response
static.adsafeprotected.com/ Frame 5CEB 214 KB
67 KB 44ms
22ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.476.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5426111950&chanId=21734991026&placementId=6488692749&pubCreative=138461459928&pubOrder=3337027668&cb=2106554854&adsafe_par&impId=&custom=content-package&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:51:43 GMT
x-amz-version-id: 13aFAFQbOW1qsA26vxpqAkiT2qAXWsDK
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 203808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 23 Jan 2024 20:34:43 GMT
server: AmazonS3
etag: W/"77d80e0eab989d48e932a266a346e250"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: mjxitAWbymEjLPmj7tXXKQ0tNklBKdFF4QBsnxVu1015DczMqjdYyg==

GET
H2 200 main.19.8.476.js Show response
static.adsafeprotected.com/ Frame E242 214 KB
67 KB 48ms
27ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.476.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5349386397&chanId=21734991026&placementId=6373810974&pubCreative=138445397198&pubOrder=3248104450&cb=491662692&adsafe_par&impId=&custom=bottom&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:51:43 GMT
x-amz-version-id: 13aFAFQbOW1qsA26vxpqAkiT2qAXWsDK
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 203808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 23 Jan 2024 20:34:43 GMT
server: AmazonS3
etag: W/"77d80e0eab989d48e932a266a346e250"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: XTplr87xK8m8q4B3Xl6ECgJANYB5syKEc33sNVnYAaGG4OnOOnvhyg==

GET
H2 200 main.19.8.476.js Show response
static.adsafeprotected.com/ Frame 6F97 214 KB
67 KB 50ms
30ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.476.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30702453&chanId=21734991026&placementId=6364618761&pubCreative=138443588493&pubOrder=3244091193&cb=321548275&adsafe_par&impId=&custom=inpage_1&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:51:43 GMT
x-amz-version-id: 13aFAFQbOW1qsA26vxpqAkiT2qAXWsDK
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 203808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 23 Jan 2024 20:34:43 GMT
server: AmazonS3
etag: W/"77d80e0eab989d48e932a266a346e250"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: QvczRcl0PDxmeWavL-nelNnuOIVKZRou6ZX7CPdLWEtWShyLWyaQwQ==

GET
H2 200 main.19.8.476.js Show response
static.adsafeprotected.com/ Frame 5AF9 214 KB
67 KB 27ms
8ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.476.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5240484120&chanId=21734991026&placementId=6401654110&pubCreative=138450969729&pubOrder=3262007264&cb=13504120&adsafe_par&impId=&custom=inpage_2&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:51:43 GMT
x-amz-version-id: 13aFAFQbOW1qsA26vxpqAkiT2qAXWsDK
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 203808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 23 Jan 2024 20:34:43 GMT
server: AmazonS3
etag: W/"77d80e0eab989d48e932a266a346e250"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: P1YAQhmOZuocL-KJh5Jr-gkpL5cf0TQQXzBYFNpcL28PN3OgkRKflg==

GET
H2 200 main.19.8.476.js Show response
static.adsafeprotected.com/ Frame 6CB3 214 KB
67 KB 45ms
28ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.476.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5331428053&chanId=21734991026&placementId=6337319697&pubCreative=138438359232&pubOrder=3225099811&cb=444867734&adsafe_par&impId=&custom=inpage_3&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:51:43 GMT
x-amz-version-id: 13aFAFQbOW1qsA26vxpqAkiT2qAXWsDK
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 203808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 23 Jan 2024 20:34:43 GMT
server: AmazonS3
etag: W/"77d80e0eab989d48e932a266a346e250"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: xdtLNfgp83jgMUqD7QhGlPM2dRP7akd4HemBFuDnztoiNwePfw-Ipg==

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 2635 6 KB
3 KB 7ms
7ms Fetch
text/javascript 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: /
Resource Hash: a2c8fb1860d2400fba75c9f25854bf3a90aa229b72e48a16c5a1d892874f46ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:26:54 GMT
content-encoding: gzip
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 96
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=15m
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2282
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: f851639c65a2411ba6b067b1847b96d6
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t21
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: K0kq3f3s3BYj1I2cO95iVN59j-4TKqZSVyvl8yjw3esq10ZRuVrY6w==

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame B75D 6 KB
3 KB 8ms
7ms Fetch
text/javascript 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: /
Resource Hash: a2c8fb1860d2400fba75c9f25854bf3a90aa229b72e48a16c5a1d892874f46ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:26:54 GMT
content-encoding: gzip
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 96
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=15m
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2282
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: f851639c65a2411ba6b067b1847b96d6
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t21
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: VDdJ5lcoglob59fYxJuVYYACt2EZHuEzTvtzTwX2DIZj8QKuIz7ctg==

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B7EF 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10995560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: LwyjAc7pYYf2isK8sLBbUMrOihNliW5ZRo_Dpb600VRQvXfbSOjlAg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 48ms
48ms Image
image/gif 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=300x250&pubId=5222449639&chanId=21734991026&placementId=6295301662&pubCreative=138432734008&pubOrder=3200570583&cb=356466560&adsafe_par&impId=&custom=centerpiece&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:77990122-9cbb-0c87-782b-8921c2e36e78,c:2o03lH,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-74b57f8799-b4bg5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1058.1114.300.250,am:i,cc:1058.1114.300.250,piv:34,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:57,mot:0,app:0,maw:0,fm:u2rPg0M+11%7C12%7C13%7C14*.929781%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:69,oid:1f36d905-bc14-11ee-9371-025da2aee85f,v:19.8.476,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D986 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10995560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 9hRKq4aErLKMqomSjerB_JufvS2RQmQvhYUkl3k3Vl1N184WRU2YcQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 48ms
48ms Image
image/gif 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=5240484120&chanId=21734991026&placementId=6401654110&pubCreative=138450969729&pubOrder=3262007264&cb=13504120&adsafe_par&impId=&custom=inpage_2&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:e2a814df-d848-4520-aafc-3332d5716d77,c:2o03m5,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-74b57f8799-fv9lj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.8279.728.90,am:i,cc:436.8279.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:84,mot:0,app:0,maw:0,fm:u2rPg0S+11%7C12%7C13%7C141%7C142%7C151%7C161%7C171%7C18*.929781%7C181%7C191%7C1a%7C1b,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:87,oid:1f433522-bc14-11ee-8f81-5a3fd492b9e2,v:19.8.476,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 337ms
104ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=77990122-9cbb-0c87-782b-8921c2e36e78&tv=%7Bc:2o03md,pingTime:-2,time:101,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:219,beZ:219,mfA:276,cmA:277,inA:277,inZ:279,prA:279,prZ:284,si:287,poA:288,poZ:295,cmZ:295,mfZ:295,loA:306,loZ:308,ltA:319,ltZ:319,mdA:220,mdZ:266%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:34,vs:o,r:l,w:300,h:250,t:69%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:69,wc:0.0.1600.1200,ac:1058.1114.300.250,am:i,cc:1058.1114.300.250,piv:34,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B42~30%5D,as:%5B42~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2rPg0M+11%7C12%7C13%7C14*.929781%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:69,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_2,google_ads_iframe_/4595/team.la/home_2__container__,19d2526a-dd95-409f-9dc8-4c7706a19e34,main-content%5D,sinceFw:31,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

ibs:dpid=771&dpuuid=CAESELtfew-ysohSVmVKkxlcUUY&google_cver=1
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzcxNjcyMDM0NjY5OTI4NzI2NjA1Njc5NjgwNDQ3NTc0OTI4NTE=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELtfew-ysohSVmVKkxlcUUY&google_cver=1?gdpr=0&gdpr_consent=

42 B
717 B

30ms
30ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELtfew-ysohSVmVKkxlcUUY&google_cver=1?gdpr=0&gdpr_consent=

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-074995c50.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: QeXlKhbcSLs=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELtfew-ysohSVmVKkxlcUUY&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 331ms
102ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=e2a814df-d848-4520-aafc-3332d5716d77&tv=%7Bc:2o03mi,pingTime:-2,time:100,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:70,beZ:71,mfA:154,cmA:155,inA:155,inZ:155,prA:155,prZ:156,si:158,poA:158,poZ:161,cmZ:161,mfZ:161,loA:166,loZ:167,ltA:170,ltZ:170,mdA:71,mdZ:105%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:87%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:87,wc:0.0.1600.1200,ac:436.8279.728.90,am:i,cc:436.8279.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B15~0%5D,as:%5B15~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2rPg0S+11%7C12%7C13%7C141%7C142%7C151%7C161%7C171%7C18*.929781%7C181%7C191%7C1a%7C1b,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:87,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_7,google_ads_iframe_/4595/team.la/home_7__container__,adv_inpage_2,main-content%5D,sinceFw:12,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 958B 91 KB
23 KB 9ms
8ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10995560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: uyR3jqDYvzzqEpGLAILRgvt9VwwHofkW5YWyzb3DtdYXzxZVrjdDBA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 62ms
62ms Image
image/gif 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=300x250&pubId=5426111950&chanId=21734991026&placementId=6488692749&pubCreative=138461459928&pubOrder=3337027668&cb=2106554854&adsafe_par&impId=&custom=content-package&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:b3e5d167-f751-f838-d753-d341c4aaef20,c:2o03mu,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-74b57f8799-ldftv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1058.7775.300.250,am:i,cc:1058.7775.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:113,mot:0,app:0,maw:0,fm:u2rPg0O+11%7C12%7C13%7C141%7C142%7C15*.929781%7C151%7C161%7C171%7C181%7C182%7C191%7C1a%7C1b,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:116,oid:1f3af7f5-bc14-11ee-8dd2-ca8433cd4389,v:19.8.476,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 58E7 91 KB
23 KB 9ms
8ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10995560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: XX5ZkdV8iFlmkZusuXOBUgf-Wx3oTlS0H2NHartxQYS07Fq_E-g6gQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 56ms
56ms Image
image/gif 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=5349386397&chanId=21734991026&placementId=6373810974&pubCreative=138445397198&pubOrder=3248104450&cb=491662692&adsafe_par&impId=&custom=bottom&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:7ce06f33-1888-ebfd-79cd-4ec2898d0fda,c:2o03mB,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-74b57f8799-49ll6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.10100.728.90,am:i,cc:436.10100.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:118,mot:0,app:0,maw:0,fm:u2rPg0Q+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16*.929781%7C161%7C171%7C181%7C182%7C191%7C1a%7C1b,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:121,oid:1f3e04fe-bc14-11ee-a583-3a351730bbc8,v:19.8.476,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 93AF 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10995560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Tz0VO_qOufKqYfeS4-1RpFEtdcjcue13Fe75IFULQ6YXc2RnYNEBug==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 55ms
55ms Image
image/gif 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=30702453&chanId=21734991026&placementId=6364618761&pubCreative=138443588493&pubOrder=3244091193&cb=321548275&adsafe_par&impId=&custom=inpage_1&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:fec731cf-ef7e-e17a-ad86-e70334cf6d34,c:2o03mI,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-74b57f8799-5qdmf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.7381.728.90,am:i,cc:436.7381.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:124,mot:0,app:0,maw:0,fm:u2rPg0R+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17*.929781%7C171%7C181%7C182%7C191%7C1a%7C1b,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:127,oid:1f407658-bc14-11ee-bdd8-9a87d2744620,v:19.8.476,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A009 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10995560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 5r8mHHqq4DDNHvvLQGqe0J9ewcoKD3H8YwRyQg3lWnieVXD8RFnUIQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 56ms
56ms Image
image/gif 63.33.146.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=5331428053&chanId=21734991026&placementId=6337319697&pubCreative=138438359232&pubOrder=3225099811&cb=444867734&adsafe_par&impId=&custom=inpage_3&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:8b5b60a8-30c0-5d4c-d375-98b65d2af1cc,c:2o03mU,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-74b57f8799-455t6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.8971.728.90,am:i,cc:436.8971.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:132,mot:0,app:0,maw:0,fm:u2rPg0V+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19*.929781%7C191%7C1a%7C1b,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:135,oid:1f453145-bc14-11ee-a41d-069b01c360c8,v:19.8.476,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.146.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-146-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 384ms
202ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b3e5d167-f751-f838-d753-d341c4aaef20&tv=%7Bc:2o03n2,pingTime:-2,time:150,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:122,beZ:123,mfA:235,cmA:236,inA:236,inZ:236,prA:236,prZ:237,si:238,poA:238,poZ:241,cmZ:241,mfZ:241,loA:257,loZ:257,ltA:272,ltZ:272,mdA:123,mdZ:171%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:116%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:116,wc:0.0.1600.1200,ac:1058.7775.300.250,am:i,cc:1058.7775.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2rPg0O+11%7C12%7C13%7C141%7C142%7C15*.929781%7C151%7C16.929781%7C161%7C17.929781%7C171%7C181%7C182%7C191%7C1a%7C1b,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:116,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_3,google_ads_iframe_/4595/team.la/home_3__container__,adv_block_e0904963-b345-41e3-b561-8d79afbde777,main-content%5D,sinceFw:34,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 281ms
103ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=7ce06f33-1888-ebfd-79cd-4ec2898d0fda&tv=%7Bc:2o03n5,pingTime:-2,time:151,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:102,beZ:103,mfA:221,cmA:221,inA:221,inZ:221,prA:221,prZ:222,si:224,poA:224,poZ:227,cmZ:227,mfZ:227,loA:239,loZ:239,ltA:254,ltZ:254,mdA:103,mdZ:154%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:121%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:121,wc:0.0.1600.1200,ac:436.10100.728.90,am:i,cc:436.10100.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2rPg0O+11%7C12%7C13%7C141%7C142%7C15.929781%7C151%7C152%7C16*.929781%7C161%7C17.929781%7C171%7C181%7C182%7C191%7C1a%7C1b,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:121,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_5,google_ads_iframe_/4595/team.la/home_5__container__,adv_club,main-content%5D,sinceFw:30,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 client.js Show response
apis.google.com/js/ 18 KB
8 KB 178ms
61ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58f246bdfff46cb69f834273da1e5c1c3c1780a5aadfb83ef0d27944888178aa

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 06:28:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7130
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "2ebb874113dc2509"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 741D 94 KB
33 KB 7ms
7ms Document
text/html 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-7.fra56.r.cloudfront.net

Software

Resource Hash

8fdff8dc0c13d4e94cedd8c000fdf91607166c5178189d289fbe2161e478db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1506
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 33037
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 06:03:24 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=15m
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id: FAZ8uCqCaXzmyHa1w4dVexK_1ZtGL7347jSmL06lREPfRKJHOxXPCQ==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0bba1636000245d7859976a7e126ea96
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t23
x-soa: true, Gator

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 271ms
105ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=fec731cf-ef7e-e17a-ad86-e70334cf6d34&tv=%7Bc:2o03ni,pingTime:-2,time:163,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:88,beZ:89,mfA:212,cmA:213,inA:213,inZ:213,prA:213,prZ:214,si:215,poA:215,poZ:219,cmZ:219,mfZ:219,loA:233,loZ:233,ltA:251,ltZ:251,mdA:89,mdZ:142%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:127%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:163,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:127,wc:0.0.1600.1200,ac:436.7381.728.90,am:i,cc:436.7381.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2rPg0O+11%7C12%7C13%7C141%7C142%7C15.929781%7C151%7C152%7C16.929781%7C161%7C162%7C17*.929781%7C171%7C181%7C182%7C19.929781%7C191%7C1a%7C1b,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:127,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_6,google_ads_iframe_/4595/team.la/home_6__container__,adv_inpage_1,main-content%5D,sinceFw:36,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 362ms
204ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=8b5b60a8-30c0-5d4c-d375-98b65d2af1cc&tv=%7Bc:2o03np,pingTime:-2,time:166,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:59,beZ:60,mfA:191,cmA:192,inA:192,inZ:192,prA:192,prZ:193,si:194,poA:194,poZ:199,cmZ:199,mfZ:199,loA:208,loZ:208,ltA:225,ltZ:225,mdA:60,mdZ:107%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:135%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:135,wc:0.0.1600.1200,ac:436.8971.728.90,am:i,cc:436.8971.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2rPg0R+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17.929781%7C171%7C172%7C181%7C182%7C19*.929781%7C191%7C1a%7C1b,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:135,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_8,google_ads_iframe_/4595/team.la/home_8__container__,adv_inpage_3,main-content%5D,sinceFw:31,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 06:28:30 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
3 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8cb1e65dd1827d27138af3752883708f9a1e2003127e71f692c6f95e72415a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 06:28:30 GMT
content-md5: tjxrVV3tdnZrlbHgVUkcPg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: Nf5NSQehs4NaAhUbDcwDtWALlIHFU9Z9VlqYYINFuYD0CBq7u3kuLJf0NMvMKuk5WioUwCUA31Y6jVS011ZPPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 67941257021476a218aee0182dd1a7d4
cross-origin-opener-policy: same-origin-allow-popups
etag: "520ffcd9d1065865c0e9834b8d8ecd85"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:28:41 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 741D 6 KB
3 KB 7ms
7ms Fetch
text/javascript 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: /
Resource Hash: a2c8fb1860d2400fba75c9f25854bf3a90aa229b72e48a16c5a1d892874f46ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:26:54 GMT
content-encoding: gzip
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 96
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=15m
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2282
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: f851639c65a2411ba6b067b1847b96d6
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t21
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: HOTR_cVFp_UCgrvHtNezAxtM20lbU_RTAZcBnTd5mq9un_YnNdhRVw==

GET
H2 200 adsct
analytics.twitter.com/i/ Frame B9FF 43 B
394 B 130ms
116ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=77167203466992872660567968044757492851&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 26 Jan 2024 06:28:30 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 588180a6a07a5905
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: c1e415f4b5088117ca0db9438ac639dd1bd96e0be6f2d1998320b9ea70ce06ef
content-length: 43

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
87 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1b9bdbab6ce1aa4a23ab60ec1cd0159d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

02953508d54e8a87e9adcb687c9142334b836fa57a9e4ff0f6d4e92d86e71c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 06:28:30 GMT
content-md5: blorxAHEvDEb1u3wqXpYaQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88470
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: EuPItUR1bnpGC5bTIB+4L328io0wLGc3Ex/gp6rTdPIgbBqMPdUv+cvrA200diSfM5J4wstiGxjFu13AU2uHaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2b73b76cbb39170e3ab254ec79c2b4c4
cross-origin-opener-policy: same-origin-allow-popups
etag: "1172e086e2c8753154580314ad995ba8"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Jan 2025 05:58:25 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 43ms
27ms Fetch
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1b9bdbab6ce1aa4a23ab60ec1cd0159d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=()
strict-transport-security: max-age=15552000; preload
date: Fri, 26 Jan 2024 06:28:30 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: znQTZ+omqKXDX7Fe/CuiTcdZzPj4zDJbcEmhReQA+rEfFObSrUDAj62zyAtejuhMZW9eBBljEygTYDTSg+0fTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E688 13 KB
5 KB 51ms
51ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 65670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 12:14:00 GMT
expires: Fri, 24 Jan 2025 12:14:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AADB 829 B
1 KB 172ms
63ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f3e856aa6455314ea2f2757e4c7a05e343d6f643f82cb26438165d36b93416b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ghjo6-GvcIcr156KGUYGFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ghjo6-GvcIcr156KGUYGFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:28:30 GMT
expires: Fri, 26 Jan 2024 06:28:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B9FF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEBulQgrN2U9IUtA_mljM5CY&google_cver=1
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
28ms

Image
image/png

99.80.28.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 99.80.28.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-28-62.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 26 Jan 2024 06:28:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame E688 39 KB
15 KB 155ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 11:54:25 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ 317 KB
109 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59460e352003ed781589fe97dc3613127cb8f4010d2f1e2a70bd1a78a10663e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110767
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 21:08:39 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 153ms
153ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=77990122-9cbb-0c87-782b-8921c2e36e78&tv=%7Bc:2o03qN,pingTime:-10,time:385,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706250510921%7C%7C62a51d9fde47cf18d0fa85970d6c1590%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C8a348289f72898ccddff52d52acca1ba%7C%7Cfd68f94a9c184f996fee30a6ece78ce8%7C%7Ca54e7a727c70beef69483500180cbb61%7C%7Ce33a081b02184c80b170c6eddcd743fb%7C%7Ce7fca2f6929fb415a7f6b99592b97c72%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:30 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B9FF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEB...
https://pixel.everesttech.net/1x1

128 B
796 B

29ms
29ms

Image
image/png

99.80.28.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 99.80.28.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-28-62.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 26 Jan 2024 06:28:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 116ms
116ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=8b5b60a8-30c0-5d4c-d375-98b65d2af1cc&tv=%7Bc:2o03rp,pingTime:-10,time:414,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706250510921%7C%7C62a51d9fde47cf18d0fa85970d6c1590%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C8a348289f72898ccddff52d52acca1ba%7C%7Cfd68f94a9c184f996fee30a6ece78ce8%7C%7Ca54e7a727c70beef69483500180cbb61%7C%7Ce33a081b02184c80b170c6eddcd743fb%7C%7Ce7fca2f6929fb415a7f6b99592b97c72%7C%7C1663701684,sca:%7Bspg:77990122-9cbb-0c87-782b-8921c2e36e78%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:31 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AADB 0
0 82ms
82ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401220101&jk=1234134301444342&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B9FF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
28ms

Image
image/png

99.80.28.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 99.80.28.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-28-62.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 26 Jan 2024 06:28:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E688 0
10 B 51ms
51ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sXQNjA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B9FF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
29ms

Image
image/png

99.80.28.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 99.80.28.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-28-62.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 26 Jan 2024 06:28:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
103ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b3e5d167-f751-f838-d753-d341c4aaef20&tv=%7Bc:2o03uM,pingTime:-10,time:630,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706250510921%7C%7C62a51d9fde47cf18d0fa85970d6c1590%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C8a348289f72898ccddff52d52acca1ba%7C%7Cfd68f94a9c184f996fee30a6ece78ce8%7C%7Ca54e7a727c70beef69483500180cbb61%7C%7Ce33a081b02184c80b170c6eddcd743fb%7C%7Ce7fca2f6929fb415a7f6b99592b97c72%7C%7C1663701684,sca:%7Bspg:77990122-9cbb-0c87-782b-8921c2e36e78%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:31 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 102ms
102ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=e2a814df-d848-4520-aafc-3332d5716d77&tv=%7Bc:2o03vt,pingTime:-10,time:669,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706250510921%7C%7C62a51d9fde47cf18d0fa85970d6c1590%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C8a348289f72898ccddff52d52acca1ba%7C%7Cfd68f94a9c184f996fee30a6ece78ce8%7C%7Ca54e7a727c70beef69483500180cbb61%7C%7Ce33a081b02184c80b170c6eddcd743fb%7C%7Ce7fca2f6929fb415a7f6b99592b97c72%7C%7C1663701684,sca:%7Bspg:77990122-9cbb-0c87-782b-8921c2e36e78%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:31 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B9FF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
29ms

Image
image/png

99.80.28.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 99.80.28.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-28-62.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b51f-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 26 Jan 2024 06:28:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B9FF 70 B
149 B 103ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.therams.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/28/ Frame B9FF
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=77167203466992872660567968044757492851&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/28/sync?uid=77167203466992872660567968044757492851&_origin=1&redir=true

0
87 B

22ms
10ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/28/sync?uid=77167203466992872660567968044757492851&_origin=1&redir=true

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/28/sync?uid=77167203466992872660567968044757492851&_origin=1&redir=true
date: Fri, 26 Jan 2024 06:28:31 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 389
content-language: en

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B9FF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WmJOUkRRQUFBTnVHRXdONg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

28ms
28ms

Image
image/png

99.80.28.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 99.80.28.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-28-62.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 26 Jan 2024 06:28:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 104ms
103ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=fec731cf-ef7e-e17a-ad86-e70334cf6d34&tv=%7Bc:2o03Bj,pingTime:-10,time:1032,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706250510921%7C%7C62a51d9fde47cf18d0fa85970d6c1590%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C8a348289f72898ccddff52d52acca1ba%7C%7Cfd68f94a9c184f996fee30a6ece78ce8%7C%7Ca54e7a727c70beef69483500180cbb61%7C%7Ce33a081b02184c80b170c6eddcd743fb%7C%7Ce7fca2f6929fb415a7f6b99592b97c72%7C%7C1663701684,sca:%7Bspg:77990122-9cbb-0c87-782b-8921c2e36e78%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:31 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
84ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401220101&jk=1234134301444342&bg=!OjmlOXbNAAa8BdJLnAU7ADQBe5WfOJfSn0EVZPnH30ChyHuf2NglN4YI0KLaGYYFkPRUqtA02iDwT7wwwjHerNrBhvk6AgAAAFBSAAAAAmgBBwoAPTIINi2TezQ8rolWIt098XFmxZuB31NRgLaVt8hsg-NPmWzUMvOf146O_L-nH44eeePiHoJLzs2T-EYMEPaZArm1YxjZS4mlgX0meykLZ1k-lxA82CKcVPUdo_76npcuMGqdWccS-3VGpQJqGWFIiuW3totiu9y9osj4C8TpbxIM-HLldcqjPaKyK3kmxwsiPcohSPgguRGCGdKQAZJLijtgmFC8cl-kUYfQzDqRsD6Z6nVwewW-NhgFc4MtWaJteU6ciuOPe0GSI6ahEIzJKMpEfoyGvpZRAy003cdkusMHftIjFCq7DnQLUlWM0XPolqtFHxmIhsXKAy4tDlbIXM7Ljynrhr5YEIpCVeMzii1xN_vTbl83USn4WIm7xz8M6dc0358yAEukVbTJhhI455Xm4nt09iCWakyqxPsHF4RTajgNiB1OSvzQk7_EErtR_V_44ORqPICp9VkLGEwMvGJQavzxxGm7ll9AKXiFuZcvgavlVfrAVCIyaQZooh_aD5twzVp6ropfJW74mPNbOmTDpSMP2CQ_192VVYn1F8UWJTcdW2zmHlm4qPcIt3BM6SyotjkRVRMDsPGYDbBRv4kzWk5WDpIedm3Iv9DbyJoDKy5RUtCHg9ubYfU0Z3KnCTb5UD3kwZjO0tux9wciagIhTALO5U5YuE0qDGitKEjn7s_yoDJyb8-in3nA8PknsiQigm5g2eGDrrm5O5NqJxEkEiXjRH-Cu2l2QH0MVEtBpU4xQZV1fCYBhZK7tbiddopbRcuCoPq0R1j4GFhVGlocsE8G1pkzsq1fffl4t8l5HVyVK46NU0W0iEiN4IIE72B-_q7S3wra9ZL1ddLqkAuVFvcXNyU3emMb-N4T7Zp0HRCd-p9iiKLtfIWLoo4tN3RvxIvS3dOe0dxNudb1wQ_HVuY6HpGE_AjrjV1X_87R9_uv9BUPlU0dduZmRd2QePEp_lv_Pqn9kUWT1rGmcg3_WvMsD9Xw6pidm8GGpYpqOmkbcblT6Tdn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2

200

ibs:dpid=28645&dpuuid=3Bo-4OtyA62csRJZzss-j_59PKYpiPky&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3Bo-4OtyA62csRJZzss-j_59PKYpiPky&gdpr=0&gdpr_consent=

42 B
717 B

31ms
31ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3Bo-4OtyA62csRJZzss-j_59PKYpiPky&gdpr=0&gdpr_consent=

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-06db7c088.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: tml580PKSZg=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3Bo-4OtyA62csRJZzss-j_59PKYpiPky&gdpr=0&gdpr_consent=
date: Fri, 26 Jan 2024 06:28:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1078565
content-length: 0

GET
H2

200

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=77167203466992872660567968044757492851&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
733 B

29ms
28ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: SMXo7iM+SRA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 104,303
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Fri, 26 Jan 2024 06:28:31 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

ibs:dpid=30646
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=77167203466992872660567968044757492851&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=77167203466992872660567968044757492851&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-NexfAUNE2pGGQvRGA0Fnso0LuYCBCRAEMTE-~A

42 B
717 B

30ms
30ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-NexfAUNE2pGGQvRGA0Fnso0LuYCBCRAEMTE-~A

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-045ff60d9.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: VTWIQYM2Sbk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-NexfAUNE2pGGQvRGA0Fnso0LuYCBCRAEMTE-~A
date: Fri, 26 Jan 2024 06:28:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
102ms Image
image/gif 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=7ce06f33-1888-ebfd-79cd-4ec2898d0fda&tv=%7Bc:2o03FW,pingTime:-10,time:1320,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706250510921%7C%7C62a51d9fde47cf18d0fa85970d6c1590%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C8a348289f72898ccddff52d52acca1ba%7C%7Cfd68f94a9c184f996fee30a6ece78ce8%7C%7Ca54e7a727c70beef69483500180cbb61%7C%7Ce33a081b02184c80b170c6eddcd743fb%7C%7Ce7fca2f6929fb415a7f6b99592b97c72%7C%7C1663701684,sca:%7Bspg:77990122-9cbb-0c87-782b-8921c2e36e78%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:31 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 v2
odr.mookie1.com/t/ Frame B9FF 42 B
204 B 58ms
20ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=77167203466992872660567968044757492851&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:32 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

v1
ads.yahoo.com/cms/ Frame B9FF
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZbNRDQAAANuGEwN6&sigv=1&esig=1~d4ea130b9aff7c105ccc52aff7074cfd74f08d2e

0
194 B

95ms
26ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZbNRDQAAANuGEwN6&sigv=1&esig=1~d4ea130b9aff7c105ccc52aff7074cfd74f08d2e

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:28:32 GMT
strict-transport-security: max-age=31536000
cache-control: no-store
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZbNRDQAAANuGEwN6&sigv=1&esig=1~d4ea130b9aff7c105ccc52aff7074cfd74f08d2e
Date: Fri, 26 Jan 2024 06:28:32 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJOUkRRQUFBTnVHRXdONg==

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJOUkRRQUFBTnVHRXdONg==

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706250512.201467,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJOUkRRQUFBTnVHRXdONg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B9FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZbNRDQAAANuGEwN6&expires=90

0
239 B

127ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZbNRDQAAANuGEwN6&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 08fc1f390a6968c5983b6715b2a92536
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706250512.264193,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZbNRDQAAANuGEwN6&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B9FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbNRDQAAANuGEwN6
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbNRDQAAANuGEwN6&C=1

43 B
339 B

20ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbNRDQAAANuGEwN6&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGBeqPz7MdCP7l7mYp6P%2FQliuN1YH9z9pAWMZEFSUxTnhuKIjVpI9Y2h1Xqy6tq3vz9ACewq%2FgbrfEu%2FtJyto%2BjhHWQHfXNpuERVkdoaSrFCrKfHFfykfX7kmTYVlnpzIYCAsLkMbAmMdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b6b246aedc1c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bC5snzzSN7aAJLRz3oycpCTyYYnJD%2BYRaykudOxfxT5JO%2B42D6ibtp0Yl8%2BZReOHU1XljXb6Q4nyHmi7kOFgVW8ac8yzJPpXeWu5HY4t87Uzi5MGIvozn5VHgjHqmkH8nNvlprz2CCAjSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=ZbNRDQAAANuGEwN6&C=1
cache-control: no-cache
cf-ray: 84b6b2467ec01c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

setuid
ib.adnxs.com/ Frame B9FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZbNRDQAAANuGEwN6

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZbNRDQAAANuGEwN6

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
an-x-request-uuid: e0b3d51c-e121-45b3-a19f-911d00126f3e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.161; 185.213.155.161; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706250512.464901,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZbNRDQAAANuGEwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B9FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbNRDQAAANuGEwN6

43 B
264 B

54ms
19ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbNRDQAAANuGEwN6
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706250513.565708,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbNRDQAAANuGEwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B9FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZbNRDQAAANuGEwN6

0
225 B

68ms
15ms

Image
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZbNRDQAAANuGEwN6
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 06:28:32 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706250513.666179,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZbNRDQAAANuGEwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET

partner
sync.search.spotxchange.com/ Frame B9FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZbNRDQAAANuGEwN6&img=1

0
0

GET
H2

200

b.php
www.facebook.com/fr/ Frame B9FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZbNRDQAAANuGEwN6&t=2592000&o=0

43 B
656 B

28ms
28ms

Image
image/gif

2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZbNRDQAAANuGEwN6&t=2592000&o=0

Protocol

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=()
date: Thu, 25 Jan 2024 22:28:32 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: public
x-fb-debug: oBQulrq1MsKsSU5KIC7CgFl2cAfV/313HkjmqcO1PgjAfgvUt7A+GF0iamEYsHccsO6KVcGscLhRl6chOtXc3g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Thu, 25 Jan 2024 22:28:32 PST

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706250513.867120,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZbNRDQAAANuGEwN6&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame B9FF 43 B
418 B 41ms
14ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 26 Jan 2024 06:28:33 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7279
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230103-FRA
pragma: no-cache
server: nginx
x-timer: S1706250513.994476,VS0,VE8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

ibs:dpid=152416&dpuuid=15w9hz1obdpcvrqyivlpdg0rz
dpm.demdex.net/ Frame B9FF
Redirect Chain

https://usr.undertone.com/userPixel/syncr?partnerid=32&gdpr=&gdpr_consent=&us_privacy=&r=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D%24UIDENC
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=15w9hz1obdpcvrqyivlpdg0rz

42 B
717 B

31ms
31ms

Image
image/gif

54.171.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=15w9hz1obdpcvrqyivlpdg0rz

Protocol

Server

54.171.67.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-67-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-022e7ff67.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: QHGuuTf3Q6I=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=15w9hz1obdpcvrqyivlpdg0rz
date: Fri, 26 Jan 2024 06:28:33 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame B9FF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=jSpKdGrSQHigwVRJ-5PR0g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77167203466992872660567968044757492851

43 B
479 B

113ms
113ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77167203466992872660567968044757492851

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 06:28:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FTAQPCQ48SM1A37KTBFV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

dcs: dcs-prod-irl1-2-v054-06a768924.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jan 2024 06:28:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 7/mteP39Tbg=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77167203466992872660567968044757492851
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK piisfze7qv45n2nwvudo.jpg
static.clubs.nfl.com/image/upload/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 49 KB
50 KB 8ms
8ms Image
image/webp 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/t_editorial_landscape_8_desktop_mobile/f_auto/rams/piisfze7qv45n2nwvudo.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8195f6844839490345b84b57ae3d6c9edd96967b240bfa993812ae255bab8a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:28:34 GMT
Via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 46660
Edge-Cache-Tag: 555424286822364760882311284937425556658,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 555424286822364760882311284937425556658,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="piisfze7qv45n2nwvudo.webp"
Connection: keep-alive
Content-Length: 50340
X-Request-Id: e469805bb7eb679c365844bf688977a0
X-Served-By: cache-iad-kiad7000141-IAD, cache-iad-kjyo7100120-IAD, cache-fra-eddf8230029-FRA
Last-Modified: Thu, 25 Jan 2024 17:30:55 GMT
Server: cloudinary
Surrogate-Reporting: width=824,height=464,bytes=50340,owidth=1600,oheight=900,obytes=1669317,ef=(1,11,17,23)
X-Timer: S1706250515.530037,VS0,VE2
Etag: "c06ad6dffd4e599d01400f8de7cb766b"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 31, 1

HEAD
H/1.1 200
OK /
www.therams.com/ 0
0 9ms
9ms Fetch
text/html 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/

Requested by

Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/live/NflUmdComponents.NFLToken.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Fri, 26 Jan 2024 06:28:34 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 6
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 63
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 95614
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200032-BUR, cache-fra-eddf8230110-FRA
X-NFL-Dma: 276004
server: envoy
X-Timer: S1706250515.737997,VS0,VE2
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/html
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.therams.com
URL: https://www.therams.com/

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZbNRDQAAANuGEwN6&img=1

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 15703-3-28437510
.demdex.net/	1970-01-20 22:16:42	Name: demdex Value: 77167203466992872660567968044757492851
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
.therams.com/	1970-01-21 03:33:30	Name: adobeujs-optin Value: %7B%22aam%22%3Afalse%2C%22adcloud%22%3Afalse%2C%22aa%22%3Afalse%2C%22campaign%22%3Afalse%2C%22ecid%22%3Afalse%2C%22livefyre%22%3Afalse%2C%22target%22%3Afalse%2C%22mediaaa%22%3Afalse%7D
.therams.com/	1970-01-21 02:43:06	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Jan+26+2024+07%3A28%3A29+GMT%2B0100+(Central+European+Standard+Time)&version=202401.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=3e0eb784-27a8-4980-b637-062ee2c74d0a&interactionCount=0&landingPath=https%3A%2F%2Fwww.therams.com%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.therams.com/	1970-01-21 03:26:18	Name: kndctr_F75C3025512D2C1D0A490D44_AdobeOrg_identity Value: CiY3NzM2MjU3NTIxMDI5OTg1ODg1MDU1MjMwMDcxMTk0MDkwNTE2NFIRCJq80qPUMRgBKgRJUkwxMAPwAZq80qPUMQ==
.therams.com/	1970-01-20 17:57:32	Name: kndctr_F75C3025512D2C1D0A490D44_AdobeOrg_cluster Value: irl1
.auth-id.nfl.com/	1970-01-21 02:43:06	Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: auth-id.therams.com
.everesttech.net/	1970-01-21 02:43:06	Name: everest_g_v2 Value: g_surferid~ZbNRDQAAANuGEwN6
.therams.com/	1970-01-21 03:19:06	Name: __gads Value: ID=dd8ebdcd1d9b3b02:T=1706250509:RT=1706250509:S=ALNI_MYxInniUMi95jhrqQ2aax7__m87hQ
.therams.com/	1970-01-21 03:19:06	Name: __gpi Value: UID=00000d49be19e572:T=1706250509:RT=1706250509:S=ALNI_MZuTVoQSs9IQRX69eScKM7CKPHe4g
.therams.com/	1970-01-20 22:16:42	Name: __eoi Value: ID=b7b6611985a5b27d:T=1706250509:RT=1706250509:S=AA-AfjYrv2zW1XVej8aQpaJ1cHdM
.dpm.demdex.net/	1970-01-20 22:16:42	Name: dpm Value: 77167203466992872660567968044757492851
.therams.com/	1970-01-21 03:33:30	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 179643557%7CMCIDTS%7C19749%7CMCMID%7C77362575210299858850552300711940905164%7CMCAAMLH-1706855309%7C6%7CMCAAMB-1706855309%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1706257709s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19756%7CvVersion%7C5.5.0
.exelator.com/	1970-01-20 20:50:18	Name: EE Value: "bb1f1b445bf8b5078e6f9c26bc3b96ce"
.doubleclick.net/	1970-01-21 03:19:06	Name: IDE Value: AHWqTUneCpCnYoF9BQcDNmivF16ojsw9W6ijAhAn_IC3jaEzuG5vvkGlJoTFDH4_bZY
.w55c.net/	1970-01-21 03:29:11	Name: wfivefivec Value: PP9psXrI1RtfHw5
.exelator.com/	1970-01-20 20:50:18	Name: ud Value: "eJxrXxzq6XKLQSEpyTDNMMnExDQpzSLJ1MDcItUszTLZyCwp2TjJ0iw5dXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR9bZAUA1BgqyQ%253D%253D"
.w55c.net/	1970-01-20 18:40:42	Name: matchdmx Value: 5
.mathtag.com/	1970-01-21 03:23:25	Name: uuid Value: 344f65b3-510e-4900-aae5-2a267aefd349
.adnxs.com/	1970-01-20 20:07:06	Name: XANDR_PANID Value: wXQ9xFvEOjid21EyyrjCfU4y9f8gQ356bPpEqp178P3uKMJlBzDu66BHeVFgnaM9h9jQOzdQmbVNRWcogUG-sydovD1MQZ8tc1l28TUoLZ0.
.adnxs.com/	1970-01-21 03:33:30	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:07:06	Name: uuid2 Value: 6912272092328135261
.turn.com/	1970-01-20 22:16:42	Name: uid Value: 3217190738923883784
.auth-id.therams.com/	1970-01-21 02:44:32	Name: gmid Value: gmid.ver4.AcbHErO5qw.4Rhiau7OTW88iPYfhOGQJ9KVTfArZtA5X46Q6fhb29GYmMPzgFL1Eho3y4cAAN0f.qQ7q0YlarpySGL1HO2FKcyAbJoKLrEXZgBqKzHmQ-G10J7htgBpp1RZKoiZ-ePPJyen9MBhEmmk9Fh4TYKAbHQ.sc3
.auth-id.therams.com/	1970-01-21 02:44:32	Name: ucid Value: WcE8CDed7UozW7DRvGnnGQ
.auth-id.therams.com/	1970-01-20 22:19:31	Name: hasGmid Value: ver4
.therams.com/	1970-01-21 02:43:06	Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ Value: auth-id_ver4
.auth-id.nfl.com/	1970-01-21 02:43:06	Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: false
.auth-id.nfl.com/	1970-01-21 02:43:06	Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: 15703-3-28437510
.google.com/	1970-01-20 22:21:01	Name: NID Value: 511=X4nKZteHj_Y_bvAUzBALHakaTaBW6WXBp3yfl5bNGltgiUKjSK7zQAPvXBGbJRNoA3CP32WlknCAqxmX3FmHeL9t_bCU0Brmwrt57hihkP5FTW86K48zdDgZYZiIJo-FyqeXDXDQtGVESItzWNruuaSJFzsaQA7pylzzeWaUSeo
.twitter.com/	1970-01-21 03:33:30	Name: personalization_id Value: "v1_QBy1lpcKglSjjmJsUPREPw=="
.everesttech.net/	1970-01-20 18:42:08	Name: ev_sync_ax Value: 20240126
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: ZbNRDwAAAELRbBC4
.advertising.com/	1970-01-21 02:43:28	Name: A3 Value: d=AQABBA9Rs2UCEMobeXtn0WtJymIj_9Ibue4FEgEBAQGitGW9ZeAQyiMA_eMAAA&S=AQAAAnS1qgsNKeSlRzkyVYuIB2A
.criteo.com/	1970-01-21 03:19:06	Name: uid Value: ae4fb362-123d-41c0-b2b4-2f00f6faa43e
.eyeota.net/	1970-01-20 17:57:31	Name: SERVERID Value: 21693~DM
.yahoo.com/	1970-01-21 02:43:28	Name: A3 Value: d=AQABBA9Rs2UCEL0dqp27A-bVL28Bxf6yB00FEgEBAQGitGW9ZeAQyiMA_eMAAA&S=AQAAAuwphGHqBHYrXbG-8ZveuDk
.analytics.yahoo.com/	1970-01-21 02:43:06	Name: IDSYNC Value: 19cu~2ge6
.everesttech.net/	1970-01-20 18:42:08	Name: ev_sync_yh Value: 20240126
.casalemedia.com/	1970-01-21 02:43:06	Name: CMID Value: ZbNREM4RPiQ7Nbm9yj91-wAA
.casalemedia.com/	1970-01-20 20:07:06	Name: CMPS Value: 1139
.casalemedia.com/	1970-01-20 20:07:06	Name: CMPRO Value: 1139
.adnxs.com/	1970-01-20 20:07:06	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GVGfO7/^!]tbPl1MwL(!R7qUY#R8Cb`uVYWJWp[SqwZX>-ON:?8]<QG=%9sk?bIRwi:w9Ld1ibtOUB+NK1Q67Oe!@Fu`=DO=
.demdex.net/	1970-01-20 22:16:42	Name: dextp Value: 269-1-1706250509880\|3-1-1706250509984\|359-1-1706250510086\|358-1-1706250510196\|470-1-1706250510296\|843-1-1706250510397\|640-1-1706250510531\|771-1-1706250510641\|1123-1-1706250510751\|1083-1-1706250510851\|1085-1-1706250510952\|1086-1-1706250511054\|1087-1-1706250511154\|1088-1-1706250511255\|903-1-1706250511355\|6835-1-1706250511456\|19913-1-1706250511556\|28645-1-1706250511657\|30064-1-1706250511758\|30646-1-1706250511858\|30862-1-1706250511959\|83349-1-1706250512059\|144230-1-1706250512160\|144231-1-1706250512260\|144232-1-1706250512361\|144233-1-1706250512461\|144234-1-1706250512562\|144235-1-1706250512662\|144236-1-1706250512763\|144237-1-1706250512863\|147592-1-1706250512964\|152416-1-1706250513064\|139200-1-1706250513165
.undertone.com/	1970-01-21 02:43:06	Name: UTID Value: 13a85f81b01345f8b519f45c21c2a8ef
.undertone.com/	1970-01-21 02:43:06	Name: UTID_ENC Value: 15w9hz1obdpcvrqyivlpdg0rz
.amazon-adsystem.com/	1970-01-20 23:56:04	Name: ad-id Value: A_Ut89TwNk_4jAELXCC5WPw
.amazon-adsystem.com/	1970-01-21 03:33:30	Name: ad-privacy Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.therams.com/(Line 43) Message: A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=4ebe4e686e59662e51961e5342577142' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/(Line 44) Message: A preload for 'https://www.therams.com/compiledassets/theming/73aa97c7b09e54db9991a3b8d928ff60' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZbNRDQAAANuGEwN6&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

207fc6b302864d99d7e75246082c0b5d.safeframe.googlesyndication.com
adb2waycm-atl.netmng.com
adobedc.demdex.net
ads.yahoo.com
analytics.twitter.com
api.nfl.com
apis.google.com
assets.adobedtm.com
auth-id.nfl.com
auth-id.therams.com
cdn.cookielaw.org
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
geolocation.onetrust.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
odr.mookie1.com
p.nfltags.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
s.amazon-adsystem.com
securepubads.g.doubleclick.net
sedge.nfl.com
smetrics.nfl.com
static.adsafeprotected.com
static.clubs.nfl.com
static.www.nfl.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
therams.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
www.facebook.com
www.google.com
www.googletagservices.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
sync.search.spotxchange.com
www.therams.com
104.244.42.67
104.76.200.221
142.250.185.130
151.101.1.153
151.101.129.153
151.101.130.49
151.101.193.153
151.101.65.152
151.101.65.153
172.64.151.101
18.232.230.211
18.245.86.107
185.64.191.210
185.89.210.90
2001:678:cb4:bbbb::13
216.200.232.249
23.60.198.68
2600:1f18:1aca:4281:e69e:41ac:e0e3:e5ea
2600:9000:223f:200:8:48e:53c0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2a00:1288:80:807::2
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a02:2638:3::c
2a02:26f0:480:980::1e80
2a02:6ea0:c700::22
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::300
3.120.214.218
3.33.220.150
3.71.149.231
34.160.236.64
34.98.64.218
35.158.172.152
52.212.233.39
52.46.130.91
54.171.67.28
54.78.254.47
63.140.62.17
63.140.62.222
63.33.146.168
65.9.66.7
69.173.144.138
99.80.28.62
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0287efa7f1ed49b833957fe52fd39abbcaa5bfa7cdc96906678371855d6ba505
02953508d54e8a87e9adcb687c9142334b836fa57a9e4ff0f6d4e92d86e71c2a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46
0fff7310fff3c4d95e3a11e414e3d3987ff10b09e3e03122584b6d6f1c7f2ad8
1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9
1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de
17c80afcd3ad2e0f5c0b1590b635b69e3999a3ff7f69967b1221c71f742358be
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21526c41f30608596fa5a57e2c8f77d8443d33b5f6304c5b5f2f7bd47ef3c04a
228642054750cd29bfdbba2288f9df9e10f4c1d46da5ea1ccfa926598f09d04f
237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2
2394606566bd2d0792b4829cedb17f1c18af0009d537f2b25ecee8ec84b9c0f4
24b472fc4054b5edf1a0c5c93f086a1fe8f432496c3fc457f87edc69f929ead4
29976a1bb7c213908cf78db48551e916f09fb8b5f0a5c18cb13e8d38a1a943e3
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3105c8995f915f85b37c896de0050697be8b9954b0b13bc8478a53d10ee2bcaa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3408b6970de177a38def029919a6d72a6e629081d3bdbbdb25e5807927bf393e
36a4c980bc4024b38e9fd9d167e045c2cba058c6b24b0518facdee5111435578
3777a970c481189b7cedba929e89a12fae4e88f672527fe1c41586c5553cf62a
3a422bdcfc06c5eed831f1729318713595998afd558efae65717e4c017dcb7d1
3b5b083fa0d4a51d29f733f28ac95bc5ad1cced5ebf0f4d1ce9d1f92752effc0
3da4da16760caf1db80c47705dc61efdd0a41555b34d38a241861a22cb70893f
451d404c418a7bb949e4fc1450eca798734b2fd4e187195a998c3673b0c1b4e0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
4a9e289a3dda7af6cd687c57cbf814c5e29fb4ab990b7002a459ba2fdd6b8ff9
4b52a34662c5a465a5b3339412a91a8abdbad71bdfdeb321104da2d1486477cb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4cec2a74d34a2dfb29d277f7f579c29f04154b10de5219b50999f105e89ce7d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e79ce568e1b90f3af6a9aa5ed12984eace19ab83399937b92faaf36c96f2e03
4f94e34d9405b21b66c51f109f21d37c847d3a0f3dd62b848823382a20721745
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56369ff57d2e20525b62ef7e4b4d8f55f6de6e15dd3a751a4ba6f06e71bc61d9
56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45
56fcaa6ca0bbb2ce7bc8450a449052c284d62103d7c18689b899394aceaf94b8
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
58f246bdfff46cb69f834273da1e5c1c3c1780a5aadfb83ef0d27944888178aa
58ffee43acf37dc1b773550c480c64e9c3a36ed7065013d38873e3c7556b03ed
59460e352003ed781589fe97dc3613127cb8f4010d2f1e2a70bd1a78a10663e2
5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe
5f3e856aa6455314ea2f2757e4c7a05e343d6f643f82cb26438165d36b93416b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
64800b4c232d3c5651b32380e6d40dd7441b24a6379372adf68b36c7540354f1
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69a53ae8e402a25abc88acf3fba1840ae7e371df38eee6dc6fc319462f7c2a88
6a94d75436ca439f66977aee9f40696609cb8f8f0c71e333a5c3e3822598c889
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
8195f6844839490345b84b57ae3d6c9edd96967b240bfa993812ae255bab8a33
82515c0f922258f4154443f676019e7a222f85afb23bc81ceb616ac055ac61bc
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
8a17736f1dcbc7001d428bb960455a178bf614a20c570cc8164c24e0a4d06405
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fdff8dc0c13d4e94cedd8c000fdf91607166c5178189d289fbe2161e478db7d
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90ada510953d8fdbbf2337a3eecfeed8788fd036fce40714c4b1ec1d47170317
95c3382f5188f2cae047c8177a34a27b66b166789a35aac767019d6db48d4105
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9abb02fbc0db35214be997cd7f31d1223da13ec62dd002207df1fdf8aa18ee7d
9bac4096a9f98d42d5bd92d50f7cf7f06508cd8997a7c08b95ad567bed8cd71d
9c059e216fcca43b5c7ec4d4587332f2a71fb541f84838e9736138427ca97c0a
9c6e9d3723d44cbff030dc5f5ef771f9e664a34c8b045513ecfaa47329238a57
9f397381c3df41ea1a4714a1dfea67c1381e25627a18596201af50c40d93ab06
a19a9f185ab862539303b8432d1382f7adf07dcd379052a4e1b8fccd87d06188
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a2c8fb1860d2400fba75c9f25854bf3a90aa229b72e48a16c5a1d892874f46ee
a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4
a4362ccc76243f769ad5e6741022149daa11d6a012a336a8c0b4de087288e3d9
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
abf45f81e139a0f47ace8c3996c513a75806377d830ce79de97041b7a851d66f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afdf02465bb9070aac746864213bc0b78cc606eb6438a9218c283af0823e052a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2250c4990755371008b32908df9b73ca7b4013599dc24f73f9fbc7e32241636
b7864b0025eda57823ecbe67b5921e4d3e1e7447aecd6049b9263140e4ab1b4d
bab3635185f758bffecbdd713e4118b937cc4f518d385ee907afb508e84d9fa7
bcd2cdc5985a1cac0f1ee443788c768f2f9a5524aafbe9b2e2b4456575b8f2b0
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c1427ebe9e4aea71d8320c0ca7e13d059cbdbaa6d0c5456d29f8d714e2bb076b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525
c3a20f434154778f2069e00420a934fbe084f7b986288b1eabfa528a29329700
c65fffadee44e2a2c126e3c27959185aa0a64b44e78ec115b9deb3f98a200646
c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb
d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d7246351e5ad74131a63e1bb9d55bbb6507eb5c5e818d58c7df456c1eb86ff35
d8cb1e65dd1827d27138af3752883708f9a1e2003127e71f692c6f95e72415a3
df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652
e0089b4981938f78d1fce5e2142ad697be916e711d779652c51ba08c228f280c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e878127502e2973c3f51e75850913de20e4c9ea0f8f49a6c7f5405d5c3d652dd
e953e253e27a3f7f474759e538f54a2dd15fcf6f900186ddb4d8496365b003c1
ea1fc031348ed2234403b920f264b5e4367d851e26dbdeca232be7a973d02b67
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ee1624401ac9bb7e00f7d7ec3f1a7fee4dab71e3b3037244783eee706ed698d4
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ac6fc0c8fd6868ff7653040cbd859ec3d8799fb6352e1272053ee8a84d92bc
f40afc8457ed1add36faccb0c26e8d65d5c613e3bc236f1bb093293cbfee9a1c
f82ffdc673fa4a7a394571fe0a6321cfb93d693ea62ae58db9b9e4946086ac32
f8a139981532272bfb9a222dca3eecd0302cc336a5b0ec1a4ab4d5de89d7a3ad
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9
fff72fc79ca6bcebb937f4156a84dc4eea443a49195a02cf8a9fb15e844d380c

www.therams.com Open in urlscan Pro 151.101.129.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

209 Requests

85 %HTTPS

38 %IPv6

39 Domains

59 Subdomains

42 IPs

5 Countries

3990 kBTransfer

10909 kBSize

50 Cookies

61 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.therams.com Open in urlscan Pro
151.101.129.153 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

85 %
HTTPS

38 %
IPv6

39
Domains

59
Subdomains

42
IPs

5
Countries

3990 kB
Transfer

10909 kB
Size

50
Cookies

209 HTTP transactions
8 data transactions