www.therams.com Open in urlscan Pro
151.101.129.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.therams.com/schedule/
Submission: On May 23 via api (May 23rd 2023, 8:04:33 pm UTC) from US — Scanned from DE

Summary HTTP 198 Redirects Links 94 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 45 domains to perform 198 HTTP transactions. The main IP is 151.101.129.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 537023.
TLS certificate: Issued by R3 on April 18th 2023. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	151.101.129.153 151.101.129.153	54113 (FASTLY) (FASTLY)
11	2606:4700::68... 2606:4700::6813:bb61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:480... 2a02:26f0:480:99e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.65.153 151.101.65.153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
17	13.224.103.12 13.224.103.12	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.152 151.101.193.152	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.193.153 151.101.193.153	54113 (FASTLY) (FASTLY)
2 14	54.73.43.225 54.73.43.225	16509 (AMAZON-02) (AMAZON-02)
1	151.101.0.114 151.101.0.114	54113 (FASTLY) (FASTLY)
1	52.31.219.190 52.31.219.190	16509 (AMAZON-02) (AMAZON-02)
8 8	18.200.219.45 18.200.219.45	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.113 66.235.152.113	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	69.192.160.253 69.192.160.253	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
4	46.51.133.242 46.51.133.242	16509 (AMAZON-02) (AMAZON-02)
2 2	3.64.145.154 3.64.145.154	16509 (AMAZON-02) (AMAZON-02)
9	65.9.66.36 65.9.66.36	16509 (AMAZON-02) (AMAZON-02)
4	151.101.1.153 151.101.1.153	54113 (FASTLY) (FASTLY)
2 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2600:9000:223... 2600:9000:223f:2800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1 1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2600:1f18:1ac... 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e	14618 (AMAZON-AES) (AMAZON-AES)
7 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
6 12	54.76.246.74 54.76.246.74	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
8 8	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1 1	18.244.179.12 18.244.179.12	16509 (AMAZON-02) (AMAZON-02)
1 1	18.66.97.32 18.66.97.32	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
198	53

44 151.101.129.153 (United States)

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:99e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.153 (United States)

ASN54113 (FASTLY, US)

p.nfltags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 13.224.103.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-12.zrh50.r.cloudfront.net

rams.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.152 (United States)

ASN54113 (FASTLY, US)

api.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.153 (United States)

ASN54113 (FASTLY, US)

static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.73.43.225 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.219.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-219-190.eu-west-1.compute.amazonaws.com

nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.200.219.45 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-219-45.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.113 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-113.data.adobedc.net

nflenterprises.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

32720c1b69723bd07848bc27787038d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.253 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-253.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.51.133.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-133-242.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.145.154 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-145-154.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.66.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-36.fra56.r.cloudfront.net

auth-id.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.153 (United States)

ASN54113 (FASTLY, US)

static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:2800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

auth-id.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.76.246.74 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-246-74.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.179.12 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-179-12.lhr61.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-32.fra56.r.cloudfront.net

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	therams.com www.therams.com — Cisco Umbrella Rank: 537023 auth-id.therams.com	517 KB
28	everesttech.net 22 redirects cm.everesttech.net — Cisco Umbrella Rank: 1022 pixel.everesttech.net — Cisco Umbrella Rank: 4412 sync-tm.everesttech.net — Cisco Umbrella Rank: 606	10 KB
21	nfl.com api.nfl.com — Cisco Umbrella Rank: 24377 static.clubs.nfl.com — Cisco Umbrella Rank: 32016 auth-id.nfl.com — Cisco Umbrella Rank: 31128 static.www.nfl.com — Cisco Umbrella Rank: 30494	663 KB
17	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 685 static.adsafeprotected.com — Cisco Umbrella Rank: 595 dt.adsafeprotected.com — Cisco Umbrella Rank: 569	200 KB
17	formstack.com rams.formstack.com static.formstack.com — Cisco Umbrella Rank: 24850	321 KB
17	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	170 KB
15	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 200 nfl.demdex.net — Cisco Umbrella Rank: 33080	18 KB
13	googlesyndication.com 32720c1b69723bd07848bc27787038d4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132 pagead2.googlesyndication.com — Cisco Umbrella Rank: 93	119 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 368	215 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 109	117 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 272 cms.analytics.yahoo.com — Cisco Umbrella Rank: 991 ads.yahoo.com — Cisco Umbrella Rank: 5909	1 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 448	112 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 273	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1397 load77.exelator.com — Cisco Umbrella Rank: 3435	2 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 437 ajax.googleapis.com — Cisco Umbrella Rank: 320 fonts.googleapis.com — Cisco Umbrella Rank: 35	35 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 5675 evt.undertone.com — Cisco Umbrella Rank: 5357	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 694	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 413	757 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	439 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	89 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 752	1 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	107 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037 www.google.de — Cisco Umbrella Rank: 6080	939 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 635	372 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 820	449 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 436	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 315	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1108	213 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 924	418 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 1375	331 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	265 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 637	394 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1269	175 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1144	402 B
1	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 10999	164 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 482	696 B
1	omtrdc.net nflenterprises.tt.omtrdc.net — Cisco Umbrella Rank: 31507	846 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3699	46 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 587	303 B
1	nfltags.com p.nfltags.com — Cisco Umbrella Rank: 31123	92 KB
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
198	45

	Domain	Requested by
44	www.therams.com	www.therams.com
14	dpm.demdex.net	2 redirects www.therams.com
13	static.formstack.com	rams.formstack.com
12	pixel.everesttech.net	6 redirects
11	cdn.cookielaw.org	www.therams.com cdn.cookielaw.org
9	dt.adsafeprotected.com	www.therams.com
9	auth-id.nfl.com	cdns.us1.gigya.com auth-id.nfl.com
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
8	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	static.clubs.nfl.com	www.therams.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	static.adsafeprotected.com	pixel.adsafeprotected.com www.therams.com
4	static.www.nfl.com	www.therams.com
4	pixel.adsafeprotected.com	www.therams.com
4	rams.formstack.com	www.therams.com static.formstack.com
4	assets.adobedtm.com	www.therams.com assets.adobedtm.com
3	s.amazon-adsystem.com	2 redirects
3	www.google-analytics.com	static.formstack.com www.google-analytics.com
3	ib.adnxs.com	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	gum.criteo.com	2 redirects
2	www.facebook.com	connect.facebook.net
2	ups.analytics.yahoo.com	1 redirects
2	connect.facebook.net	cdns.us1.gigya.com connect.facebook.net
2	apis.google.com	cdns.us1.gigya.com apis.google.com
2	www.google.com	tpc.googlesyndication.com
2	pm.w55c.net	2 redirects
2	loadm.exelator.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	api.nfl.com	p.nfltags.com
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	pixel.advertising.com	1 redirects
1	match.adsrvr.org
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	analytics.twitter.com	www.therams.com
1	auth-id.therams.com	cdns.us1.gigya.com
1	x.dlx.addthis.com	1 redirects
1	d.turn.com	1 redirects
1	load77.exelator.com	www.therams.com
1	cdns.us1.gigya.com	www.therams.com
1	sync.mathtag.com	1 redirects
1	32720c1b69723bd07848bc27787038d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	fonts.googleapis.com	ajax.googleapis.com
1	nflenterprises.tt.omtrdc.net	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	cdn.evgnet.com	rams.formstack.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ajax.googleapis.com	www.therams.com
1	p.nfltags.com	www.therams.com
1	imasdk.googleapis.com	www.therams.com
0	adb2waycm-atl.netmng.com Failed	www.therams.com
198	68

This site contains links to these domains. Also see Links.

Domain
www.ramsfanshop.com
www.pntrac.com
sports.yahoo.com
ramsnewlook.com
static.clubs.nfl.com
www.nfl.com
onlocationexp.com
www.ticketmaster.com
ramssuites.com
www.hilton.com
itunes.apple.com
play.google.com
www.teamworkonline.com
am.ticketmaster.com
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.commanders.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com
privacyportal.onetrust.com
www.onetrust.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
ndc-production-san.nfl.com R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
*.formstack.com Amazon RSA 2048 M02	`2023-03-20` - `2024-04-17`	a year	crt.sh
clubsweb.san1.nfl.com R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
cdns.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-07` - `2023-12-07`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
auth-id.nfl.com Amazon RSA 2048 M01	`2023-02-17` - `2023-11-20`	9 months	crt.sh
static.www.nfl.com R3	`2023-04-23` - `2023-07-22`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
auth-id.therams.com Amazon RSA 2048 M02	`2023-03-01` - `2023-11-16`	9 months	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.therams.com/schedule/
Frame ID: 70D64539518387624968F28666409BEA
Requests: 134 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: B7EF68CEAD22EC65A1CA8840F8792375
Requests: 34 HTTP requests in this frame

Frame: https://32720c1b69723bd07848bc27787038d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9981E60E4001A2955D70215115E00E9A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUnk9rpJyx5wb41c9kOS42616EPTbDizks_JG021qLEUVBtrhuGhGQFKFsKaiBiOpIkohXQT9HxALstTJn_BZQLtaLv-7qcSQi8hugzXM7IPI5s05G83o67KPMqYvjnLI4wSrfFwC5qhg0bYOSbdkqeNu5wXszI8qW_-a_eVboB8_f7j0AA_u4vEBx75gx_xfbeZ-pUvmU1TEurPRfU-455U7tHpSjIvN1sYooUTiqaBN1rOMwClrvylXDNcsIsAAfXEsJjYxHKU0ooJGi0S_j_b0XuEA2c7UPW0EkJ2epBqzVzPQc0XT_HS2jDm8lihFWZDc&sai=AMfl-YR1v-5c5wr7DfVi91p3y34T20jc54WM6KG4NxFxrgnOqP0bCkb0FpHLachdoPofhE1psW_vmGtfommicP-cOH-Zf0DXmfcY2qsRkZFe1jg0heCCwbjkINwmcxPcY46uQNRECavCmgd2pAPOeL0&sig=Cg0ArKJSzOFj48vsjbrREAE&uach_m=[UACH]&adurl=
Frame ID: 8C0711A98F9ECC694E55E6735C6B0C35
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0eab8ka66DoFFA0RtH5B5CRsykX30K72oiDTrMjXT9JWhqB8bhFKeJag4crzyGBuYG5MsGBY2qlaKZeVA21XfNT0Ga1hoPRqSdVDHsCNSeLLEGKtAWwnMtHNPgLb8dqEyZiFaOzVtmIxvO7ppD7_3BF-C3HDzQzYOAU6dSurxgEj1eBbB_OkAUhTL7WhnKtusguc09qaTgO_YWrwSp6A57f4qcjcjlgd3VY-I_gteGP-3nwVfMpzaCYixCqjqDSkjhDk6rEMNT8qrNiZ72WBTkNyjsRbaqSDV68mbVeryTMrhfwa0lgkaJIZx3KYN6NXbSbE&sai=AMfl-YT44Iym9cdTrrG2hF3zFhAx36Yq5YmfYIowQCOrgZMXVJw8D_d8FqvAClQT_imNym8YebMn0xBYtJez82hiZUGJCY6C2Lp_PvJmg-mHyzxiEtmLvvE5sy_UijdaIrFxVb6dH_s_jpbHpWBokz4&sig=Cg0ArKJSzFigPvYhN3arEAE&uach_m=[UACH]&adurl=
Frame ID: 6B36651FAD2D15DB231156B13835D0E0
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=1055692691&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Frame ID: 669EA7F77A073FEF3DA2CB6E9293C4D5
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5222449639&chanId=182654973&placementId=6295301662&pubCreative=138432734011&pubOrder=3200570583&cb=1427185100&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Frame ID: A7D8CCE44DFF646735D28D14A9BD4F33
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F5749538C035AEDAF4B0D1DA40FBDAED
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 52C0382507B337FD9F713F3A738C922C
Requests: 1 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
Frame ID: E3F62BB35B7B3E8B2F37A69BAB0B7667
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: 26A49FF36D1B894681525213D878C8DA
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: FF9986CF0A945CD60A2FA67836F38497
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37766BD0918B327A4A27F3F620D155B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 147C908AEE8AEFC7713FF7EEECA4828C
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: 1119560ADE3A51396A42BE03984E94D1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rams Schedule | Los Angeles Rams - therams.comBack ButtonFilter Button

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

198
Requests

84 %
HTTPS

41 %
IPv6

45
Domains

68
Subdomains

53
IPs

8
Countries

3061 kB
Transfer

8179 kB
Size

55
Cookies

94 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://www.pntrac.com/t/2-479175-57835-55814
Title: NFL+

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: https://ramsnewlook.com/
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://static.clubs.nfl.com/image/upload/v1683845157/rams/qbjlnkg3rzksfz0ixtuv.pdf
Title: Printable Schedule

Search URL Search Domain Scan URL

URL: https://www.nfl.com/schedule
Title: League Schedule

Search URL Search Domain Scan URL

URL: https://onlocationexp.com/nfl/super-bowl-tickets
Title: Fan Travel Packages

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-tbd-preseason-inglewood-california/event/0A005E95A2F92923?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_PR1
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/PreSeason-Game-1-Los-Angeles-Rams-vs-TBD-82262/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/destination-guides/los-angeles/?WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85582
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-tbd-preseason-inglewood-california/event/0A005E95A2FD2926?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_PR2
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/PreSeason-Game-2-Los-Angeles-Rams-vs-TBD-82263/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/1E005E95935B3007?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_PR1&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_PR1
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/?query=Denver&WT&WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageDenver6MULTIBR7CAPHXHub8i86002
Title: STAY WITH HILTON

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/0F005E98A2DB63F8?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_SEAHAWKS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_SEAHAWKS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/hilton-honors/?query=Seattle&WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85590
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-san-francisco-inglewood-california/event/0A005E95A3062933?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_49ERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-San-Francisco-49ers-82264/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/16005E9BE18C708F?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_BENGALS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_BENGALS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/hilton-honors/?query=Cincinnati%2C%20Ohio&WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85583
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/05005E95A7F13716?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_COLTS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_COLTS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/?query=Indianapolis&WT&WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageIndianapolis6MULTIBR7CAPHXHub8i86003
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-philadelphia-eagles-inglewood-california/event/0A005E95A2F1291A?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_EAGLES
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Philadelphia-Eagles-82269/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-arizona-cardinals-inglewood-california/event/0A005E95A2E7290C?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_CARDINALS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Arizona-Cardinals-82266/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-pittsburgh-steelers-inglewood-california/event/0A005E95A2F5291C?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_STEELERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Pittsburgh-Steelers-82268/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/0C005E9AC447371B?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_COWBOYS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_COWBOYS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/destination-guides/dallas/?WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageDallasDest6MULTIBR7CAPHXHub8i86005
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/07005E94A1801933?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_PACKERS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_PACKERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/hilton-honors/?query=Green%20Bay%2C%20Wisconsin&WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85589
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-seattle-seahawks-inglewood-california/event/0A005E95A3012930?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_SEAHAWKS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Seattle-Seahawks-82265/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/19005E9ABF244238?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_CARDINALS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_CARDINALS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/?query=Phoenix&WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85584
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-cleveland-browns-inglewood-california/event/0A005E95A2EA290E?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_BROWNS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Cleveland-Browns-82271/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/15005E9CE170634C?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_RAVENS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_RAVENS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/?query=Baltimore&WT&WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageBaltimore6MULTIBR7CAPHXHub8i86006
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-washington-commanders-inglewood-california/event/0A005E95A30A2938?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_COMMANDERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Washington-Commanders-82270/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-new-orleans-inglewood-california/event/0A005E95A2ED2910?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_SAINTS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-New-Orleans-Saints-82267/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/00005E96EA2D916F?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_GIANTS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_GIANTS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/destination-guides/new-york-city/?WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageNYDest6MULTIBR7CAPHXHub8i86008
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/1C005E8DA6FE3C10?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_49ERS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_49ERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/destination-guides/where-to-stay-san-francisco/?WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageSFDestinationGuide6MULTIBR7CAPHXHub8i86001
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8
Title: DOWNLOAD FOR iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams
Title: DOWNLOAD FOR ANDROID

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: Rams Account Manager

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/

Search URL Search Domain Scan URL

URL: https://www.bengals.com/

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/

Search URL Search Domain Scan URL

URL: https://www.steelers.com/

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/

Search URL Search Domain Scan URL

URL: https://www.patriots.com/

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/

Search URL Search Domain Scan URL

URL: https://www.colts.com/

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/

Search URL Search Domain Scan URL

URL: https://www.chargers.com/

Search URL Search Domain Scan URL

URL: https://www.raiders.com/

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/

Search URL Search Domain Scan URL

URL: https://www.packers.com/

Search URL Search Domain Scan URL

URL: https://www.vikings.com/

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/

Search URL Search Domain Scan URL

URL: https://www.giants.com/

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/

Search URL Search Domain Scan URL

URL: https://www.commanders.com/

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/

Search URL Search Domain Scan URL

URL: https://www.panthers.com/

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/

Search URL Search Domain Scan URL

URL: https://www.49ers.com/

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/46acd508-0e8d-40cd-af22-1a8bdfa6da60/224a3598-1b25-497d-9273-be255f55461c
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872260893 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872260893

Request Chain 51

https://cm.everesttech.net/cm/dd?d_uuid=38043003982057499002171484162072250839 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0cRQAAAM8n1QNn

Request Chain 76

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=38043003982057499002171484162072250839&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d38043003982057499002171484162072250839 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=4f7f646d-1c47-4a00-9b9d-df8854e44826&ddsuuid=38043003982057499002171484162072250839

Request Chain 83

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=38043003982057499002171484162072250839 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=38043003982057499002171484162072250839&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 88

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=Ae01xhWa1Q1yf45

Request Chain 98

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6474783599105034374

Request Chain 114

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3555114024213846367

Request Chain 122

https://x.dlx.addthis.com/e/demdex_sync?na_exid=38043003982057499002171484162072250839&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320042300048593396115

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzgwNDMwMDM5ODIwNTc0OTkwMDIxNzE0ODQxNjIwNzIyNTA4Mzk= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOS637VgvIkBKfIKprL22vk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 139

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEOcOox63cR7J_nDTN5WmBus&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 146

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEOcOox63cR7J_nDTN5WmBus&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 155

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEOcOox63cR7J_nDTN5WmBus&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 164

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEOcOox63cR7J_nDTN5WmBus&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 169

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEOcOox63cR7J_nDTN5WmBus&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 178

https://pixel.advertising.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true&verify=true

Request Chain 180

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEOcOox63cR7J_nDTN5WmBus&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 183

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yqFr-x9XAJcq5NWbesy57KC1wteJTSh4&gdpr=0&gdpr_consent=

Request Chain 184

https://ps.eyeota.net/match?bid=6j5b2cv&uid=38043003982057499002171484162072250839&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 185

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=38043003982057499002171484162072250839&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-i1z.9gZE2pHpwrxV_EdTCpmHDnld4lnrtGk-~A

Request Chain 187

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0cRQAAAM8n1QNn&sigv=1&esig=1~2dfe8fa30a7b5f2e66e22054324bc51996ebe409

Request Chain 188

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwY1JRQUFBTThuMVFObg==

Request Chain 190

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0cRQAAAM8n1QNn&expires=90

Request Chain 191

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0cRQAAAM8n1QNn HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0cRQAAAM8n1QNn&C=1

Request Chain 192

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZG0cRQAAAM8n1QNn

Request Chain 193

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0cRQAAAM8n1QNn

Request Chain 194

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0cRQAAAM8n1QNn

Request Chain 195

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0cRQAAAM8n1QNn&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0cRQAAAM8n1QNn&img=1&__user_check__=1&sync_id=049c5ecc-f9a5-11ed-84f7-1a377c5d0306

Request Chain 196

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0cRQAAAM8n1QNn&t=2592000&o=0

Request Chain 198

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 199

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=CE0qjXA6QOOs62io7UBosg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=38043003982057499002171484162072250839

198 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.therams.com/schedule/ 298 KB
62 KB 643ms
309ms Document
text/html 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

08cc2f9a2162a2ea56ee26c9ec7f611d4ede6a266e126d76ebb50e789affddd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: public, max-age=5
Connection: keep-alive
Content-Length: 63079
Date: Tue, 23 May 2023 20:04:20 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-NFL-Dma: 276003
X-NFL-Geo: country_code=DE
X-Served-By: cache-bur-kbur8200087-BUR, cache-fra-eddf8230093-FRA
X-Timer: S1684872260.992794,VS0,VE286
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
origin-site: LA3
server: envoy
service-worker-allowed: /
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-envoy-upstream-service-time: 92
x-html-minification-powered-by: WebMarkupMin
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 626 KB
112 KB 12ms
8ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/schedule/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 25
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 113395
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200044-BUR, cache-fra-eddf8230093-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:43:56 GMT
server: envoy
X-Timer: S1684872260.324440,VS0,VE1
etag: "1d9874c709868d2"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK 30e9f848f389db282054c914c30dd755
www.therams.com/compiledassets/theming/ 17 KB
4 KB 53ms
21ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/schedule/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1798158
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 25
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3710
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200137-BUR, cache-fra-eddf8230123-FRA
X-NFL-Dma: 276003
server: envoy
X-Timer: S1684872260.362620,VS0,VE2
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 61ms
21ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JYwMFRCSwBZdNsd6Nb17qg==
age: 14661
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6766
x-ms-lease-status: unlocked
last-modified: Mon, 22 May 2023 17:17:51 GMT
server: cloudflare
etag: 0x8DB5AE879496250
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 38a1e82d-701e-007b-4a06-8db356000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbfe84b48df9158-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 169ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cc45fd555b4c0f07d977d11294802f8c3fbeae072daa475e4966c7711fdcae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25342
x-xss-protection: 0
server: cafe
etag: 99 / 19500 / m202305180101 / config-hash: 3349684995448228437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 20:04:20 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 78 KB
28 KB 110ms
11ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcad30472d959caa42adf95b1e12c0d0cf8ca99ee5ac7bf0d2734dfdd153e68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 19:38:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Tue, 23 May 2023 20:06:11 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 314 KB
89 KB 126ms
15ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bdf96b01cde1b036361c160832a5f698dc9781a2c73972124bbe07b3f3a6c9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: gzip
last-modified: Thu, 11 May 2023 22:57:52 GMT
server: AkamaiNetStorage
etag: "316862f17602b1fe8d4c5eed251707dd:1683845872.457083"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 90584
expires: Tue, 23 May 2023 21:04:20 GMT

GET
H/1.1 200
OK NflUmdComponents.NFLToken.js Show response
p.nfltags.com/nfl/ 271 KB
92 KB 112ms
20ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e504538b0e71c48c3a1747e2a2ea3587ae91506582adcadee07aa7af978203e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires: Tue, 23 May 2023 20:04:50 GMT
Date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 56
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
Content-Length: 93737
X-Served-By: cache-bur-kbur8200079-BUR, cache-fra-eddf8230056-FRA
last-modified: Mon, 24 Apr 2023 17:41:19 GMT
server: envoy
X-Timer: S1684872260.421761,VS0,VE2
etag: W/"6446bf3f-43c46"
Vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 1440278, 1

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 48ms
10ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 12:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 May 2024 12:21:11 GMT

GET
H2 200 2020singleschedule Show response
rams.formstack.com/forms/js.php// 157 KB
158 KB 533ms
435ms Script
text/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rams.formstack.com/forms/js.php//2020singleschedule?

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-12.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

69f8090fb59cb79bb1d56d99512d91d5fd2f297ee69490aeb91bca904c04add7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=5, public
x-amz-cf-id: up6FO7ZKi05GuKZoa_daTNMkhLFYBhOjTpaUwYlo98EVutPYPgLXwA==
expires: Tue, 23 May 2023 20:04:25 GMT

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 626 KB
112 KB 53ms
23ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 25
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 113395
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200044-BUR, cache-fra-eddf8230061-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:43:56 GMT
server: envoy
X-Timer: S1684872260.362649,VS0,VE3
etag: "1d9874c709868d2"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK 30e9f848f389db282054c914c30dd755
www.therams.com/compiledassets/theming/ 17 KB
4 KB 53ms
19ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1798597
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 30
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3710
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200137-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
server: envoy
X-Timer: S1684872260.362849,VS0,VE3
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 15ms
15ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 25
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200030-BUR, cache-fra-eddf8230061-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872261.624585,VS0,VE1
etag: "1d9874b70dd3cca"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 84aeb24d-03a4-4fdc-8d4b-371212102069.json Show response
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/ 4 KB
2 KB 87ms
16ms XHR
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/84aeb24d-03a4-4fdc-8d4b-371212102069.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3809d41298c5c400bb68f7d47dbd764f71f21eb9c6ed3d6044c8005e883df513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: yuxzHqWqr1FdB4xcsrriIQ==
age: 43563
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1699
x-ms-lease-status: unlocked
last-modified: Mon, 24 Apr 2023 22:28:00 GMT
server: cloudflare
etag: 0x8DB451329399762
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 05fdf205-c01e-0144-04fc-7642df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbfe84c6e3139bc-FRA
expires: Wed, 24 May 2023 20:04:20 GMT

POST
H2 200 token Show response
api.nfl.com/identity/v3/ 1 KB
1 KB 319ms
313ms Fetch
application/json 151.101.193.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: d6610e9377ef0a02e7e59dc98052dd9a6aabf20b77d82c9aa3a7e902ac95a30c

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 May 2023 20:04:21 GMT
via: 1.1 varnish, 1.1 varnish
origin-site: LV1
x-cache: MISS, MISS
x-envoy-upstream-service-time: 116
content-length: 1164
x-served-by: cache-bur-kbur8200089-BUR, cache-fra-eddf8230103-FRA
server: envoy
x-timer: S1684872261.713496,VS0,VE304
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0

OPTIONS
H2 200 token
api.nfl.com/identity/v3/ Frame 0
0 82ms
21ms Preflight
text/html 151.101.193.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Tue, 23 May 2023 20:04:20 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230103-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 72ms
38ms XHR
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7cbfe84d1848bb91-FRA
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK zu7jn37mbhghu3v14ypt
static.clubs.nfl.com/image/private/f_auto/rams/ 13 KB
14 KB 80ms
8ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/zu7jn37mbhghu3v14ypt
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6de95ed9ac949a7a36c2c60405c79958779b21938ce2b245b9c153c7196bcfa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:20 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1838372
Edge-Cache-Tag: 559253892405784975896444583664749918160,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 559253892405784975896444583664749918160,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache: HIT, HIT, HIT
Content-Disposition: inline; filename="zu7jn37mbhghu3v14ypt.webp"
Connection: keep-alive
Content-Length: 13496
X-Served-By: cache-iad-kjyo7100156-IAD, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230130-FRA
Last-Modified: Wed, 06 May 2020 12:43:09 GMT
Server: cloudinary
X-Timer: S1684872261.725587,VS0,VE2
Etag: "e8136697b9999e08d7022257ce3885aa"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 4718, 1

GET
H/1.1 200
OK dropdown.png
www.therams.com/compiledassets/assets/img/ 1 KB
2 KB 171ms
171ms Image
image/png 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therams.com/compiledassets/assets/img/dropdown.png

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3df33152cd65eb45b9203090a7678540a27a9f44ef4641ee66de9a47b7a0a43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Age: 0
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1024
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200148-BUR, cache-fra-eddf8230061-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872261.656541,VS0,VE163
etag: "1d9874b70dd7d80"
Vary: X-NFL-Geo,Origin
content-type: image/png
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 29ms
23ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Age: 25
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19260
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200115-BUR, cache-fra-eddf8230093-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872261.679832,VS0,VE3
etag: "1d9874b70dd32bc"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 29ms
22ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Age: 25
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18232
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200169-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872261.681064,VS0,VE2
etag: "1d9874b70dd3eb8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 28ms
20ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Age: 25
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19208
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200160-BUR, cache-fra-eddf8230123-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872261.680269,VS0,VE2
etag: "1d9874b70dd3288"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 55ms
16ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Age: 25
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 11
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18524
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200160-BUR, cache-fra-eddf8230105-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872261.712276,VS0,VE8
etag: "1d9874b70dd31dc"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--thin.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 205ms
166ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--thin.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5a2e7738047c9fc62dbe182004f3050664967a941d5199236df72386921c7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:20 GMT
Age: 0
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18244
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200038-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872261.712454,VS0,VE156
etag: "1d9874b70dd3ec4"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/ 400 KB
97 KB 18ms
16ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Sw59qQKTUz8IJh2hCY03KQ==
age: 29079
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98810
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:51 GMT
server: cloudflare
etag: 0x8DB55BF34FA32B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 33d48d17-101e-00ca-25d3-874b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbfe84ddc029158-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/ 408 KB
126 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef30c883b4b4e4b45057fb38e75477aa1b847d061b19ff032e26c5d3a789961c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6221
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128769
x-xss-protection: 0
server: cafe
etag: 11452098575748349983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 22 May 2024 18:20:39 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 57 B
593 B 93ms
54ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therams.com&ppc_eid=31074404

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6737d1956ae2469ad6ede72da272db382138be729faa0c9c1595f3a2f134be30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
x-xss-protection: 0
expires: Tue, 23 May 2023 20:04:20 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872260893
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872260893

7 KB
3 KB

49ms
37ms

XHR
application/json

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872260893

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

eb5a4d3ff1fbb61d8ecca698bcef0f6d83e98f34144607d5f6113a49e0540f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0ec12bf84.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: X/SBORyQRsc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2009
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v048-0545fe400.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: m6MnXj/zRwQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872260893
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 24ms
24ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Tue, 23 May 2023 21:04:20 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 25ms
25ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Tue, 23 May 2023 21:04:20 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 25 KB
9 KB 25ms
23ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:20 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:50 GMT
server: AkamaiNetStorage
etag: "d220d501715e0484d0dddeac614f902c:1663863410.217006"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8755
expires: Tue, 23 May 2023 21:04:20 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/32f2fbc0-2781-4bbb-b8b2-7e4796647e1c/ 80 KB
17 KB 35ms
18ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/32f2fbc0-2781-4bbb-b8b2-7e4796647e1c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b2d4349345f1d8565e48dadbb4d70ea493ff614b58f83e568885881245ac2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0whruBlMgi/2LbrpJXb5Yg==
age: 43563
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17690
x-ms-lease-status: unlocked
last-modified: Mon, 24 Apr 2023 22:28:02 GMT
server: cloudflare
etag: 0x8DB45132A7371D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5bd6d081-e01e-0057-0cfc-76316b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbfe84f6a5339bc-FRA
expires: Wed, 24 May 2023 20:04:21 GMT

GET
H2 200 reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ 2 KB
881 B 61ms
0ms Stylesheet
text/css 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:33:58 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:13:21 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 37823
etag: W/"646b94a1-616"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: vX_CyhdoxVS6XR-y_YcrklHh6JsxAjhQFJPKbg2jz8ihdVnCbReISQ==

GET
H2 200 jquery-ui-1.12.1_f735107ad2.css
static.formstack.com/forms/css/3/ 21 KB
5 KB 65ms
0ms Stylesheet
text/css 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/jquery-ui-1.12.1_f735107ad2.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 5093c70019b3501c2eb8b2e8597e253bb2f8cf367cf5a305395a0ff7d238a643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:25:22 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:18:43 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 20339
etag: W/"646b95e3-5364"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: ZmU63m9HndTuD3F7aO73OUHlp5bj1pZqXdXSowD6LKeNUADuTcmuNQ==

GET
H2 200 default-v4_29cde3be75.css
static.formstack.com/forms/css/3/ 35 KB
6 KB 64ms
0ms Stylesheet
text/css 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/default-v4_29cde3be75.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 15:18:26 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 14:43:10 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 17155
etag: W/"646cd0fe-8aef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: hc34qL5-U5lx14UaUk6l4kBdC_AMUWppgExTn9v_QMFwt2s0U28JjQ==

GET
H2 200 uil-static.css
static.formstack.com/common/css/ 51 KB
8 KB 67ms
0ms Stylesheet
text/css 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/common/css/uil-static.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 06:40:08 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:07:27 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 48253
etag: W/"646b933f-cc55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: 9qzaPfVunfvnlSFBCgrlwTIWzMjqMzyUEcNlxS01sXkUlibq4t82ug==

GET
H2 200 dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ 170 B
507 B 66ms
0ms Stylesheet
text/css 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:33:58 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:18:43 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 37823
etag: "646b95e3-aa"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
accept-ranges: bytes
content-length: 170
x-amz-cf-id: usMkYy5BGWfMUBRkNh-XZCF2PSHd6QTqkFnsteyCZjNg8vK3a1mY_Q==

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/losangelesrams/production/scripts/ 173 KB
46 KB 221ms
95ms Script
application/javascript 151.101.0.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/losangelesrams/production/scripts/evergage.min.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75a58f2aee7291da5efa4d6d0aceed2bebf39c283346a3269a7811d1910f9d43

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id: yLvr.kLAqNnXwnOYPf.7utkYTHXpXAU5
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 23 May 2023 20:04:21 GMT
x-amz-request-id: MYQPR8V1T2A7RVTQ
age: 32
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 46641
x-amz-id-2: LpVqfSKLavb6RCh7h6lAyDepqoICDGdKJBC9Gov6AmvGsCNyVRMtrMfrbbJx1u5VFtEhBLZKjaX/q8we1knmiA==
x-served-by: cache-iad-kcgs7200120-IAD, cache-fra-etou8220072-FRA
x-amz-meta-evergage-sum: b2bf9f5e3c122c6c64f9641d11aa0aea7c8077a4
last-modified: Mon, 15 May 2023 22:50:19 GMT
server: AmazonS3
x-timer: S1684872261.212279,VS0,VE92
etag: "ee6145b9d93c890117721c763da58ce9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 35040, 1

GET
H2 200 jquery-3.5.1.min_dc5e7f18c8.js Show response
static.formstack.com/forms/js/3/ 87 KB
31 KB 70ms
0ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery-3.5.1.min_dc5e7f18c8.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 06:40:08 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:16:01 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 48253
etag: W/"646b9541-15d84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: dSRAWhoZsh9lXGMHBcqz0cSwqJ_1cyJqLmyASPfKUSA2ON-rXAeL9Q==

GET
H2 200 jquery-ui-1.12.1.min_d71fd11517.js Show response
static.formstack.com/forms/js/3/ 83 KB
25 KB 104ms
35ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery-ui-1.12.1.min_d71fd11517.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 550eacf0b0dde64399a52fd7e8935fb9ebec1ca81b4c9a94c96c7b2f691f1706

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 06:40:08 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:13:21 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 48253
etag: W/"646b94a1-14dc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: 3KY8JHr3vzHiicaaAbYTVrV-6KT7MZ5rpKhxmz3kRy1EOcLxvWoA6g==

GET
H2 200 scripts_0edcde2e8b.js Show response
static.formstack.com/forms/js/3/ 79 KB
23 KB 102ms
33ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 04:03:16 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:16:00 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 57665
etag: W/"646b9540-13d02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: yS1J6Ixg7Oekw20ETu0A1dmlvKaHq91JRL2rirNBnCvsfEdPBSKr1g==

GET
H2 200 analytics_7d49daa365.js Show response
static.formstack.com/forms/js/3/ 2 KB
1 KB 65ms
0ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 06:40:09 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:18:43 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 48252
etag: W/"646b95e3-839"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: 6fJbNB952KFMVnP5iCrgfUOXmpNMUkNhnYPY5VuZQ79JfT1MDnri9Q==

GET
H2 200 libphonenumber-min_6f64debfdd.js Show response
static.formstack.com/forms/js/3/ 165 KB
41 KB 117ms
48ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 18:08:09 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 16:13:52 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 6972
etag: W/"646ce640-29364"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: eqbl-rwn2ba6JlGRM9OOtM-DAqdOO20NM3ePKau6hqP6A4PzBOHR4Q==

GET
H2 200 googleanalytics_c118a241fb.js Show response
static.formstack.com/forms/js/3/plugins/ 2 KB
1 KB 116ms
46ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: d163164bb749cfdea6b29289c061df192d7fb36cc10f20b1583e3ab81156149a

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 16:17:38 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 16:13:52 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 13603
etag: W/"646ce640-9cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: LNU5PAAgzNU1yh87uQ1CO7PFy79TVRWVEvUK4vtP2zRdVUy_b-skaw==

GET
H2 200 utm_tracking_dd0b5a32b7.js Show response
static.formstack.com/forms/js/3/plugins/ 790 B
1 KB 115ms
45ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/utm_tracking_dd0b5a32b7.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 15d01c709fdf293cbb036c2bfabbf58a06a8b66bcc35df2455f485185b9d01bb

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 05:10:39 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:13:22 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 53622
etag: "646b94a2-316"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
accept-ranges: bytes
content-length: 790
x-amz-cf-id: I-uwZqs0dxcCTr8Jerauu9mtiuXNPFOROUzT6c_MPiN0VSkhsLRUmQ==

GET
H2 200 modernizr_60a2d5aeb5.js Show response
static.formstack.com/forms/js/3/ 13 KB
6 KB 114ms
44ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 08:44:14 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:16:00 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 40807
etag: W/"646b9540-33bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: 1BRjmt3Gcr2OXWHxoq8cn5UZjBnQL1SWCzfHcQ6hDA8411KtIlJ6wQ==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 13 KB
3 KB 64ms
19ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pRHDWyQMLvXwKY458EnqRw==
age: 23688
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3019
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:45 GMT
server: cloudflare
etag: 0x8DB55BF315FAED9
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: df5fe3f4-601e-00c5-3047-88a6dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbfe8509c0c39bc-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/ 62 KB
13 KB 68ms
24ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UgqWqpl5qGBlgacC8J2b6A==
age: 23688
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13388
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:48 GMT
server: cloudflare
etag: 0x8DB55BF32DD687C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: af93df67-701e-009e-5147-88a1a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbfe8509c1039bc-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 21 KB
4 KB 64ms
20ms Fetch
text/css 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 86320
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 90ab7831-301e-013c-4647-882a68000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cbfe8509c1239bc-FRA

GET
H/1.1 200
OK dest5.html Show response
nfl.demdex.net/ Frame B7EF 7 KB
3 KB 390ms
37ms Document
text/html 52.31.219.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.219.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-219-190.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v048-0336a4b02.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 72B2XcabQtA=
content-encoding: gzip
date: Tue, 23 May 2023 20:04:21 GMT
last-modified: Wed, 10 May 2023 10:46:52 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZG0cRQAAAM8n1QNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=38043003982057499002171484162072250839
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0cRQAAAM8n1QNn

42 B
942 B

40ms
39ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0cRQAAAM8n1QNn

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0f5902206.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: il9P9UyUSKM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0cRQAAAM8n1QNn
Date: Tue, 23 May 2023 20:04:21 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
nflenterprises.tt.omtrdc.net/rest/v1/ 357 B
846 B 370ms
47ms XHR
application/json 66.235.152.113
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://nflenterprises.tt.omtrdc.net/rest/v1/delivery?client=nflenterprises&sessionId=66d0c69240124e0cab6c3688bbef9b2c&version=2.10.2

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.113 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-113.data.adobedc.net

Software

jag /

Resource Hash

bc7ec2d74c4b5cd3838e85e4ddcb56ec798f61610fa6163f3787f68f1f8e59b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 May 2023 20:04:21 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: c76866b7-b09f-4210-bd58-d0951d5f54a6

GET
H2 200 css
fonts.googleapis.com/ 1 KB
817 B 203ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 18:21:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 20:04:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 139ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 146ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
17 KB 108ms
107ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2147357956016799&correlator=2441905273546155&eid=31074406%2C31074402%2C31070233&output=ldjh&gdfp_req=1&vrg=202305180101&ptt=17&impl=fifs&iu_parts=4595%2Cteam.la%2Cschedule&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=100x30%2C100x30%2C100x30%2C728x90%7C970x90%7C970x250%2C728x90%7C970x250%7C970x90%2C1x4%2C1x1&ifi=1&adks=168221636%2C3048219089%2C3624888337%2C321486337%2C3662562588%2C995991317%2C2915423114&sfv=1-0-40&ists=1&prev_scp=slot%3Dbrandedspon%7Cslot%3Dbrandedspon1%7Cpartner%3Dticketmaster%26slot%3Dlogo%7Cslot%3Dtop%26club%3Dla%7Cslot%3Dbottom%7Cslot%3Dinterstitial%7Cslot%3Doop&eri=1&cust_params=s1%3Dschedule&sc=1&cookie_enabled=1&abxe=1&dt=1684872261547&lmt=1684872261&dlt=1684872260307&idt=733&adxs=1376%2C1484%2C1324%2C436%2C436%2C800%2C800&adys=159%2C159%2C1173%2C311%2C10190%2C10871%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&frm=20&vis=1&psz=248x32%7C248x32%7C174x16%7C1600x0%7C1600x0%7C1600x10871%7C1600x10871&msz=116x0%7C100x0%7C100x0%7C728x0%7C728x0%7C1600x0%7C1600x0&fws=4%2C4%2C0%2C0%2C0%2C4%2C4&ohw=1600%2C1600%2C0%2C0%2C0%2C1600%2C1600&ga_vid=2006793091.1684872262&ga_sid=1684872262&ga_hid=1544959031&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ef244043d29996c43ca61ea94a7a04521676447556484b35ec391b3dee8d7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17073
x-xss-protection: 0
google-lineitem-id: -2,-2,5362858293,-2,6295301662,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138310656510,-2,138432734011,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
32720c1b69723bd07848bc27787038d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9981 6 KB
3 KB 143ms
25ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://32720c1b69723bd07848bc27787038d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:04:21 GMT
expires: Wed, 22 May 2024 20:04:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 21ms
20ms Image
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 57252
x-ms-lease-status: unlocked
last-modified: Mon, 22 May 2023 02:34:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 439ec356-901e-009f-0868-8ca05c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cbfe8530af89158-FRA

GET
H/1.1 200
OK All-ProSans--semiBold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
19 KB 10ms
9ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--semiBold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:21 GMT
Age: 25
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19112
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200053-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872262.601732,VS0,VE2
etag: "1d9874b70dd3328"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 47ms
42ms Fetch
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 26913
x-ms-lease-status: unlocked
last-modified: Mon, 22 May 2023 17:17:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: af24b6e0-401e-0073-1872-8da825000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cbfe8532fac39bc-FRA

GET
H2 200 National_Football_League_logo.svg.png
cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/ 68 KB
68 KB 48ms
15ms Image
image/png 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/National_Football_League_logo.svg.png

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Gz5DzPx+xXH6/nhkr1Zhpg==
age: 54896
content-length: 69278
x-ms-lease-status: unlocked
last-modified: Mon, 22 Aug 2022 17:40:20 GMT
server: cloudflare
etag: 0x8DA846562873955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 55d0ada0-101e-00ca-4fe1-5a4b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbfe853bbd09158-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 54ms
23ms Image
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:04:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 79547
x-ms-lease-status: unlocked
last-modified: Mon, 22 May 2023 17:17:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 48153e95-601e-004d-59f3-8c1e04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cbfe853bbd29158-FRA

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 7 KB
3 KB 25ms
13ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=bc019a14e50a0a7921ed567de291bd74

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f63b6991810ec4f98212762bc0ab61f08e0400d05718019ee4ff280a55f93604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:21 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 26
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2036
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200062-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872262.718761,VS0,VE2
etag: "1d9874c7dae81ae"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C07 0
0 71ms
65ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUnk9rpJyx5wb41c9kOS42616EPTbDizks_JG021qLEUVBtrhuGhGQFKFsKaiBiOpIkohXQT9HxALstTJn_BZQLtaLv-7qcSQi8hugzXM7IPI5s05G83o67KPMqYvjnLI4wSrfFwC5qhg0bYOSbdkqeNu5wXszI8qW_-a_eVboB8_f7j0AA_u4vEBx75gx_xfbeZ-pUvmU1TEurPRfU-455U7tHpSjIvN1sYooUTiqaBN1rOMwClrvylXDNcsIsAAfXEsJjYxHKU0ooJGi0S_j_b0XuEA2c7UPW0EkJ2epBqzVzPQc0XT_HS2jDm8lihFWZDc&sai=AMfl-YR1v-5c5wr7DfVi91p3y34T20jc54WM6KG4NxFxrgnOqP0bCkb0FpHLachdoPofhE1psW_vmGtfommicP-cOH-Zf0DXmfcY2qsRkZFe1jg0heCCwbjkINwmcxPcY46uQNRECavCmgd2pAPOeL0&sig=Cg0ArKJSzOFj48vsjbrREAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 20:04:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 8C07 3 KB
2 KB 94ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 16:12:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C07 171 KB
54 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 20:04:22 GMT

GET
H2 200 7476150962692212385
tpc.googlesyndication.com/simgad/ Frame 8C07 5 KB
5 KB 93ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7476150962692212385

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b884aa073ae0995039e442f97eaa0523fa02913747029e74e717248812a476d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 19:43:00 GMT
x-content-type-options: nosniff
age: 519682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4709
x-xss-protection: 0
last-modified: Tue, 05 May 2020 00:44:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 May 2024 19:43:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B36 0
0 59ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0eab8ka66DoFFA0RtH5B5CRsykX30K72oiDTrMjXT9JWhqB8bhFKeJag4crzyGBuYG5MsGBY2qlaKZeVA21XfNT0Ga1hoPRqSdVDHsCNSeLLEGKtAWwnMtHNPgLb8dqEyZiFaOzVtmIxvO7ppD7_3BF-C3HDzQzYOAU6dSurxgEj1eBbB_OkAUhTL7WhnKtusguc09qaTgO_YWrwSp6A57f4qcjcjlgd3VY-I_gteGP-3nwVfMpzaCYixCqjqDSkjhDk6rEMNT8qrNiZ72WBTkNyjsRbaqSDV68mbVeryTMrhfwa0lgkaJIZx3KYN6NXbSbE&sai=AMfl-YT44Iym9cdTrrG2hF3zFhAx36Yq5YmfYIowQCOrgZMXVJw8D_d8FqvAClQT_imNym8YebMn0xBYtJez82hiZUGJCY6C2Lp_PvJmg-mHyzxiEtmLvvE5sy_UijdaIrFxVb6dH_s_jpbHpWBokz4&sig=Cg0ArKJSzFigPvYhN3arEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 20:04:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 6B36 3 KB
1 KB 70ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 16:12:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B36 171 KB
53 KB 120ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 20:04:22 GMT

GET
H2 200 8561391474738968061
tpc.googlesyndication.com/simgad/ Frame 6B36 71 KB
71 KB 73ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8561391474738968061

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd9f3a159ce7a3cac9af5f4a3d09feb809ef23788edd2c1ea371ef7310f1a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 17:38:18 GMT
x-content-type-options: nosniff
age: 8764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72344
x-xss-protection: 0
last-modified: Fri, 05 May 2023 21:47:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 May 2024 17:38:18 GMT

GET
DATA 200
OK truncated
/ Frame 8C07 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 133571205551ac0cd2ca3ff3b0b7c90ee5d4b3663f1a5db577531888a2962a54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6B36 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1f726145e229015259cee77398d6e44fa5fd67a8a359f4294e814cbcae9ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 59ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 274957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:41:45 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 70ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 282792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 13:31:10 GMT

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=4f7f646d-1c47-4a00-9b9d-df8854e44826&ddsuuid=38043003982057499002171484162072250839
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=38043003982057499002171484162072250839&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d38043003982057...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=4f7f646d-1c47-4a00-9b9d-df8854e44826&ddsuuid=38043003982057499002171484162072250839

42 B
948 B

93ms
55ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=4f7f646d-1c47-4a00-9b9d-df8854e44826&ddsuuid=38043003982057499002171484162072250839

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v058-05f465e01.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MqD0ixiLSPs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 23 May 2023 20:04:22 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x29 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=4f7f646d-1c47-4a00-9b9d-df8854e44826&ddsuuid=38043003982057499002171484162072250839
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 May 2023 20:04:21 GMT

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/ 1 KB
1 KB 44ms
29ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 558
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200105-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872262.140812,VS0,VE7
etag: "1d9874c7dae9905"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/ 808 B
1 KB 40ms
24ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200052-BUR, cache-fra-eddf8230061-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872262.134969,VS0,VE7
etag: "1d9874c7dae9e28"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 3 KB
2 KB 35ms
18ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cfd88d77357dcdbf67e882d6771b4404fa9040c966ebeb859dd903418f11875c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 65415
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 923
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200100-BUR, cache-fra-eddf8230105-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872262.134865,VS0,VE1
etag: "1d9874c7dae97c3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 2 KB
2 KB 36ms
19ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 635927
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 846
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200054-BUR, cache-fra-eddf8230093-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872262.135103,VS0,VE1
etag: "1d9874c7dae9a96"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 gigya.js Show response
cdns.us1.gigya.com/js/ 496 KB
164 KB 106ms
7ms Script
text/javascript 69.192.160.253
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.253 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-253.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 673089261a490c7c06604429afc843813446902e59322da97745929aaec615f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:22 GMT
content-encoding: gzip
x-soa: true, Gator
vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin: *
x-callid: e027a5ac51e243fdbc40155ac6155c39
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-t12
x-error-code: 0
x-robots-tag: none
content-length: 166868
expires: Tue, 23 May 2023 20:19:22 GMT

GET
H/1.1 200
OK gigyaLoggedInChecker.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/common/ 2 KB
2 KB 38ms
20ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/common/gigyaLoggedInChecker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c06f3fcb3a93af5c96f6d7eda17c8bf3bb02fc99b8d68e4fea7cfecd1d0fe948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 909
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200066-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872262.136498,VS0,VE1
etag: "1d9874c7dae9a71"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2

200

pixel.gif
load77.exelator.com/ Frame B7EF
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=38043003982057499002171484162072250839
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=38043003982057499002171484162072250839&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
365 B

128ms
6ms

Image
image/gif

2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 20:04:22 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 873490
x-accel-date: 1683998772
content-length: 43
x-77-nzt: AcO1rw68e6rvElQNAA
x-accel-expires: @1685035572
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 90833930abedc8aa461c6d645852da32
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Tue, 23 May 2023 20:04:22 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C07 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttaYlLAr3ajWwGusrN6DdtH9oRc9Bwpl3k8MDckDSuIgQzpMfOa-d8gVKbk_XblEELqK9stu6PW-TLfOXdC8xiBX1EH-rHrrlDXomTfu4QLhQJ4sWvAMq0hS_fAOlTzE9zGEKqgh7n7OGQPV6o4UqBK2IV-kdDvcirpQB2QDUxxcIwscJQ0HVdLLldzaE4s3YNQFlJRwGWTe309VOXwNvxQwutLdvdrnrnW3nqlqUL3TUqI4Fs20FoK8EBwbUhAhpVaYZCMXM-ATeL8McWCTf3QuTHcQkgDuJQLhrHzZdYKHPosekbz6dGyN5c4NBu2Je0n2WtCg&sai=AMfl-YQpdHSZGmxtLl3nbUVQggzt2ch5KobkSllPBwdySDE5vokGX1Fe3BAVJoIrqIlmju591m-dKKG7WFOkhBEpRbYF1DfxTzolr7LcaZiP8puh7kP9a7ErYSo3IxnaV89ZoSzk8O1scLxDVJkYhos&sig=Cg0ArKJSzKQy9v7pHpM-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 20:04:22 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 669E 47 KB
13 KB 197ms
38ms Script
application/javascript 46.51.133.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=1055692691&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6c57558158992a692fd3ff22b55a6bcb85670ef56585cda1328c4022eca91398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:22 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B36 0
0 67ms
45ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUfaqKGsVnMtQcaVzGti_Tvbfb0lmjTDa9aa_FzToCq-LHNuXTV_vWTsrkfpKf0OdeKXR1Bp4EJhpxKs50lpbFusb0SraFqdgzTLDOeB3zNGmxBGRueJccNEDAvZhrygNS3-sR1sV6uvu0HLnYZB4dmxE3tHIWubECByyrRQ7n7GT5-BCVmH8FhA_F4WkEEiJImuEVJ2-TxQg35-6C3Ln1SS_n2s1GJXCy-NL4k-gmmizDZ2bATOGb5JMWuFJPDJRSPRTx436E7sgjlyeKEt9So98i-qpOybGV6Z3zfE3qny_tQD8oL-r5n0L3Iio4RQ6ujh6R-w&sai=AMfl-YQUZaI6FCaoocy1wUuFosMu_FhBQyaNFK2wsQJduSyXPm8z00aOPoKRV5yVApljsx_nWBq1tTtRHegVG_GWJ2vsBrXFn-zcxfx1lbtb59eqD-2vCTV8R33M1kGy6LzgJp1HgSA1fcWcz06ZRcw&sig=Cg0ArKJSzOr3RG8WzcHCEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 20:04:22 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame A7D8 47 KB
13 KB 122ms
39ms Script
application/javascript 46.51.133.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5222449639&chanId=182654973&placementId=6295301662&pubCreative=138432734011&pubOrder=3200570583&cb=1427185100&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e0586918cafc97d3d73b929b9e25a7ca471607011049f3cc11cb2327df7cb189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:22 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=Ae01xhWa1Q1yf45
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=Ae01xhWa1Q1yf45

42 B
943 B

63ms
44ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=Ae01xhWa1Q1yf45

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-032e056ca.edge-irl1.demdex.com 10 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: s3yLpIwsR1Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:04:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=Ae01xhWa1Q1yf45
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ 5 KB
2 KB 427ms
310ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 0810fd82abdfa946679ab23928936b583156c9d34868e3d23fcba92ba84d6727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:22 GMT
content-encoding: gzip
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
x-error-code: 0
content-length: 2000
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 9256fb31a3c148e3b965020dedc6a810
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: DH7fDsnMlvvkClm2A-5d_yor9CjZhciBDM5LdlM-z8tXItZCcVvQ9Q==

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 93 B
910 B 68ms
53ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200025-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.599045,VS0,VE2
etag: "1d9874c7dae9d5d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/ 180 B
950 B 25ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 6
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200168-BUR, cache-fra-eddf8230061-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.582252,VS0,VE1
etag: "1d9874c7dae9db4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 530 B
1 KB 31ms
15ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200131-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.584580,VS0,VE1
etag: "1d9874c7dae9f12"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK gigyaHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 3 KB
2 KB 34ms
18ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/gigyaHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

e9166b6dead256e5e723626e7344660a24e0c5e99b4688bc4f60633886a5e0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1209
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200151-BUR, cache-fra-eddf8230093-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.586541,VS0,VE2
etag: "1d9874c7dae9662"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/ 831 B
1 KB 26ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d564ecea790280585429959b133a75bad092b20be35041c735d9c3fb1b800c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 7
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 488
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200124-BUR, cache-fra-eddf8230105-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.584160,VS0,VE1
etag: "1d9874c7dae9e3f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 100ms
16ms Image
image/svg+xml 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 570384
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=134;cpu=0;start=2023-05-17T05:37:57.862Z;desc=miss,rtt;dur=0,cloudinary;dur=129;start=2023-05-17T05:37:57.862Z
Content-Length: 3390
X-Served-By: cache-iad-kcgs7200127-IAD, cache-fra-etou8220076-FRA
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1684872263.653048,VS0,VE1
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 5711, 1

GET
H/1.1 200
OK x4bfi8idjpvcb0pwctto
static.clubs.nfl.com/image/private/f_auto/rams/ 41 KB
42 KB 30ms
14ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/x4bfi8idjpvcb0pwctto
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1025380
Edge-Cache-Tag: 550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="x4bfi8idjpvcb0pwctto.webp"
Connection: keep-alive
Content-Length: 42082
X-Request-Id: 9adcd01473aecf151b94d49eaefdee55
X-Served-By: cache-iad-kcgs7200150-IAD, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230130-FRA
Last-Modified: Thu, 11 May 2023 23:14:43 GMT
Server: cloudinary
X-Timer: S1684872263.585060,VS0,VE1
Etag: "0368e7a16ec7c581b8e5097b6021c567"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 2430, 1

GET
H/1.1 200
OK o83urxdquppaniilfg3g
static.clubs.nfl.com/image/private/f_auto/rams/ 32 KB
33 KB 76ms
10ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/o83urxdquppaniilfg3g
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1293271
Edge-Cache-Tag: 430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="o83urxdquppaniilfg3g.webp"
Connection: keep-alive
Content-Length: 32856
X-Served-By: cache-iad-kiad7000120-IAD, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230037-FRA
Last-Modified: Mon, 01 May 2023 23:58:58 GMT
Server: cloudinary
X-Timer: S1684872263.635249,VS0,VE3
Etag: "b43d835d75cc70cfee848a80ae6eca8d"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 78, 1

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=6474783599105034374
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6474783599105034374

42 B
942 B

37ms
36ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=6474783599105034374

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0fa3a18ab.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vV2+nG6xSmY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 23 May 2023 20:04:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1946ecd9-909f-45b0-881f-3e9ab587928a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=6474783599105034374
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 6 KB
3 KB 12ms
12ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

54fbe08cd567b05b1c11dc37745a2b278c0521d1af11d8076ad50f685ea889ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 8
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2299
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200084-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.638006,VS0,VE3
etag: "1d9874c7dae84ba"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 2 KB
2 KB 17ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200091-BUR, cache-fra-eddf8230093-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.643493,VS0,VE3
etag: "1d9874c7dae9acf"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK calendarOptions.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 1 KB
1 KB 14ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/calendarOptions.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7f48123723251fde71c5aff246bfcf33cd9abdd69ebe1140eed0ae364e8a7e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 701107
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 529
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200101-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.643441,VS0,VE2
etag: "1d9874c7dae99a4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame 669E 202 KB
63 KB 101ms
0ms Script
application/javascript 2600:9000:223f:2800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=1055692691&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1228910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: bmHvHFwvMmhGp7JKu2F8ZADRsLADTQzHLQa8QOoHHROaHmgq1BqVyw==

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame A7D8 202 KB
63 KB 101ms
3ms Script
application/javascript 2600:9000:223f:2800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5222449639&chanId=182654973&placementId=6295301662&pubCreative=138432734011&pubOrder=3200570583&cb=1427185100&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1228910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: b9CUYRWyzOF0stl8PkraCFkrZsJazAA_BSlbuRsnxq1N0jqZDFRWOA==

GET
H/1.1 200
OK locationHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 1 KB
1 KB 20ms
19ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/locationHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 550
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200173-BUR, cache-fra-eddf8230093-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.666207,VS0,VE2
etag: "1d9874c7dae995f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 2 KB
2 KB 22ms
19ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702153
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200069-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.666207,VS0,VE3
etag: "1d9874c7dae9b20"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK sha256.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/sha256/ 9 KB
5 KB 17ms
14ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/sha256/sha256.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702279
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3888
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200073-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.666065,VS0,VE1
etag: "1d9874c7daebe39"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK nflTokenHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 3 KB
2 KB 20ms
17ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/nflTokenHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1146
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200078-BUR, cache-fra-eddf8230105-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.666554,VS0,VE3
etag: "1d9874c7dae9616"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/ 105 KB
40 KB 13ms
12ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/jquery-3.6.0.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 39864
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200091-BUR, cache-fra-eddf8230061-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.666567,VS0,VE2
etag: "1d9874c7daf39e7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK md5.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/md5/ 4 KB
2 KB 43ms
17ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/md5/md5.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 74470
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1714
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200076-BUR, cache-fra-eddf8230061-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.736557,VS0,VE7
etag: "1d9874c7dae9226"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK LAC
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 2 KB
2 KB 32ms
13ms Image
image/svg+xml 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LAC

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4191496
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LAC"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=78;cpu=0;start=2023-04-05T07:46:06.167Z;desc=miss,rtt;dur=0,cloudinary;dur=73;start=2023-04-05T07:46:06.168Z
Content-Length: 1041
X-Served-By: cache-iad-kiad7000160-IAD, cache-fra-etou8220076-FRA
Last-Modified: Tue, 27 Oct 2020 18:22:09 GMT
Server: Cloudinary
X-Timer: S1684872263.748262,VS0,VE4
Etag: W/"c35c63d2b0f344f428310ecb37a3d2eb"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 43484, 1

GET
H/1.1 200
OK dropdownNative.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 894 B
1 KB 30ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/dropdownNative.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

e8bc22931893b2046382a9a4d7edb1591fa4d5fd49ad288891bd14b39448f958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 701107
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 559
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200174-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.750465,VS0,VE2
etag: "1d9874c7dae9e7e"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK smoothScroller.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 2 KB
2 KB 27ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/smoothScroller.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 6
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 742
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200020-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.749400,VS0,VE1
etag: "1d9874c7dae9b17"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK clipboard.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/clipboard/ 11 KB
4 KB 38ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/clipboard/clipboard.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 635860
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3790
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200054-BUR, cache-fra-eddf8230105-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.769139,VS0,VE1
etag: "1d9874c7daeb7a5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3555114024213846367
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3555114024213846367

42 B
942 B

38ms
37ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3555114024213846367

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-072be26c8.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3mh7XfCzQ8Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3555114024213846367
pragma: no-cache
date: Tue, 23 May 2023 20:04:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK deferredService.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/services/ 751 B
1 KB 31ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/services/deferredService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 402
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200100-BUR, cache-fra-eddf8230093-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.769676,VS0,VE1
etag: "1d9874c7dae9fef"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK stringHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 586 B
1 KB 32ms
12ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/stringHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 48491
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 392
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200084-BUR, cache-fra-eddf8230061-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.774512,VS0,VE4
etag: "1d9874c7dae9f4a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK dateHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 287 B
1004 B 21ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/dateHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 202
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200143-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.780173,VS0,VE1
etag: "1d9874c7dae9c1f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK objectHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 395 B
1 KB 22ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/objectHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702277
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 262
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200088-BUR, cache-fra-eddf8230123-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.790305,VS0,VE1
etag: "1d9874c7dae9c8b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 3, 1

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/js-cookie/ 2 KB
2 KB 19ms
12ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200034-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.780347,VS0,VE1
etag: "1d9874c7dae9ae6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/plugins/ 803 B
1 KB 32ms
22ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 49788
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200164-BUR, cache-fra-eddf8230041-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.804587,VS0,VE4
etag: "1d9874c7dae9e23"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/autocomplete/ 13 KB
6 KB 29ms
21ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702153
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200056-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.804259,VS0,VE1
etag: "1d9874c7daeaf9b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2023052320042300048593396115
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=38043003982057499002171484162072250839&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320042300048593396115

42 B
942 B

37ms
37ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320042300048593396115

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0295a1ef7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3HT9xMXzSS8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320042300048593396115
pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 23 May 2023 20:04:23 GMT

GET
H/1.1 200
OK smooth-scroll.polyfills.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/smooth-scroll/ 6 KB
4 KB 11ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/smooth-scroll/smooth-scroll.polyfills.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:04:22 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702278
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2828
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200063-BUR, cache-fra-eddf8230036-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872263.866726,VS0,VE4
etag: "1d9874c7dae8472"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F574 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:2800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21097686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 0hysDgmfaQRS5-5EZ6bnV0pqt9TbqWU7meVCMd5_uioY-mK0EJOcxg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 57ms
57ms Image
image/gif 46.51.133.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=1055692691&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=f&adsafe_jsinfo=,id:b58b8219-c070-1efd-80c3-3292d0d2ede3,c:dtbQe8,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-rphnt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1324.690.100.30,am:i,cc:1324.690.100.30,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:250,mot:0,app:0,maw:0,fm:tF72j8U+11%7C12%7C13%7C14*.929781%7C141%7C151,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:289,oid:028257ff-f9a5-11ed-a71f-2e9fec1bc38a,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-242.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:22 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 52C0 91 KB
23 KB 9ms
8ms Script
application/javascript 2600:9000:223f:2800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21097686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Q2Rq1hVYo1HQxedSEKhWjs0le_lzwiTbGAcag-DqOqy_I1aU4qq21g==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 57ms
57ms Image
image/gif 46.51.133.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=5222449639&chanId=182654973&placementId=6295301662&pubCreative=138432734011&pubOrder=3200570583&cb=1427185100&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=f&adsafe_jsinfo=,id:ce91c5f3-512a-057a-e422-13c2a40ff9bd,c:dtbQeL,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-vgsb4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.9707.728.90,am:i,cc:436.9707.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:315,mot:0,app:0,maw:0,fm:tF72j8X+11%7C12%7C13%7C141%7C142%7C15*.929781%7C151,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:324,oid:02825799-f9a5-11ed-8cb2-fa362c10397a,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-242.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
server: nginx
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 368ms
102ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b58b8219-c070-1efd-80c3-3292d0d2ede3&tv=%7Bc:dtbQf3,pingTime:0,time:345,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:345,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:287,wc:0.0.1600.1200,ac:1324.690.100.30,am:i,cc:1324.690.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B90~100%5D,as:%5B90~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF72j8U+11%7C12%7C13%7C14*.929781%7C141%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:290%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK w5l0jldl8st1fptifcyr.jpg
static.clubs.nfl.com/image/upload/v1683820199/rams/ 331 KB
331 KB 41ms
40ms Image
image/jpeg 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/v1683820199/rams/w5l0jldl8st1fptifcyr.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1492c17d9b641b3e9026659fe3ebff0a5e5f27319d91b66cf49dac37066ecada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:23 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1023672
Edge-Cache-Tag: 565647521439268793942587637920995210964,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 565647521439268793942587637920995210964,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 338540
X-Served-By: cache-iad-kiad7000148-IAD, cache-iad-kiad7000109-IAD, cache-fra-eddf8230037-FRA
Last-Modified: Thu, 11 May 2023 15:50:00 GMT
Server: cloudinary
X-Timer: S1684872263.994683,VS0,VE34
Etag: "0a6655caf808574124af9c28b734d46f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 8356, 1

GET /
adb2waycm-atl.netmng.com/cm/ Frame B7EF 0
0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 326ms
103ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b58b8219-c070-1efd-80c3-3292d0d2ede3&tv=%7Bc:dtbQfL,pingTime:-2,time:389,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:295,beZ:296,mfA:545,cmA:547,inA:547,inZ:554,prA:554,prZ:571,si:584,poA:585,poZ:612,cmZ:612,mfZ:612,loA:652,loZ:656,ltA:684,ltZ:684,mdA:297,mdZ:428%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:390,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:287,wc:0.0.1600.1200,ac:1324.690.100.30,am:i,cc:1324.690.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B135~100%5D,as:%5B135~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF72j8U+11%7C12%7C13%7C14*.929781%7C141%7C15.929781%7C151,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:290,slid:%5Bgoogle_ads_iframe_/4595/team.la/schedule_2,google_ads_iframe_/4595/team.la/schedule_2__container__,e23dae16-dfad-4795-a7fd-5425cc5adebd,main-content%5D,sinceFw:99,readyFired:true%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 321ms
100ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=ce91c5f3-512a-057a-e422-13c2a40ff9bd&tv=%7Bc:dtbQfO,pingTime:-2,time:389,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:225,beZ:229,mfA:540,cmA:541,inA:541,inZ:542,prA:542,prZ:545,si:549,poA:550,poZ:562,cmZ:562,mfZ:562,loA:603,loZ:605,ltA:614,ltZ:614,mdA:230,mdZ:357%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:324%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:389,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:324,wc:0.0.1600.1200,ac:436.9707.728.90,am:i,cc:436.9707.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF72j8U+11%7C12%7C13%7C14.929781%7C141%7C142%7C15*.929781%7C151,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:325,slid:%5Bgoogle_ads_iframe_/4595/team.la/schedule_4,google_ads_iframe_/4595/team.la/schedule_4__container__,adv_club,main-content%5D,sinceFw:64,readyFired:true%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 Api.aspx Show response
auth-id.nfl.com/gs/webSdk/ Frame E3F6 121 KB
43 KB 28ms
12ms Document
text/html 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-36.fra56.r.cloudfront.net

Software

Resource Hash

5867a7357896e38bf8f5516e3f267b0ad90f3b379f4754e62ed7914f1fc8ba1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 713
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 43452
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 19:52:30 GMT
edge-cache-tag: siteid_748934946734,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: 7kWf6lUILFzkf7_ud_m8homwcDGtL5JSdi3SwnsLGDBakYGtoS3zrg==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 2a51e92d6e0a4457822bd14a6856b006
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t12
x-soa: true, Gator

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame E3F6 5 KB
2 KB 19ms
9ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 0810fd82abdfa946679ab23928936b583156c9d34868e3d23fcba92ba84d6727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:22 GMT
content-encoding: gzip
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 1
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2000
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 9256fb31a3c148e3b965020dedc6a810
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8vazlhDPUlVCBQGl5XwZFaar8nVvYqRLOM9uwDTfrl9k6ndYV3Nkmg==

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEOS637VgvIkBKfIKprL22vk&google_cver=1
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzgwNDMwMDM5ODIwNTc0OTkwMDIxNzE0ODQxNjIwNzIyNTA4Mzk=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOS637VgvIkBKfIKprL22vk&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

45ms
38ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOS637VgvIkBKfIKprL22vk&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-03aa49456.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bx6dqHMtT8Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOS637VgvIkBKfIKprL22vk&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 accounts.webSdkBootstrap Show response
auth-id.therams.com/ 199 B
1 KB 508ms
382ms XHR
text/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&sdk=js_latest&sdkBuild=13905&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: /
Resource Hash: 68ac95362d68118e832cd68789828185f615e693720f17628497249e0e2e3abc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:23 GMT
content-encoding: gzip
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code: 0
content-length: 173
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.therams.com
x-callid: 8a5e24b093a145bc8387422cb5c3c4c4
cache-control: private
access-control-allow-credentials: true
x-server: us1d-nomad-t15
vary: Origin, Accept-Encoding
x-robots-tag: none
x-amz-cf-id: gAoMKHiB7yuofG3EQGEtn7tX_wyho55iR8vMDJw6OUFtWXkEIo3YeQ==

GET
H2 200 adsct
analytics.twitter.com/i/ Frame B7EF 43 B
394 B 151ms
117ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=38043003982057499002171484162072250839&p_id=38594

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 23 May 2023 20:04:22 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 62759c42c05c8b49
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1dc6444e0ac8e4ae0d05779e2413fcd270ed79f73b7c76adca3cceb140b81c30
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 95ms
93ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b58b8219-c070-1efd-80c3-3292d0d2ede3&tv=%7Bc:dtbQlj,pingTime:-10,time:733,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684872263376%7C%7C921955156d6000e3d0f61eaf8f6f722b%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Cc753887cb04647e3d1ed793b6a772ee7%7C%7C626103d6354e88fab6285ee1fd1ca33e%7C%7Ca4573595734c2b971443a6c8678b815c%7C%7C492a2bddedf38a9ceba0096ef5394178%7C%7C34747dec94631efaaf17ed38b375b1f9%7C%7C1663701684%7D
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B7EF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEOcOox63cR7J_nDTN5WmBus&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

62ms
59ms

Image
image/png

54.76.246.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.246.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-74.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:04:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C07 42 B
404 B 69ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVEBsHMCxVefbsdzbbLFjLcRg6xxAkiSdW-gGs1sIScZDoRis0lBwx3of9Uy7y8bi0aC-4zY7-tTOibwQq0g30cdI2EUDd8pzYXOya-GporKS7KT8P&sig=Cg0ArKJSzP5VbFMXvuBcEAE&id=lidar2&mcvt=1023&p=1173,1324,1203,1424&mtos=689,1023,1023,1023,1023&tos=689,334,0,0,0&v=20230522&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3624888337&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684872261948&rpt=366&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.php Show response
rams.formstack.com/forms/ 0
321 B 444ms
440ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rams.formstack.com/forms/analytics.php?f=3703620&a=fv&m=embedded

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-12.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:23 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx
x-amz-cf-pop: ZRH50-C1
x-frame-options: sameorigin
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public
x-amz-cf-id: SotrNRYrkWe6D8KeVKxq74zKsVYD9b_cCHQqMPxhC7zd_MRl_377OQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 93ms
9ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 18:35:36 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5327
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 23 May 2023 20:35:36 GMT

GET
H2 200 fsa.js Show response
rams.formstack.com/js/ 54 KB
14 KB 33ms
0ms Script
application/javascript 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rams.formstack.com/js/fsa.js
Requested by: Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 179478bddb718a61355c3f83b9fc32dcb9c22ed470b3c63080475ab78ed9da15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 06:40:09 GMT
content-encoding: gzip
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:07:29 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 48254
etag: W/"646b9341-d8a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: wvdi8NqwrQHW95YeYBWqJtzP0GUDcrmey-Ht1Y-3Wlzb8MylZGaljw==

GET
H2 200 calendar.png
rams.formstack.com/forms/images/2/ 529 B
866 B 53ms
13ms Image
image/png 13.224.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rams.formstack.com/forms/images/2/calendar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-12.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 7cc54e74e6dbf5322743ddbf9d3eff9fc6a8015015eab90b7b4532c4e715b390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 06:40:09 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:07:27 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 48254
etag: "646b933f-211"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, s-maxage=86400
accept-ranges: bytes
content-length: 529
x-amz-cf-id: 7rTOVqjuCDMQlixp6yhb2f_ZtSveJHPAGPXSjLX8TitIB3AK02Yh1w==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 89ms
58ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c06791bf34146c2045d224090495bd33972d49bc5cda20e80995b212a2a233a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11268
x-xss-protection: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B7EF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEO...
https://pixel.everesttech.net/1x1

128 B
691 B

39ms
31ms

Image
image/png

54.76.246.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.246.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-74.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:04:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 43ms
15ms Image
image/svg+xml 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 23 May 2023 20:04:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 570385
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=134;cpu=0;start=2023-05-17T05:37:57.862Z;desc=miss,rtt;dur=0,cloudinary;dur=129;start=2023-05-17T05:37:57.862Z
Content-Length: 3390
X-Served-By: cache-iad-kcgs7200127-IAD, cache-fra-etou8220076-FRA
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1684872264.603970,VS0,VE0
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 5711, 2

GET
H/1.1 200
OK x4bfi8idjpvcb0pwctto
static.clubs.nfl.com/image/private/f_auto/rams/ 41 KB
42 KB 46ms
16ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/x4bfi8idjpvcb0pwctto
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:23 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1025381
Edge-Cache-Tag: 550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="x4bfi8idjpvcb0pwctto.webp"
Connection: keep-alive
Content-Length: 42082
X-Request-Id: 9adcd01473aecf151b94d49eaefdee55
X-Served-By: cache-iad-kcgs7200150-IAD, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230037-FRA
Last-Modified: Thu, 11 May 2023 23:14:43 GMT
Server: cloudinary
X-Timer: S1684872264.604087,VS0,VE2
Etag: "0368e7a16ec7c581b8e5097b6021c567"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 2430, 1

GET
H/1.1 200
OK o83urxdquppaniilfg3g
static.clubs.nfl.com/image/private/f_auto/rams/ 32 KB
33 KB 47ms
17ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/o83urxdquppaniilfg3g
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:23 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1293272
Edge-Cache-Tag: 430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="o83urxdquppaniilfg3g.webp"
Connection: keep-alive
Content-Length: 32856
X-Served-By: cache-iad-kiad7000120-IAD, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230130-FRA
Last-Modified: Mon, 01 May 2023 23:58:58 GMT
Server: cloudinary
X-Timer: S1684872264.605084,VS0,VE1
Etag: "b43d835d75cc70cfee848a80ae6eca8d"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 78, 1

GET
H/1.1 200
OK LAC
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 2 KB
2 KB 55ms
7ms Image
image/svg+xml 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LAC

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 23 May 2023 20:04:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 6706401
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LAC"
Connection: keep-alive
Server-Timing: fastly;dur=70;cpu=0;start=2023-03-07T05:11:02.043Z;desc=miss,rtt;dur=0,cloudinary;dur=67;start=2023-03-07T05:11:02.042Z
Content-Length: 1041
X-Served-By: cache-iad-kiad7000160-IAD, cache-fra-etou8220045-FRA
Last-Modified: Tue, 27 Oct 2020 18:22:09 GMT
Server: Cloudinary
X-Timer: S1684872264.618699,VS0,VE0
Etag: W/"c35c63d2b0f344f428310ecb37a3d2eb"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 46609, 420

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 35ms
25ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1544959031&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&ul=en-us&de=UTF-8&dt=Rams%20Schedule%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABCAAAACAAI~&jid=1599977816&gjid=1179490122&cid=2006793091.1684872262&tid=UA-122484269-1&_gid=841466383.1684872264&_r=1&_slc=1&z=41619006

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
8ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1544959031&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&ul=en-us&de=UTF-8&dt=Rams%20Schedule%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Formstack%20Form%203703620&ea=view&el=form%20view&_u=IAhAAEABCAAAACAAI~&jid=&gjid=&cid=2006793091.1684872262&tid=UA-122484269-1&_gid=841466383.1684872264&z=1087802201

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 19:18:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2758
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 20:04:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 68ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-122484269-1&cid=2006793091.1684872262&jid=1599977816&gjid=1179490122&_gid=841466383.1684872264&_u=IAhAAEAACAAAACAAI~&z=2042203831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 23 May 2023 20:04:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B7EF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

33ms
33ms

Image
image/png

54.76.246.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.246.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-74.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:24 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b51f-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:04:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 26A4 92 KB
32 KB 11ms
10ms Document
text/html 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-36.fra56.r.cloudfront.net

Software

Resource Hash

87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1119
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32594
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 19:45:44 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: HvkPIfK0VhUWqOBbQCezfE1CNcKtks3KVDqMY-ybzO6B5YpmfWYp_g==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0fcb77470b9542649b2f26979f3595f9
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t3
x-soa: true, Gator

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame FF99 92 KB
32 KB 15ms
7ms Document
text/html 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-36.fra56.r.cloudfront.net

Software

Resource Hash

87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1119
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32594
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 19:45:44 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: ui1w1i04G8FlmgLCIMgUse49xNIAOtd0j-aWEgyFhrprAsaAeptzQA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0fcb77470b9542649b2f26979f3595f9
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t3
x-soa: true, Gator

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 120ms
47ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-122484269-1&cid=2006793091.1684872262&jid=1599977816&_u=IAhAAEAACAAAACAAI~&z=878182115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 130ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-122484269-1&cid=2006793091.1684872262&jid=1599977816&_u=IAhAAEAACAAAACAAI~&z=878182115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3776 13 KB
5 KB 13ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 17:53:22 GMT
expires: Wed, 22 May 2024 17:53:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 147C 783 B
1 KB 72ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98528c4bc81559e9baea68c23ae6c38abe6d8008714085ac380bda280a753afb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kLleLcSuCou43NddlEDUpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-kLleLcSuCou43NddlEDUpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:04:23 GMT
expires: Tue, 23 May 2023 20:04:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 26A4 5 KB
2 KB 9ms
8ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 44403006aae65185e9dbed541bd2e382897c96e27f5c6093c0f95551aa1281e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:03 GMT
content-encoding: gzip
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 20
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2000
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 6fb69cbcfe734e8284f867d2442ab73e
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t6
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 74DChtcwJ9z0ftLQfBjtQkyOlL7-7eG_5-aZ0NrE9-0Izq0h-JWcSg==

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame FF99 5 KB
2 KB 10ms
9ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 44403006aae65185e9dbed541bd2e382897c96e27f5c6093c0f95551aa1281e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:03 GMT
content-encoding: gzip
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 20
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2000
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 6fb69cbcfe734e8284f867d2442ab73e
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t6
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6rCYi8fLlCdzZhm4hay8DL_8nQkhlK7Be2I1vku5S8SJRoTqxwF0NA==

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B7EF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

32ms
31ms

Image
image/png

54.76.246.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.246.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-74.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:24 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:04:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 96ms
95ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b58b8219-c070-1efd-80c3-3292d0d2ede3&tv=%7Bc:dtbQvk,pingTime:1,time:1354,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1354,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:287,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1099~100%5D,as:%5B1099~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:99,fm:tF72j8U+11%7C12%7C13%7C14*.929781%7C141%7C15.929781%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:398%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:24 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
103ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b58b8219-c070-1efd-80c3-3292d0d2ede3&tv=%7Bc:dtbQvl,pingTime:1,time:1355,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1355,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:287,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1100~100%5D,as:%5B1100~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:99,fm:tF72j8U+11%7C12%7C13%7C14*.929781%7C141%7C15.929781%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:398,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:24 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 102ms
102ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b58b8219-c070-1efd-80c3-3292d0d2ede3&tv=%7Bc:dtbQvl,pingTime:1,time:1355,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1355,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:287,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1101~100%5D,as:%5B1101~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:99,fm:tF72j8U+11%7C12%7C13%7C14*.929781%7C141%7C15.929781%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:398,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:24 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 147C 0
0 75ms
40ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305180101&jk=2147357956016799&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B7EF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

32ms
32ms

Image
image/png

54.76.246.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.246.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-74.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:24 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:04:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 3776 37 KB
14 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 18:27:32 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 17 KB
7 KB 58ms
18ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae0778253dda8b156d65084c6265a3e26630e097b93a9e847d03c44462b8952

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:04:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6906
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "3fc94a4cf91bdd80"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 20:04:24 GMT

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 1119 92 KB
32 KB 7ms
7ms Document
text/html 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-36.fra56.r.cloudfront.net

Software

Resource Hash

87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1120
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32594
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 19:45:44 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: r9p6JIJFGUuNn5oNRRryQ6LcsY-4s6xEbT5m2h8IWJYgeBuEn0ktBA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0fcb77470b9542649b2f26979f3595f9
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t3
x-soa: true, Gator

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B7EF 70 B
265 B 110ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.therams.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 23 May 2023 20:04:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
3 KB 32ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d47cb24671efb9de61016f1d0ce9e243ef08a8b2daa2a9ccb809fc130a989b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:04:24 GMT
content-md5: CC4Hir/vxB9kkPyzIa/CAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: y6e9N+L0rMBXoXrA5Dxd9wbCuzxofoyY21lfZWVIEhU5Q6tBYPLApP3CmDg7vkBYD9XTvqfpsYCLNeP7OmERQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 3ad55613b0822e20fee74ff224eacd21
cross-origin-opener-policy: same-origin-allow-popups
etag: "b5488c4bf5a7863ef3004ddc70164b6f"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 23 May 2023 20:08:18 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 1119 5 KB
2 KB 9ms
6ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 44403006aae65185e9dbed541bd2e382897c96e27f5c6093c0f95551aa1281e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:03 GMT
content-encoding: gzip
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 21
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2000
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 6fb69cbcfe734e8284f867d2442ab73e
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t6
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: yWAxq9KlVPpYEJup91-EnAXfJDzXYnIx9YrAiVt02S4GplLj4cJ2yg==

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ 315 KB
108 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e779992ace543f715102af0c31dd34d3b2f65bff0ba108d0a10cfef268ea32b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 05:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109921
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 05:50:16 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=ce91c5f3-512a-057a-e422-13c2a40ff9bd&tv=%7Bc:dtbQC0,pingTime:-10,time:1765,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684872263376%7C%7C921955156d6000e3d0f61eaf8f6f722b%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Cc753887cb04647e3d1ed793b6a772ee7%7C%7C626103d6354e88fab6285ee1fd1ca33e%7C%7Ca4573595734c2b971443a6c8678b815c%7C%7C492a2bddedf38a9ceba0096ef5394178%7C%7C34747dec94631efaaf17ed38b375b1f9%7C%7C1663701684,sca:%7Bspg:b58b8219-c070-1efd-80c3-3292d0d2ede3%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:24 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

404

sync
ups.analytics.yahoo.com/ups/28/ Frame B7EF
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true&verify=true

0
17 B

35ms
35ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true&verify=true

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true&verify=true
date: Tue, 23 May 2023 20:04:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 23ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3e6e7de376141f61f87dd31acdcab8c1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

229d7a330edcf966198cfcc490f151a8f75036b988115fb98007937a695e9f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:04:24 GMT
content-md5: uKd6oqV1MIocXWaJAVX61Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88620
x-fb-rlafr: 0
x-fb-debug: iwXMpUG4P/4AbuLCUwUved7pC9JxC+kv1D89SacqNF4vHAyCtwbyF5ta8CEBPx2zn3Pfmq1OxHQQxWL86dXAQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 747e8c5e5b3fc00c8ffcdfc14208df77
cross-origin-opener-policy: same-origin-allow-popups
etag: "c05ec4418283de7b229fc5cc4206c58e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 22 May 2024 11:13:42 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B7EF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwY1JRQUFBTThuMVFObg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

32ms
31ms

Image
image/png

54.76.246.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.246.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-74.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:24 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:04:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3776 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J3ZKFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 134ms
109ms Fetch
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3e6e7de376141f61f87dd31acdcab8c1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Tue, 23 May 2023 20:04:24 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Z0EKqmWLH4oIFDcfkenN/5F1sO9vyUQ0Q6AD05mZvb7JN6tMyP1+OmtlQsKl9qrVnMZWmuH288rCZTsz14DTiA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=yqFr-x9XAJcq5NWbesy57KC1wteJTSh4&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yqFr-x9XAJcq5NWbesy57KC1wteJTSh4&gdpr=0&gdpr_consent=

42 B
942 B

44ms
44ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yqFr-x9XAJcq5NWbesy57KC1wteJTSh4&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0fe440efe.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0hVT8zjRSv0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yqFr-x9XAJcq5NWbesy57KC1wteJTSh4&gdpr=0&gdpr_consent=
date: Tue, 23 May 2023 20:04:23 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 999446
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=38043003982057499002171484162072250839&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

39ms
39ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0336a4b02.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ST3j1q6sSLQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,303
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Tue, 23 May 2023 20:04:24 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=38043003982057499002171484162072250839&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-i1z.9gZE2pHpwrxV_EdTCpmHDnld4lnrtGk-~A

42 B
942 B

36ms
36ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-i1z.9gZE2pHpwrxV_EdTCpmHDnld4lnrtGk-~A

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0509829c5.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: J/sWGjqOR8I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 23 May 2023 20:04:25 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-i1z.9gZE2pHpwrxV_EdTCpmHDnld4lnrtGk-~A
content-length: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame B7EF 42 B
213 B 56ms
17ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=38043003982057499002171484162072250839&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

v1
ads.yahoo.com/cms/ Frame B7EF
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0cRQAAAM8n1QNn&sigv=1&esig=1~2dfe8fa30a7b5f2e66e22054324bc51996ebe409

0
194 B

141ms
19ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0cRQAAAM8n1QNn&sigv=1&esig=1~2dfe8fa30a7b5f2e66e22054324bc51996ebe409

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:04:25 GMT
strict-transport-security: max-age=31536000
cache-control: no-store
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0cRQAAAM8n1QNn&sigv=1&esig=1~2dfe8fa30a7b5f2e66e22054324bc51996ebe409
Date: Tue, 23 May 2023 20:04:25 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B7EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwY1JRQUFBTThuMVFObg==

170 B
188 B

22ms
21ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwY1JRQUFBTThuMVFObg==

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220060-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872265.302832,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwY1JRQUFBTThuMVFObg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305180101&jk=2147357956016799&bg=!Xl2lXQnNAAZ8_aWmXP07ADkAdvg8WreYtQOjlS_caIaO0bZA6BpI60IaBBrPqHcBKcTnV8w9gwb3PLnlloe7PlcaZINFcBECsnkCAAACIFIAAAAEaAEHCgCMRteKjbtFg9TjnNMbYWsBGtRpRZo79PRVlpGioY3y8JRK5sgEySrnIq4ROtMOO4Mpnm1L4_0SRAPexOFQgI-D1VapJDd04FB29ORAsyu3gKOROTv2PFy2dJQPMn3PmDbQHTuCEHe1vrxx0hyZJI1R40cDAaNuJ0gxa-hBeWlWITE07EYGAEm0AblOOSeZAqJwTRgWFGmroRYnvgm-xtVl05N3bGx2DnC8AtuMBZIgHTkVm3odHFD0FChMnqPO_PASIVRwvitxOtxMMZ0C3VtajEWXTsaAXGNuH0DfSFyorlUkdbqPoHGbDRh28ig02xRILV54ebHdjTJtPAiUzDBddN0q8J_UKMxrtVGALoVtu2H9r5ofRWUBYPavvffcHIsJpnEJTk7RjrOPyssTeoIhflEfwNk-zYFjp1Sr_1aoc-RQRap3K8wn3-4cl42je904SkecoLgL8xC5lauRzyYd8S-Gei_wIPD75qGfaIytMrC0_Vs0JgZ5T8tGE3AgEg90lIXkkqvrF0oWs7FshdqhnSK3cj7h79uEspd3CVxloFzKI14rjrVBjW4K9y00ThlfWbfmIqombJMj9q2BODhj2b6MGSkzSPN55-s5EPL1OA1uaqKoSKaZNgGt6pGQIj8juO3aiv5te0cbfhjE80xrAy8fAxy7Rx9zRIe2tylYAGdbipkoz9Kyg0d7YWqNC33WaTcmSxipsnib4olh6Jc5dG2ry1ldwa7f61ILYptLkR0XrOsshlYOAETAMRk0TRnrzAxagp_oSI-vGOiqMwxK-LGbHwCEqcSNt03zUtcPu1wppWM0lCrK9TEj4Iqb7MCD3NCFaK4OOkX4va0rJwXDh_CMtgSdKqHpAlItXa_S9PQN3hC6rOMQfTWOIO6OU8SEyhqfWCqpSXrDZEq3b5FReIzORkOhR0TYbLkpwPigw0CiYBCI4caGLvJA0WXpXt6hjfkxqUVwnkPDOYkN6_7smSbQW-2UaHJyGzp3isR2GpTTZO64nCj13r9GBUjQGmRn_bBwCv0Eh_S76wtozTvzHyFhYignUY0ubOhr1L0CIGoLxjS0MUW4MZ7j2Vr-7Q2Lsw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B7EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0cRQAAAM8n1QNn&expires=90

0
239 B

52ms
17ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0cRQAAAM8n1QNn&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-etou8220060-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872265.353828,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0cRQAAAM8n1QNn&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B7EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0cRQAAAM8n1QNn
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0cRQAAAM8n1QNn&C=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0cRQAAAM8n1QNn&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:04:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:04:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=ZG0cRQAAAM8n1QNn&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B7EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZG0cRQAAAM8n1QNn

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZG0cRQAAAM8n1QNn

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:04:25 GMT
AN-X-Request-Uuid: 54fe94fd-a7db-439a-a9d6-d9a4b6398608
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220060-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872266.556631,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZG0cRQAAAM8n1QNn
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B7EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0cRQAAAM8n1QNn

43 B
273 B

61ms
16ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0cRQAAAM8n1QNn
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220060-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872266.673875,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0cRQAAAM8n1QNn
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B7EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0cRQAAAM8n1QNn

1 B
449 B

55ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0cRQAAAM8n1QNn
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 20:04:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-fra-etou8220060-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872266.779337,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0cRQAAAM8n1QNn
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame B7EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0cRQAAAM8n1QNn&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0cRQAAAM8n1QNn&img=1&__user_check__=1&sync_id=049c5ecc-f9a5-11ed-84f7-1a377c5d0306

43 B
548 B

32ms
32ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0cRQAAAM8n1QNn&img=1&__user_check__=1&sync_id=049c5ecc-f9a5-11ed-84f7-1a377c5d0306
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:04:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 14
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 23 May 2023 20:04:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=ZG0cRQAAAM8n1QNn&img=1&__user_check__=1&sync_id=049c5ecc-f9a5-11ed-84f7-1a377c5d0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 65
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame B7EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0cRQAAAM8n1QNn&t=2592000&o=0

43 B
439 B

113ms
110ms

Image
image/gif

2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0cRQAAAM8n1QNn&t=2592000&o=0

Protocol

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:04:26 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: xKWTQjet66Bsb94Szyn17tfJ37TVmvhSaUUiXRHncdh9Sned0BAOAk8oEmBN0Ox6vwsLZ1RKbh59GamNMM8FUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Tue, 23 May 2023 13:04:26 PDT

Redirect headers

x-served-by: cache-fra-etou8220060-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872266.985626,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0cRQAAAM8n1QNn&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame B7EF 43 B
372 B 74ms
16ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 23 May 2023 20:04:26 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230122-FRA
server: nginx
x-timer: S1684872266.142927,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame B7EF
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
960 B

34ms
34ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0336a4b02.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rAuQHgKvSro=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:25 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: xnJ-NXg8vDHBRKu1jzQEc48UlQljqGB1Nozu8E_mKwc7l6Mm3lWyRg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame B7EF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=CE0qjXA6QOOs62io7UBosg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=38043003982057499002171484162072250839

43 B
479 B

116ms
116ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=38043003982057499002171484162072250839

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:04:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1GH4M0T5AJPR4HBWMMYB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v048-0abd7ecd6.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: HrrEgshJSq0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=38043003982057499002171484162072250839
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 131ms
131ms Image
image/gif 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=b58b8219-c070-1efd-80c3-3292d0d2ede3&tv=%7Bc:dtbRxJ,pingTime:5,time:5347,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5347,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:287,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5092~100%5D,as:%5B5092~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:108,fm:tF72j8U+11%7C12%7C13%7C14*.929781%7C141%7C15.929781%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:398%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:04:28 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therams.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 16:20:24	Name: demdex Value: 38043003982057499002171484162072250839
static.formstack.com/	1970-01-20 12:11:17	Name: AWSALBCORS Value: lYAun8lWzDH/N+3XwSLWQFzRMVHON/0vEXs6hyWbfUdEkNMv3vf0FNBl/ifda2by8T2j+oa+ecBnwip3iZItE7aGIzBqMtvGo1cbzjnBtsi2I6TR4kilxYlKtkwm
.therams.com/	1970-01-20 21:37:12	Name: adobeujs-optin Value: %7B%22aam%22%3Afalse%2C%22adcloud%22%3Afalse%2C%22aa%22%3Afalse%2C%22campaign%22%3Afalse%2C%22ecid%22%3Afalse%2C%22livefyre%22%3Afalse%2C%22target%22%3Afalse%2C%22mediaaa%22%3Afalse%7D
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
.therams.com/	1970-01-20 20:46:48	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+May+23+2023+20%3A04%3A21+GMT%2B0000+(GMT)&version=202303.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=ce2fcdb7-2dbc-4e1f-a7d5-2ba48c89397c&interactionCount=0&landingPath=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.everesttech.net/	1970-01-20 20:46:48	Name: everest_g_v2 Value: g_surferid~ZG0cRQAAAM8n1QNn
.therams.com/	1970-01-20 21:37:12	Name: mbox Value: session#66d0c69240124e0cab6c3688bbef9b2c#1684874122\|PC#66d0c69240124e0cab6c3688bbef9b2c.37_0#1748117062
.dpm.demdex.net/	1970-01-20 16:20:24	Name: dpm Value: 38043003982057499002171484162072250839
.therams.com/	1970-01-20 21:22:48	Name: __gads Value: ID=343fd1053859cfed:T=1684872261:S=ALNI_MaC-A7VmRjQNgmafq9QgkBrAr66EQ
.therams.com/	1970-01-20 21:22:48	Name: __gpi Value: UID=00000c1a3a588631:T=1684872261:RT=1684872261:S=ALNI_MZ3sWvkEGJcE0CsD6dHpIk1_8nJuQ
.doubleclick.net/	1970-01-20 21:22:48	Name: IDE Value: AHWqTUmNyxWJUexlUU_d8h3XeKVln1v-UfZNm62gtFAGA-9UH8EuKFFUlitIh1lD3Lc
.therams.com/	1970-01-20 21:37:12	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 179643557%7CMCIDTS%7C19501%7CMCMID%7C37831451205149466112191370826628068712%7CMCAAMLH-1685477061%7C6%7CMCAAMB-1685477061%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1684879461s%7CNONE%7CMCSYNCSOP%7C411-19508%7CvVersion%7C5.5.0
.mathtag.com/	1970-01-20 21:27:07	Name: uuid Value: 4f7f646d-1c47-4a00-9b9d-df8854e44826
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 13905-3-28081200
.exelator.com/	1970-01-20 14:54:00	Name: EE Value: "cff2d668818f7fc8d096596e95586271"
.w55c.net/	1970-01-20 21:32:53	Name: wfivefivec Value: Ae01xhWa1Q1yf45
.w55c.net/	1970-01-20 12:44:24	Name: matchdmx Value: 5
.exelator.com/	1970-01-20 14:54:00	Name: ud Value: "eJxrXxzq6XKLQSE5Lc0oxczMwsLQIs08LdkixcDSzNTSLNXS1NTCzMjccHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQeEl%252BUWb6IhfXxUUpaQyLSopPBR9RlQYAia8pNQ%253D%253D"
.adnxs.com/	1970-01-20 14:10:48	Name: uuid2 Value: 6474783599105034374
.turn.com/	1970-01-20 16:20:24	Name: uid Value: 3555114024213846367
.auth-id.nfl.com/	1970-01-20 20:46:48	Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: auth-id.therams.com
.twitter.com/	1970-01-20 21:37:12	Name: personalization_id Value: "v1_zSnTwMUryrfJ3fAwptbuXg=="
rams.formstack.com/	1970-01-20 12:11:17	Name: AWSALBCORS Value: /DcYJbYE5zP9FeXghyB3Fc7Z/mrVlDTqzHtWojiLrB6ka9S45SGiaYPwSPd7tnBfZiS4FcqaOfOUOmx+YZKJHg0LiDz/QaJCU/NfUlipYTm6cC+4Kxh2QOIqurfh
.therams.com/	1970-01-20 21:37:12	Name: FSAV Value: 1263112057.1370479226.1684872264.1684872264.1684872264.1.
.therams.com/	1970-01-20 16:24:00	Name: FSAC Value: 1263112057.1684872264.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)
.therams.com/	1970-01-20 21:37:12	Name: _ga Value: GA1.2.2006793091.1684872262
.therams.com/	1970-01-20 12:02:38	Name: _gid Value: GA1.2.841466383.1684872264
.therams.com/	1970-01-20 12:01:12	Name: _gat Value: 1
.auth-id.therams.com/	1970-01-20 20:48:14	Name: gmid Value: gmid.ver4.AcbHl69wwQ.xjfNefVO175bM28do4Q-Q7HTMuwabfAsVk9WfYDZHSeMTamOaU5raI5kRYswzK5r.h2P9tXcaYnj-Udf-u6cqMbG6pnxunrdBUCXfW5U843J2cBTC8gqITW-g_wODtuuO8UXiICgEcJPnc5U-Cw356g.sc3
.auth-id.therams.com/	1970-01-20 20:48:14	Name: ucid Value: _YCtyTYhdN5ZJdRUBMs7FQ
.auth-id.therams.com/	1970-01-20 16:26:13	Name: hasGmid Value: ver4
.therams.com/	1970-01-20 20:46:48	Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ Value: auth-id_ver4
.everesttech.net/	1970-01-20 12:45:50	Name: ev_sync_ax Value: 20230523
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: ZG0cRwAAAeAHuz3O
.auth-id.nfl.com/	1970-01-20 20:46:48	Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: false
.auth-id.nfl.com/	1970-01-20 20:46:48	Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: 13905-3-28081200
.advertising.com/	1970-01-20 20:47:09	Name: A3 Value: d=AQABBEgcbWQCEL5eAgilm4DnzlMn9OS9HQwFEgEBAQFtbmR2ZOANyiMA_eMAAA&S=AQAAAigbIpGNNTkNm7bSixQUY_8
.yahoo.com/	1970-01-20 20:47:09	Name: A3 Value: d=AQABBEgcbWQCEBVsKYTs4Nyfwd5CieeS9ewFEgEBAQFtbmR2ZOANyiMA_eMAAA&S=AQAAApTT9Kdm0kRvwyrKVygvGFc
.criteo.com/	1970-01-20 21:22:48	Name: uid Value: 4cfd26eb-0844-4a1d-a941-6ea04475da87
.eyeota.net/	1970-01-20 12:01:12	Name: SERVERID Value: 17447~DM
.everesttech.net/	1970-01-20 12:45:50	Name: ev_sync_yh Value: 20230523
.casalemedia.com/	1970-01-20 20:46:48	Name: CMID Value: ZG0cSfxfqH.MRNGE2HSLMwAA
.casalemedia.com/	1970-01-20 14:10:48	Name: CMPS Value: 1149
.casalemedia.com/	1970-01-20 14:10:48	Name: CMPRO Value: 1149
.adnxs.com/	1970-01-20 14:10:48	Name: anj Value: dTM7k!M4.FErk#WF']wIg2C'!o/:H3!]tbPl1MwL(!R7qUY%jM9$tjuYWJXk:DrvaCd8)X-Ix?h<QG=%9sk?bIRwi:w9Ld1t(DTx17Mco/y@Yw#u#@I*jA[/
.pubmatic.com/	1970-01-20 14:10:48	Name: KRTBCOOKIE_218 Value: 4056-ZG0cRQAAAM8n1QNn&KRTB&22978-ZG0cRQAAAM8n1QNn&KRTB&23194-ZG0cRQAAAM8n1QNn&KRTB&23209-ZG0cRQAAAM8n1QNn
.pubmatic.com/	1970-01-20 12:44:24	Name: PugT Value: 1684872264
.spotxchange.com/	1970-01-20 12:41:31	Name: audience Value: 049c5e80-f9a5-11ed-84f7-1a377c5d0306
.demdex.net/	1970-01-20 16:20:24	Name: dextp Value: 269-1-1684872262069\|3-1-1684872262233\|359-1-1684872262454\|358-1-1684872262627\|470-1-1684872262738\|843-1-1684872262858\|640-1-1684872263022\|771-1-1684872263152\|1123-1-1684872263257\|1083-1-1684872263390\|1085-1-1684872263560\|1086-1-1684872263752\|1087-1-1684872263971\|1088-1-1684872264078\|903-1-1684872264294\|6835-1-1684872264433\|19913-1-1684872264559\|28645-1-1684872264675\|30064-1-1684872264776\|30646-1-1684872264878\|30862-1-1684872264978\|83349-1-1684872265080\|144230-1-1684872265222\|144231-1-1684872265343\|144232-1-1684872265451\|144233-1-1684872265553\|144234-1-1684872265670\|144235-1-1684872265775\|144236-1-1684872265876\|144237-1-1684872265980\|147592-1-1684872266081\|152416-1-1684872266182\|139200-1-1684872266284
.undertone.com/	1970-01-20 20:46:48	Name: UTID Value: 5e180730591c4d9db43f7e369c4cf07f
.undertone.com/	1970-01-20 20:46:48	Name: UTID_ENC Value: 5kjh6dzxkt777jqjy8mdo077j
.amazon-adsystem.com/	1970-01-20 17:22:19	Name: ad-id Value: A66b1we6ZUT3kSTAh9Bg1i4
.amazon-adsystem.com/	1970-01-20 21:37:12	Name: ad-privacy Value: 0

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.therams.com/schedule/ Message: A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/schedule/ Message: A preload for 'https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 1477) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.evgnet.com/beacon/losangelesrams/production/scripts/evergage.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2398) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery-3.5.1.min_dc5e7f18c8.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2399) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery-ui-1.12.1.min_d71fd11517.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2400) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2401) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/analytics_7d49daa365.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2402) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2403) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2404) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/utm_tracking_dd0b5a32b7.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2405) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ups.analytics.yahoo.com/ups/28/sync?uid=38043003982057499002171484162072250839&_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.therams.com/schedule/ Message: The resource https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.therams.com/schedule/ Message: The resource https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32720c1b69723bd07848bc27787038d4.safeframe.googlesyndication.com
adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
api.nfl.com
apis.google.com
assets.adobedtm.com
auth-id.nfl.com
auth-id.therams.com
cdn.cookielaw.org
cdn.evgnet.com
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
evt.undertone.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
nflenterprises.tt.omtrdc.net
odr.mookie1.com
p.nfltags.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
rams.formstack.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.clubs.nfl.com
static.formstack.com
static.www.nfl.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
104.244.42.3
13.224.103.12
13.32.121.38
142.250.181.226
15.197.193.217
151.101.0.114
151.101.1.153
151.101.129.153
151.101.193.152
151.101.193.153
151.101.2.49
151.101.65.153
18.200.219.45
18.244.179.12
18.66.97.32
185.29.132.245
185.64.189.110
185.80.39.216
185.89.210.141
185.94.180.126
212.82.100.182
2600:1f18:1aca:4280:f695:b5e5:f9d:cc5e
2600:9000:223f:2800:8:48e:53c0:93a1
2606:4700:4400::6812:2b9e
2606:4700::6813:bb61
2a00:1288:80:807::1
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
2a02:2638:3::c
2a02:26f0:480:99e::1e80
2a02:6ea0:c700::10
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::300
3.122.214.165
3.64.145.154
3.71.149.231
34.160.236.64
34.98.64.218
46.228.164.13
46.51.133.242
52.31.219.190
52.46.143.56
54.73.43.225
54.76.246.74
54.78.254.47
65.9.66.36
66.235.152.113
69.173.144.139
69.192.160.219
69.192.160.253
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0810fd82abdfa946679ab23928936b583156c9d34868e3d23fcba92ba84d6727
08cc2f9a2162a2ea56ee26c9ec7f611d4ede6a266e126d76ebb50e789affddd5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1
0cc45fd555b4c0f07d977d11294802f8c3fbeae072daa475e4966c7711fdcae5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46
133571205551ac0cd2ca3ff3b0b7c90ee5d4b3663f1a5db577531888a2962a54
1492c17d9b641b3e9026659fe3ebff0a5e5f27319d91b66cf49dac37066ecada
1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9
15d01c709fdf293cbb036c2bfabbf58a06a8b66bcc35df2455f485185b9d01bb
1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de
179478bddb718a61355c3f83b9fc32dcb9c22ed470b3c63080475ab78ed9da15
1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1
229d7a330edcf966198cfcc490f151a8f75036b988115fb98007937a695e9f27
237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52
3809d41298c5c400bb68f7d47dbd764f71f21eb9c6ed3d6044c8005e883df513
3b2d4349345f1d8565e48dadbb4d70ea493ff614b58f83e568885881245ac2e3
3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5
3df33152cd65eb45b9203090a7678540a27a9f44ef4641ee66de9a47b7a0a43c
3fd9f3a159ce7a3cac9af5f4a3d09feb809ef23788edd2c1ea371ef7310f1a12
44403006aae65185e9dbed541bd2e382897c96e27f5c6093c0f95551aa1281e3
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5093c70019b3501c2eb8b2e8597e253bb2f8cf367cf5a305395a0ff7d238a643
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fbe08cd567b05b1c11dc37745a2b278c0521d1af11d8076ad50f685ea889ce
550eacf0b0dde64399a52fd7e8935fb9ebec1ca81b4c9a94c96c7b2f691f1706
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
5867a7357896e38bf8f5516e3f267b0ad90f3b379f4754e62ed7914f1fc8ba1b
5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28
673089261a490c7c06604429afc843813446902e59322da97745929aaec615f4
6737d1956ae2469ad6ede72da272db382138be729faa0c9c1595f3a2f134be30
68ac95362d68118e832cd68789828185f615e693720f17628497249e0e2e3abc
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69f8090fb59cb79bb1d56d99512d91d5fd2f297ee69490aeb91bca904c04add7
6c57558158992a692fd3ff22b55a6bcb85670ef56585cda1328c4022eca91398
6de95ed9ac949a7a36c2c60405c79958779b21938ce2b245b9c153c7196bcfa4
6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254
75a58f2aee7291da5efa4d6d0aceed2bebf39c283346a3269a7811d1910f9d43
7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7ae0778253dda8b156d65084c6265a3e26630e097b93a9e847d03c44462b8952
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cc54e74e6dbf5322743ddbf9d3eff9fc6a8015015eab90b7b4532c4e715b390
7f48123723251fde71c5aff246bfcf33cd9abdd69ebe1140eed0ae364e8a7e44
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1f726145e229015259cee77398d6e44fa5fd67a8a359f4294e814cbcae9ab2
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98528c4bc81559e9baea68c23ae6c38abe6d8008714085ac380bda280a753afb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e
9ef244043d29996c43ca61ea94a7a04521676447556484b35ec391b3dee8d7f2
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b884aa073ae0995039e442f97eaa0523fa02913747029e74e717248812a476d9
bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623
bc7ec2d74c4b5cd3838e85e4ddcb56ec798f61610fa6163f3787f68f1f8e59b3
bcad30472d959caa42adf95b1e12c0d0cf8ca99ee5ac7bf0d2734dfdd153e68a
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bdf96b01cde1b036361c160832a5f698dc9781a2c73972124bbe07b3f3a6c9fd
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c06791bf34146c2045d224090495bd33972d49bc5cda20e80995b212a2a233a8
c06f3fcb3a93af5c96f6d7eda17c8bf3bb02fc99b8d68e4fea7cfecd1d0fe948
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb
cfd88d77357dcdbf67e882d6771b4404fa9040c966ebeb859dd903418f11875c
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d163164bb749cfdea6b29289c061df192d7fb36cc10f20b1583e3ab81156149a
d47cb24671efb9de61016f1d0ce9e243ef08a8b2daa2a9ccb809fc130a989b87
d564ecea790280585429959b133a75bad092b20be35041c735d9c3fb1b800c14
d5a2e7738047c9fc62dbe182004f3050664967a941d5199236df72386921c7b2
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d6610e9377ef0a02e7e59dc98052dd9a6aabf20b77d82c9aa3a7e902ac95a30c
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652
e0586918cafc97d3d73b929b9e25a7ca471607011049f3cc11cb2327df7cb189
e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e504538b0e71c48c3a1747e2a2ea3587ae91506582adcadee07aa7af978203e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e779992ace543f715102af0c31dd34d3b2f65bff0ba108d0a10cfef268ea32b1
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8bc22931893b2046382a9a4d7edb1591fa4d5fd49ad288891bd14b39448f958
e9166b6dead256e5e723626e7344660a24e0c5e99b4688bc4f60633886a5e0bb
eb5a4d3ff1fbb61d8ecca698bcef0f6d83e98f34144607d5f6113a49e0540f3e
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef30c883b4b4e4b45057fb38e75477aa1b847d061b19ff032e26c5d3a789961c
f63b6991810ec4f98212762bc0ab61f08e0400d05718019ee4ff280a55f93604
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

www.therams.com Open in urlscan Pro 151.101.129.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

198 Requests

84 %HTTPS

41 %IPv6

45 Domains

68 Subdomains

53 IPs

8 Countries

3061 kBTransfer

8179 kBSize

55 Cookies

94 Outgoing links

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.therams.com Open in urlscan Pro
151.101.129.153 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

84 %
HTTPS

41 %
IPv6

45
Domains

68
Subdomains

53
IPs

8
Countries

3061 kB
Transfer

8179 kB
Size

55
Cookies

198 HTTP transactions
4 data transactions