www.therams.com Open in urlscan Pro
151.101.113.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.therams.info/T/v60000017a83c10eea96e1c2f4bbcf76f8/c5a65a13eee6469c0000021ef3a0bcc2/c5a65a13-eee6-469c-a029-dc...
Effective URL:
https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Submission: On July 12 via manual (July 12th 2021, 3:39:52 pm UTC) from US

Summary HTTP 141 Redirects Links 56 Behaviour Indicators

Summary

This website contacted 49 IPs in 7 countries across 53 domains to perform 141 HTTP transactions. The main IP is 151.101.113.153, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.therams.com.
TLS certificate: Issued by R3 on June 12th 2021. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.127.187.12 159.127.187.12	19137 (EPSILON-I...) (EPSILON-INTERACTIVE)
56	151.101.113.153 151.101.113.153	54113 (FASTLY) (FASTLY)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:219... 2600:9000:2190:7a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
3 17	52.31.176.223 52.31.176.223	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.89.174 13.224.89.174	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:8a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
9 9	34.253.145.149 34.253.145.149	16509 (AMAZON-02) (AMAZON-02)
1	54.75.9.158 54.75.9.158	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.37.44.220 23.37.44.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.127.92.82 3.127.92.82	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.69 35.241.40.69	15169 (GOOGLE) (GOOGLE)
3 4	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
4	151.101.193.152 151.101.193.152	54113 (FASTLY) (FASTLY)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
1 1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
9 10	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
6 12	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 2	35.156.153.71 35.156.153.71	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
8 8	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1 1	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
1 1	107.21.58.76 107.21.58.76	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
141	49

1 159.127.187.12 (United States) 1 redirects

ASN19137 (EPSILON-INTERACTIVE, US)
PTR: mail.ebates.cn

email.therams.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 151.101.113.153 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.nfltags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:7a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.31.176.223 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-174.zrh50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:8a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.253.145.149 (Dublin, Ireland) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-145-149.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.9.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-9-158.eu-west-1.compute.amazonaws.com

nflenterprises.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.44.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

us.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.234 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.92.82 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.69 (Mountain View, United States)

ASN15169 (GOOGLE, US)

w3.cdn.anvato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.53 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.152 (United States)

ASN54113 (FASTLY, US)

api.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.246.227.69 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.153.71 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.114.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.58.76 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.13 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	therams.com www.therams.com	463 KB
29	everesttech.net 23 redirects cm.everesttech.net pixel.everesttech.net sync-tm.everesttech.net	11 KB
22	nfl.com static.clubs.nfl.com smetrics.nfl.com static.www.nfl.com api.nfl.com	3 MB
17	demdex.net 3 redirects dpm.demdex.net nfl.demdex.net	20 KB
16	doubleclick.net 10 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	141 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	unpkg.com 2 redirects unpkg.com	41 KB
4	facebook.com www.facebook.com	990 B
4	adobedtm.com assets.adobedtm.com	102 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	2 KB
3	exelator.com 2 redirects loadm.exelator.com load77.exelator.com	2 KB
3	google.de www.google.de	235 B
3	google.com 1 redirects www.google.com	195 B
2	undertone.com 2 redirects ads.undertone.com evt.undertone.com	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	470 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com ads.yahoo.com	1 KB
2	eyeota.net 2 redirects ps.eyeota.net	1 KB
2	criteo.com 2 redirects gum.criteo.com	769 B
2	advertising.com 1 redirects pixel.advertising.com	602 B
2	adsrvr.org 2 redirects match.adsrvr.org	935 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	hubspot.com track.hubspot.com forms.hubspot.com	1 KB
2	facebook.net connect.facebook.net	99 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	71 KB
2	consensu.org quantcast.mgr.consensu.org	62 KB
1	taboola.com trc.taboola.com	229 B
1	pubmatic.com image2.pubmatic.com	547 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	mookie1.com odr.mookie1.com	324 B
1	twitter.com analytics.twitter.com	581 B
1	addthis.com 1 redirects x.dlx.addthis.com	175 B
1	turn.com 1 redirects d.turn.com	402 B
1	anvato.net w3.cdn.anvato.net	79 KB
1	nfltags.com p.nfltags.com	1 MB
1	mathtag.com 1 redirects sync.mathtag.com	640 B
1	connextra.com us.connextra.com
1	hsleadflows.net js.hsleadflows.net	80 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hs-banner.com js.hs-banner.com	14 KB
1	hs-scripts.com js.hs-scripts.com	651 B
1	omtrdc.net nflenterprises.tt.omtrdc.net	3 KB
1	parsely.com p1.parsely.com	257 B
1	googleadservices.com www.googleadservices.com	14 KB
1	quantcount.com rules.quantcount.com	346 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	24 KB
1	quantserve.com secure.quantserve.com	9 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googleapis.com imasdk.googleapis.com	27 KB
1	therams.info 1 redirects email.therams.info	198 B
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
141	53

	Domain	Requested by
39	www.therams.com	www.therams.com
16	dpm.demdex.net	3 redirects www.therams.com
14	static.clubs.nfl.com	www.therams.com
12	pixel.everesttech.net	6 redirects
10	cm.g.doubleclick.net	9 redirects
9	cm.everesttech.net	9 redirects
8	sync-tm.everesttech.net	8 redirects
4	api.nfl.com	p.nfltags.com
4	ib.adnxs.com	3 redirects
4	unpkg.com	2 redirects www.therams.com
4	www.facebook.com	www.therams.com
4	assets.adobedtm.com	www.therams.com assets.adobedtm.com
3	s.amazon-adsystem.com	2 redirects
3	www.google.de	www.therams.com
3	www.google.com	1 redirects www.therams.com
3	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ps.eyeota.net	2 redirects
2	gum.criteo.com	2 redirects
2	pixel.advertising.com	1 redirects
2	match.adsrvr.org	2 redirects
2	pm.w55c.net	2 redirects
2	loadm.exelator.com	2 redirects
2	static.www.nfl.com	www.therams.com
2	connect.facebook.net	www.therams.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	smetrics.nfl.com	assets.adobedtm.com
2	www.googletagmanager.com	assets.adobedtm.com
2	quantcast.mgr.consensu.org	www.therams.com quantcast.mgr.consensu.org
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	analytics.twitter.com
1	x.dlx.addthis.com	1 redirects
1	d.turn.com	1 redirects
1	w3.cdn.anvato.net	p.nfltags.com
1	forms.hubspot.com	js.hsleadflows.net
1	p.nfltags.com	www.therams.com
1	track.hubspot.com
1	load77.exelator.com
1	sync.mathtag.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	us.connextra.com	assets.adobedtm.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-scripts.com	assets.adobedtm.com
1	nflenterprises.tt.omtrdc.net	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	p1.parsely.com	www.therams.com
1	www.googleadservices.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	d1z2jf7jlzjs58.cloudfront.net	assets.adobedtm.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	cdn.onesignal.com	www.therams.com
1	imasdk.googleapis.com	www.therams.com
1	email.therams.info	1 redirects
0	adb2waycm-atl.netmng.com Failed
141	66

This site contains links to these domains. Also see Links.

Domain
www.ramsfanshop.com
gamepass.nfl.com
sports.yahoo.com
www.ramsnewlook.com
www.pntra.com
am.ticketmaster.com
itunes.apple.com
play.google.com
www.facebook.com
www.instagram.com
www.snapchat.com
twitter.com
www.youtube.com
preferencecenter.therams.info
www.teamworkonline.com
www.stanza.co
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.washingtonfootball.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com
www.ticketmaster.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2021-06-12` - `2021-09-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.parsely.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
smetrics.nfl.com DigiCert SHA2 High Assurance Server CA	`2020-05-18` - `2021-08-25`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
static.www.nfl.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.connextra.com DigiCert SHA2 Secure Server CA	`2021-07-04` - `2022-07-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
1605158521.rsc.cdn77.org R3	`2021-05-26` - `2021-08-24`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
ndc-production-san.nfl.com R3	`2021-07-02` - `2021-09-30`	3 months	crt.sh
w3.cdn.anvato.net GTS CA 1D4	`2021-06-28` - `2021-09-26`	3 months	crt.sh
clubsweb.san1.nfl.com R3	`2021-07-02` - `2021-09-30`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.tmogul.com Amazon	`2020-08-14` - `2021-09-13`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-08` - `2021-08-25`	2 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Frame ID: FD4D2CBDE0152F3A451304DE82B13D6E
Requests: 106 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: 12A5217792002B40EED477386A2C06A6
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.therams.info/T/v60000017a83c10eea96e1c2f4bbcf76f8/c5a65a13eee6469c0000021ef3a0bcc2/c5a65a... HTTP 302
https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021 Page URL

Detected technologies

Envoy (Reverse Proxy) Expand

Overall confidence: 100%
Detected patterns

headers server /^envoy$/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

141
Requests

99 %
HTTPS

44 %
IPv6

53
Domains

66
Subdomains

49
IPs

7
Countries

5880 kB
Transfer

11314 kB
Size

20
Cookies

56 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://gamepass.nfl.com/packages?team=la&campaign=sp-cl-gd-af-pj-1502665&affiliateId=57835&clickId=2754287782&affiliateCustomId=&affiliateCustomUrl=
Title: GAME PASS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: http://www.ramsnewlook.com/
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://www.pntra.com/t/2-401088-57835-161436
Title: GAME PASS

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: ACCOUNT MANAGER

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8
Title: DOWNLOAD FOR iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams
Title: DOWNLOAD FOR ANDROID

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Rams/
Title: facebook Rams

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rams/
Title: instagram Rams

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/snaptherams
Title: snapchat SnapTheRams

Search URL Search Domain Scan URL

URL: https://twitter.com/ramsnfl
Title: twitter RamsNFL

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCyJ6yZdVUkBvt2vl4R03jcA
Title: youtube Los Angeles Rams

Search URL Search Domain Scan URL

URL: http://preferencecenter.therams.info/Pages/signup
Title: email Email/SMS Preference Center

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.stanza.co/button/launch?calendar=https%3A%2F%2Fspoton.it%2Fschedules%2Fnfl-rams#/
Title: Add to Calendar

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.bengals.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.steelers.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.patriots.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.colts.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.chargers.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.raiders.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.packers.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.vikings.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.giants.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.washingtonfootball.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.panthers.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.49ers.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/
Title:

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.therams.info/T/v60000017a83c10eea96e1c2f4bbcf76f8/c5a65a13eee6469c0000021ef3a0bcc2/c5a65a13-eee6-469c-a029-dcb6755488ec?__dU__=v0G4RBKTXg2GuhfagAvzUkzdXhD-APWVdfTuYnTC-1zsA=&__F__=v0_c2D_gQNbJ-X8tEJWRifPNusn6-969x6tMew3ZyHeHNL6TlQrWEVaPwPTA5K2TJdWe3OO1z8AjGKedxoHtDdpa4oOl0BM1NsCruKZag0BPOADfFXYs94vmmzaA2K1zECJUM75hfWvgUYkAS4N7Gb8GjC19wX83Qos8yNvP0f2GkE3imr5APXeOPA4V5wdmut9DqJzw1TM8uP3ON6RhtDehWJwpbCqsrdS6ukKhIsemm_P-HeXoarYVE6gUMGGtRRmvo7d6ZXJIgAyQp6xRGyjoOCWuIQ1vYSJu3m21uUrtFkbEWfFqff_R7FWg_afvbzZb26tc-5uk89v0qd9b-2HMWGqTZnPkKaD7J-tiSmG8BReu9Tjjks8wCWMNxL2-0eRadAeXRimMs= HTTP 302
https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1626104371038 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1626104371038

Request Chain 40

https://cm.everesttech.net/cm/dd?d_uuid=51618174972899657141092165386555734335 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOxiMwAAADZ-HxHl

Request Chain 87

https://unpkg.com/react@16/umd/react.production.min.js HTTP 302
https://unpkg.com/react@16.14.0/umd/react.production.min.js

Request Chain 88

https://unpkg.com/react-dom@16/umd/react-dom.production.min.js HTTP 302
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

Request Chain 90

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=51618174972899657141092165386555734335&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d51618174972899657141092165386555734335 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=e11160ec-6233-4600-80f5-f90d5feac558&ddsuuid=51618174972899657141092165386555734335

Request Chain 94

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=51618174972899657141092165386555734335 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=51618174972899657141092165386555734335&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 95

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845516241/?value=0&guid=ON&script=0&data=8512423 HTTP 302
https://www.google.com/pagead/1p-user-list/845516241/?value=0&guid=ON&script=0&data=8512423&is_vtc=1&random=47192483 HTTP 302
https://www.google.de/pagead/1p-user-list/845516241/?value=0&guid=ON&script=0&data=8512423&is_vtc=1&random=47192483&ipr=y

Request Chain 101

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=BSoa9ZSM1M2Y1R5

Request Chain 104

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8100931264692939584

Request Chain 108

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2995638683338240578

Request Chain 109

https://x.dlx.addthis.com/e/demdex_sync?na_exid=51618174972899657141092165386555734335&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2021071215393300094285948664

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTE2MTgxNzQ5NzI4OTk2NTcxNDEwOTIxNjUzODY1NTU3MzQzMzU= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMDIXfxsOEsB0ODezRYB9vw&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 115

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEBjzQXr8nZZi7D3x0wdJE7Q&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 116

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBjzQXr8nZZi7D3x0wdJE7Q&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 117

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEBjzQXr8nZZi7D3x0wdJE7Q&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 118

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEBjzQXr8nZZi7D3x0wdJE7Q&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 119

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBjzQXr8nZZi7D3x0wdJE7Q&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 120

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=cb85acdf-ea49-408e-b528-4d53eacc0316 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=cb85acdf-ea49-408e-b528-4d53eacc0316

Request Chain 121

https://pixel.advertising.com/ups/28/sync?uid=51618174972899657141092165386555734335&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/28/sync?uid=51618174972899657141092165386555734335&_origin=1&redir=true&verify=true

Request Chain 122

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU5RQUFBZEgxOUVtSQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WU94aU5RQUFBZEgxOUVtSQ&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_tc= HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEDpYlw2pCZ3zl6ea5FoLQDY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WU94aU5RQUFBQjdidWhOZw HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEDpYlw2pCZ3zl6ea5FoLQDY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 123

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mlro8Z9dq0Wunu4qLuhNGIz9B-Zl27TZ&gdpr=0&gdpr_consent=

Request Chain 124

https://ps.eyeota.net/match?bid=6j5b2cv&uid=51618174972899657141092165386555734335&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=51618174972899657141092165386555734335&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2qTsgcA4VGqGfX2aHXG5LJQr6ukSUqwFYdnXG3124Ffk

Request Chain 125

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=51618174972899657141092165386555734335&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-HsTi8nBE2pF4absG3WM4oj9vRTyVRscwz6Q-~A

Request Chain 127

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YOxiNQAAAB7buhNg&sigv=1&esig=1~c8a996278ee7e305c4ab1d6933fb42f668ea71d9

Request Chain 128

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU94aU5RQUFBQjdidWhOZw==

Request Chain 129

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YOxiNQAAAB7buhNg&expires=90

Request Chain 130

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOxiNQAAAB7buhNg HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOxiNQAAAB7buhNg&C=1

Request Chain 131

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YOxiNQAAAB7buhNg HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYOxiNQAAAB7buhNg

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YOxiNQAAAB7buhNg HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YOxiNQAAAB7buhNg

Request Chain 133

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOxiNQAAAB7buhNg

Request Chain 134

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YOxiNQAAAB7buhNg&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YOxiNQAAAB7buhNg&img=1&__user_check__=1&sync_id=5bc69937-e327-11eb-bcb9-14d534130206

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YOxiNQAAAB7buhNg&t=2592000&o=0

Request Chain 137

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 138

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=Yi3EhWXdRlSdI9jLw5Sfow&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=72160427484934511130260430017220302821

141 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.therams.com/
Redirect Chain

http://email.therams.info/T/v60000017a83c10eea96e1c2f4bbcf76f8/c5a65a13eee6469c0000021ef3a0bcc2/c5a65a13-eee6-469c-a029-dcb6755488ec?__dU__=v0G4RBKTXg2GuhfagAvzUkzdXhD-APWVdfTuYnTC-1zsA=&__F__=v0_c...
https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

479 KB
84 KB

480ms
451ms

Document
text/html

151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3202b14c8de03f16995bc2b7e09816d8d78316c9a8817a4d99176f49aaec24f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.therams.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 85724
content-type: text/html
server: envoy
content-encoding: gzip
access-control-allow-origin: *
service-worker-allowed: /
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 286
strict-transport-security: max-age=31536000
origin-site: LV1
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:30 GMT
Age: 0
X-NFL-Geo: country_code=DE
X-NFL-Dma: 276003
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4051-HHN
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1626104370.389724,VS0,VE443
Vary: Accept-Encoding,X-NFL-Geo,Origin

Redirect headers

location: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
cache-control: no-cache
content-length: 0
date: Mon, 12 Jul 2021 15:39:30 GMT

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 526 KB
93 KB 17ms
8ms Stylesheet
text/css 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

46a5921e2a82b9c177b78fccb591e848f2f667030d082268f227dc74b07f5c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.therams.com
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Connection: keep-alive
Origin: https://www.therams.com
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 32
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 94438
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10667-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:34 GMT
server: envoy
X-Timer: S1626104371.854208,VS0,VE1
etag: "1d77341654fda8e"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:30 GMT
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK 0a3e10e0718e883a70dba01c02a61e6a
www.therams.com/compiledassets/theming/ 14 KB
4 KB 26ms
7ms Stylesheet
text/css 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/0a3e10e0718e883a70dba01c02a61e6a

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ce6b5da8296a461ba8deb1d7c6b3164965fd04e56d78e59c0f07b1d32e0e8f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.therams.com
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Connection: keep-alive
Origin: https://www.therams.com
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1575949
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 31
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3220
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-lax10635-LGB, cache-hhn4048-HHN
X-NFL-Dma: 276003
server: envoy
X-Timer: S1626104371.864114,VS0,VE1
Date: Mon, 12 Jul 2021 15:39:30 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 68 KB
24 KB 36ms
14ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

82fc214fe2194d0db5a49e3a6c48ed181d3aa7bfa43cb949618a640718e8dd82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "928 / 510 of 1000 / last-modified: 1626090235"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24141
x-xss-protection: 0
expires: Mon, 12 Jul 2021 15:39:30 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 75 KB
27 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aede11abdf5cfb8e94d60f1137029f1dc2668aabd48e2cf0ce1f2d80c0ad4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 10 Jul 2021 02:35:19 GMT
server: sffe
age: 803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27589
x-xss-protection: 0
expires: Mon, 12 Jul 2021 15:41:07 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 95ms
79ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3473
etag: W/"96fc99e13be87550fcfc4474d30d43d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 66db5d5e2da2d6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 15 Jul 2021 15:39:30 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 269 KB
79 KB 24ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6f98534431413d2d2f40ccac80e47a82fe5b32217885400ec3ad81faf70a5017

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:30 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 04:16:33 GMT
server: AkamaiNetStorage
etag: "096069cc7bb1db83997fb5a91c1fb240:1617077793.04573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 80198
expires: Mon, 12 Jul 2021 16:39:30 GMT

GET
H/1.1 200
OK nilpk4gmdgz5qt8oswr7.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/ 7 KB
8 KB 37ms
8ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/nilpk4gmdgz5qt8oswr7.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6abcbf91db20e6be336bc5984c8470477c79f2ab12ee63c2b089a7abaae5ef36

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:30 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 254282
Edge-Cache-Tag: 307680586384926496072692309338083953322,402427362555912672425739576678711768492,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="nilpk4gmdgz5qt8oswr7.webp"
Connection: keep-alive
Content-Length: 7402
X-Request-Id: 9faef7d988ee6ac8ae0228d21349a4d8
X-Served-By: cache-dca17744-DCA, cache-dca17758-DCA, cache-hhn4049-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 09 Jul 2021 17:01:29 GMT
Server: cloudinary
X-Timer: S1626104371.925790,VS0,VE1
Etag: "928ee2c0f778ed7edc2f6861e7fe3f35"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/ 6 KB
2 KB 44ms
13ms Script
application/javascript 2600:9000:2190:7a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9032a2dd736386bb62b3fe150836a1ae73dc7352ed8be39ccc90aa781b450600

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 15:38:52 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 18:20:52 GMT
server: AmazonS3
age: 39
etag: W/"9c1e49e0bcd33b45c5c8ebf6978a145d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: kWGxyiGws2ZA9V01G0iVrlTMLZ-ZdOWeQyP-O8CauWSqCfo4bmBzVg==

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 526 KB
93 KB 24ms
8ms Stylesheet
text/css 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

46a5921e2a82b9c177b78fccb591e848f2f667030d082268f227dc74b07f5c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 32
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 94438
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:34 GMT
server: envoy
X-Timer: S1626104371.865676,VS0,VE1
etag: "1d77341654fda8e"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:30 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK 0a3e10e0718e883a70dba01c02a61e6a
www.therams.com/compiledassets/theming/ 14 KB
4 KB 25ms
8ms Stylesheet
text/css 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/0a3e10e0718e883a70dba01c02a61e6a

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ce6b5da8296a461ba8deb1d7c6b3164965fd04e56d78e59c0f07b1d32e0e8f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1575948
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 27
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3220
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10730-LGB, cache-hhn4082-HHN
X-NFL-Dma: 276003
server: envoy
X-Timer: S1626104371.866514,VS0,VE1
Date: Mon, 12 Jul 2021 15:39:30 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK zvvay2vf53m91sehqss8.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 35ms
7ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/zvvay2vf53m91sehqss8.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 17293dedef15c5e03e31bcec364d626d7dd85eaedeba388428c74649f4630077

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:30 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 83229
Edge-Cache-Tag: 569410788735823625086951647421522138310,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="zvvay2vf53m91sehqss8.webp"
Connection: keep-alive
Content-Length: 1800
X-Request-Id: 27dfc4f966321ac0105e5b17740f348d
X-Served-By: cache-dca17761-DCA, cache-dca12923-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sun, 11 Jul 2021 16:32:23 GMT
Server: cloudinary
X-Timer: S1626104371.925689,VS0,VE1
Etag: "4690e7770566ebcdde6c7f7dc2c3efa8"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK dqljoanenenctlmgv2an.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 40ms
7ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/dqljoanenenctlmgv2an.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b3cf915704736b8ba3c7b91e411a929b51afea72ec00e1f3f1a8ee8f70efb46d

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:30 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 169643
Edge-Cache-Tag: 583041174681783162072725494301396236172,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="dqljoanenenctlmgv2an.webp"
Connection: keep-alive
Content-Length: 1450
X-Request-Id: 3b234f6769e362ca24c1f42b5b0cf434
X-Served-By: cache-dca17721-DCA, cache-dca12926-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sat, 10 Jul 2021 16:32:08 GMT
Server: cloudinary
X-Timer: S1626104371.929897,VS0,VE1
Etag: "2b285f45c686efd53a548063c899e236"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK drqb8d4tsvdsgbszp4na.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 43ms
8ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/drqb8d4tsvdsgbszp4na.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ded376434a6611077152187701fada1cbd436ec6df99f545f11347530d23d741

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:30 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 256071
Edge-Cache-Tag: 308853676085137273392672633169017849529,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="drqb8d4tsvdsgbszp4na.webp"
Connection: keep-alive
Content-Length: 2196
X-Request-Id: 0ae5128d9c4586614bbf7abbce78197f
X-Served-By: cache-dca17747-DCA, cache-dca17735-DCA, cache-hhn4062-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 09 Jul 2021 16:31:40 GMT
Server: cloudinary
X-Timer: S1626104371.932769,VS0,VE1
Etag: "c1f7707db408cff5354fe5bc76b0bac7"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK o943wq9upcsf1qc4ogpo.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 44ms
7ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/o943wq9upcsf1qc4ogpo.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 19af64338e066269716ef5e8eddc3c70d0525407e0849695fcc1a3d4b182ed25

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:30 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2798550
Edge-Cache-Tag: 560513400230604994471090019588424149660,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="o943wq9upcsf1qc4ogpo.webp"
Connection: keep-alive
Content-Length: 1180
X-Served-By: cache-dca17759-DCA, cache-dca17769-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Tue, 24 Mar 2020 19:43:34 GMT
Server: cloudinary
X-Timer: S1626104371.934479,VS0,VE1
Etag: "8d3d51c805983a8374116e5764774297"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK eftqwk7ewjisxp3pxyz1.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 44ms
7ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/eftqwk7ewjisxp3pxyz1.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 19af64338e066269716ef5e8eddc3c70d0525407e0849695fcc1a3d4b182ed25

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:30 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1890551
Edge-Cache-Tag: 463352013331282900505680500567724082759,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="eftqwk7ewjisxp3pxyz1.webp"
Connection: keep-alive
Content-Length: 1180
X-Served-By: cache-dca17770-DCA, cache-dca17725-DCA, cache-hhn4049-HHN
X-Cache: HIT, HIT, HIT
Last-Modified: Thu, 05 Nov 2020 08:27:58 GMT
Server: cloudinary
X-Timer: S1626104371.934872,VS0,VE1
Etag: "8d3d51c805983a8374116e5764774297"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 10ms
10ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 32
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:00:11 GMT
server: envoy
X-Timer: S1626104371.922304,VS0,VE1
etag: "1d77340c8850aca"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:30 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK picturefill.min.js Show response
www.therams.com/compiledassets/js/vendor/picturefill/ 14 KB
7 KB 9ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/picturefill/picturefill.min.js?_t=c927ae7f55dda5652225c00240e24232

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3e0bd44b845ac9cbcfb8dc3dc3a119b4b3feaf35d627913ca2e270ed27b6d998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 32
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 6158
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:00:11 GMT
server: envoy
X-Timer: S1626104371.932310,VS0,VE1
etag: "1d77340c8857873"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:30 GMT
X-Cache-Hits: 1, 1

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 8ms
8ms Font
font/woff2 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.therams.com
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd
Connection: keep-alive
Origin: https://www.therams.com
Referer: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 32
origin-site: LV1
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19348
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10631-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:00:11 GMT
server: envoy
X-Timer: S1626104371.904144,VS0,VE1
etag: "1d77340c8850414"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:30 GMT
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 9ms
7ms Font
font/woff2 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.therams.com
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd
Connection: keep-alive
Origin: https://www.therams.com
Referer: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 32
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19284
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:00:11 GMT
server: envoy
X-Timer: S1626104371.943295,VS0,VE1
etag: "1d77340c88504d4"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:30 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
18 KB 9ms
8ms Font
font/woff2 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.therams.com
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd
Connection: keep-alive
Origin: https://www.therams.com
Referer: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 31
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18168
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:00:11 GMT
server: envoy
X-Timer: S1626104371.943268,VS0,VE1
etag: "1d77340c8850978"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:30 GMT
X-Cache-Hits: 1, 1

GET
H3-29 200 pubads_impl_2021070101.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
114 KB 24ms
22ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061771

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 08:37:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117092
x-xss-protection: 0
expires: Mon, 12 Jul 2021 15:39:31 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
104 B 24ms
23ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7211d8b26143e07e1cb7b66219fcf0fc4a22a57f6b864c9cee37070df8592d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Mon, 12 Jul 2021 15:39:31 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 27ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 19 Jul 2021 15:39:31 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 235 KB
59 KB 14ms
14ms Script
text/javascript 2600:9000:2190:7a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f89a9e9c75d9fec44ced16b817fd581e2763bc935f62c948a6f12a3a026c52d

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:38:49 GMT
content-encoding: br
age: 75
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 17 Jun 2021 17:20:28 GMT
server: AmazonS3
etag: W/"2664a5887dc3407c6720171eb46d797b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: MggCg3DQIBVCSFMCnX5S8TiJojXUq2TLYrifoBDjSmllmaQ_G8plzA==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1626104371038
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1626104371038

7 KB
3 KB

35ms
35ms

XHR
application/json

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1626104371038

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c230294f0c9625d64e88cca2498e4a4b4b1c037b7e117587646601364ba886e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0ade9229d.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 1xiLfhT0Rwc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1997
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v012-0461d9108.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.therams.com
X-TID: r3AYOi4QR/Q=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1626104371038
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Mon, 12 Jul 2021 16:39:31 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 15ms
15ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Mon, 12 Jul 2021 16:39:31 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Mon, 12 Jul 2021 16:39:31 GMT

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 8ms
8ms Font
font/woff2 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.therams.com
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd
Cookie: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true
Connection: keep-alive
Origin: https://www.therams.com
Referer: https://www.therams.com/compiledassets/css/base.css?_t=3312229c18a7b93a9524eed28bd0a3bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 32
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18504
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10751-LGB, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:00:11 GMT
server: envoy
X-Timer: S1626104371.095111,VS0,VE1
etag: "1d77340c88507c8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 0, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-861929325

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae036a63c59a88766020367aec318c62c228290790b2a12f4334c8fd08545466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35881
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jul 2021 15:39:31 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/ 66 KB
24 KB 41ms
13ms Script
application/x-javascript 13.224.89.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/p.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-174.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 09:59:45 GMT
Content-Encoding: gzip
Age: 20382
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Tue, 20 Apr 2021 20:53:44 GMT
Server: nginx
ETag: W/"607f3f58-10707"
Content-Type: application/x-javascript
Via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: fCQp3e-m1sY0S8Q7XLG3KWTFONAigiiFpHpC7HSKzkmb3BAQP0SCFA==
Expires: Tue, 13 Jul 2021 09:59:45 GMT

GET
H2 200 rules-p-gGpYeVwuEvd4w.js Show response
rules.quantcount.com/ 2 B
346 B 42ms
12ms Script
application/javascript 2600:9000:2190:8a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gGpYeVwuEvd4w.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:13:05 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
server: AmazonS3
age: 1586
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
content-length: 2
x-amz-cf-id: lRuH8UZ--MiX6Xiu0TrTOPRu75SrqWurwRbK3BPKXqxMRSUgYw923Q==

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 6 KB
3 KB 9ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=b39b33bab68cb8b54a9729d8f9ed0f3a

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fdcd7a82b031c2fda290557cc946fd3683489cbd7bc3f9eb0a5e2302f8132759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 31
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1731
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10628-LGB, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.196808,VS0,VE1
etag: "1d773416e38a9f8"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 0, 1

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 39ms
18ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-861929325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 1690124483490796579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 15:39:31 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122484269-1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a96dc5b0582eec7819c50f01a1fa257e66c58fee7ffbc3739c54821d466616c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36896
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jul 2021 15:39:31 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 407ms
102ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1626104371222&plid=15789629&idsite=therams.com&url=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&sref=&sts=1626104371217&slts=0&title=Los+Angeles+Rams+Home+%7C+Los+Angeles+Rams+-+therams.com&date=Mon+Jul+12+2021+17%3A39%3A31+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=68686248&u=pid%3Da850479dd51b7333dd827a1de4f2719c
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:31 GMT
Cache-Control: no-cache
Last-Modified: Monday, 12-Jul-2021 15:39:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK dest5.html Show response
nfl.demdex.net/ Frame 12A5 7 KB
3 KB 119ms
31ms Document
text/html 52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: nfl.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.therams.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=51618174972899657141092165386555734335
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.therams.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 12 Jul 2021 15:39:31 GMT
DCS: dcs-prod-irl1-1-v012-0a5d1c7f9.edge-irl1.demdex.com 6.3.1.20210623115127
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 2 Jul 2021 08:33:33 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: xYuz1Xd/R0k=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetrics.nfl.com/ 48 B
506 B 51ms
17ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&mid=51818276948484250051108976081098261888&ts=1626104371234

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

2b4ec6bd00d172b229209eed6a085517c7ca7a9e9c92e4874e6920538bce6ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-58944c9887-44fwt
vary: Origin
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YOxiMwAAADZ-HxHl
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=51618174972899657141092165386555734335
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOxiMwAAADZ-HxHl

42 B
956 B

35ms
34ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOxiMwAAADZ-HxHl

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0eecf40e0.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mk1aQfZTSXA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOxiMwAAADZ-HxHl
Date: Mon, 12 Jul 2021 15:39:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
nflenterprises.tt.omtrdc.net/rest/v1/ 9 KB
3 KB 102ms
39ms XHR
application/json 54.75.9.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nflenterprises.tt.omtrdc.net/rest/v1/delivery?client=nflenterprises&sessionId=c678f253de9440e288e840de3bdbaf04&version=2.4.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.9.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-9-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 50f450d6b556c65b79acc84cceb804755851cb22730a7847466290041a95cc19

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.therams.com
date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: bffa757cc4e5094a1a73634f541b75d0
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/functions/ 871 B
1 KB 14ms
13ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bfdf5156c103e09dadb4813c2c58477030aaf2bae5d05a5b35945e0403ce9a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 492
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.257726,VS0,VE1
etag: "1d773416e38bde7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/functions/ 808 B
1 KB 9ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400373
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.252483,VS0,VE1
etag: "1d773416e38bda8"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 2 KB
2 KB 14ms
13ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 837
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4048-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.258427,VS0,VE0
etag: "1d773416e38b7a5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 2

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 2 KB
2 KB 8ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5586703405a3581334ca85ec968d9c2f68c45db0e9c123c88ffcc58aa31344a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 890
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4043-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.252670,VS0,VE1
etag: "1d773416e38b6b0"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK oneSignalAdobeTracker.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 907 B
1 KB 9ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/oneSignalAdobeTracker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400373
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 387
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10644-LGB, cache-hhn4034-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.253318,VS0,VE1
etag: "1d773416e38bd0b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 1, 1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/?random=1626104371251&cv=9&fst=1626104371251&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa770&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7480d835a755e5c9463da6d5b48a458594da2a6c1cc8ef8a1168418d0f1d798b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122484269-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6931
date: Mon, 12 Jul 2021 13:44:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 12 Jul 2021 15:44:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
25 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: xW3nGyx5+Jb9VYnpuQtv9cC8PogFNatbycMgvQHtsohEYi37BzBBEHMzi5MWivY1kKeo0NO0EohaVbezfw/yTA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 12 Jul 2021 15:39:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5191967.js Show response
js.hs-scripts.com/ 1 KB
651 B 27ms
25ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5191967.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8ec681976cb015670631b64005039e813a64b5734c7b809498b960d70ef4800

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 40
cf-polished: origSize=1541
x-hubspot-correlation-id: dc222c4d-91c7-4dd4-b8bf-69f405853626
cf-bgj: minify
server: cloudflare
x-trace: 2BDD308EACBE79A5E698B11BA88A5CFFCDEC844811000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 66db5d606bd54a74-FRA
expires: Mon, 12 Jul 2021 15:40:31 GMT

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 93 B
899 B 8ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400373
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4048-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.268425,VS0,VE1
etag: "1d773416e38bedd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/addons/services/ 180 B
940 B 8ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.269646,VS0,VE1
etag: "1d773416e38be34"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 41ms
7ms Image
image/svg+xml 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2358165
X-Cache: HIT, HIT
Server-Timing: fastly;dur=1;cpu=0;start=2021-06-15T08:36:46.091Z;desc=hit,rtt;dur=0
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Content-Length: 3390
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
X-Served-By: cache-dca17737-DCA, cache-hhn4023-HHN
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1626104371.305236,VS0,VE0
Date: Mon, 12 Jul 2021 15:39:31 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 2, 2

GET
H/1.1 200
OK c0csx2usqztyi9o1cwmb
static.clubs.nfl.com/image/private/f_auto/rams/ 100 KB
101 KB 9ms
7ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/c0csx2usqztyi9o1cwmb
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 89345d6703be7137b30b1182de2231b4abf8531a41e70457c732e89a856ba1c4

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:31 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2882635
Edge-Cache-Tag: 558838206634316344475616196733815080529,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="c0csx2usqztyi9o1cwmb.webp"
Connection: keep-alive
Content-Length: 102226
X-Served-By: cache-dca17758-DCA, cache-dca17732-DCA, cache-hhn4049-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 21 May 2021 20:00:46 GMT
Server: cloudinary
X-Timer: S1626104371.272370,VS0,VE1
Etag: "b73a9138a369e918748fa7aaf65b2090"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK h9kqte56bvmt2auzhatp
static.clubs.nfl.com/image/private/f_auto/rams/ 47 KB
48 KB 8ms
8ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/h9kqte56bvmt2auzhatp
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f20282f9db33010073224dee90c3a3c16f6e3d2b5606161b96c794259c9cc89a

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:31 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 299343
Edge-Cache-Tag: 480995597463567394832082909284326871417,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="h9kqte56bvmt2auzhatp.webp"
Connection: keep-alive
Content-Length: 48130
X-Request-Id: 2509733b3ed50a17eff725c6f3d13564
X-Served-By: cache-dca17774-DCA, cache-dca17767-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 09 Jul 2021 04:30:29 GMT
Server: cloudinary
X-Timer: S1626104371.272818,VS0,VE1
Etag: "964d627c2b11ea43dda42ab32febbf29"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1009300357&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&ul=en-us&de=UTF-8&dt=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2071770043&gjid=856783080&cid=1791601799.1626104371&tid=UA-122484269-1&_gid=339152025.1626104371&_r=1&gtm=2ou770&z=1494136090

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/861929325/ 42 B
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/861929325/?random=1626104371251&cv=9&fst=1626102000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa770&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=451143669&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/861929325/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/861929325/?random=1626104371251&cv=9&fst=1626102000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa770&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=451143669&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 5 KB
3 KB 9ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

52ba7f534d8eb6b81573798f5d9d3b62278d67624ecf49c7a902e1b4e998b9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1948
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.332108,VS0,VE1
etag: "1d773416e38abeb"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 2 KB
2 KB 9ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-lax10632-LGB, cache-hhn4048-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.333234,VS0,VE1
etag: "1d773416e38b94f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK carousel.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 3 KB
2 KB 9ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/carousel.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6bb6f27c495e42eac7fdc790ff75d0917228612e4fbc625ee84488df8f20e5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396348
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1134
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4034-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.333744,VS0,VE1
etag: "1d773416e38b492"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK tabs.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 822 B
1 KB 10ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/tabs.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396302
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 471
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.334355,VS0,VE1
etag: "1d773416e38bdb6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK rnPlaylist.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 3 KB
2 KB 9ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/rnPlaylist.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

34381430ebca804e3dbf3b62aa50166985f5edf26f32b85ee385a591651ccbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396301
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1281
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10632-LGB, cache-hhn4043-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.334261,VS0,VE1
etag: "1d773416e38b5a6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK footer.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 4 KB
2 KB 17ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/footer.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

38b6a2a173ebdf021834f06169e394d38b7a3a65e55ea38006a13059f3c76242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400373
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1331
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10675-LGB, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.342082,VS0,VE1
etag: "1d773416e38aec4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK unsupportedBrowsers.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 751 B
1 KB 10ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/unsupportedBrowsers.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dae3f9d81f56651803ab48b4cf637746cdd2c75bb3f147d8a76f7d916d2b6494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 389
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-sna10737-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.343253,VS0,VE1
etag: "1d773416e38bc6f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/jquery/ 85 KB
35 KB 8ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/jquery/jquery-3.2.1.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232; at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 35121
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4043-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.343292,VS0,VE1
etag: "1d773416e39ec03"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H3-29 200 604658169716205 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 17ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/604658169716205?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d06f13526749334a6849f9276f40951671674887e05692da3dc1d463bae956b4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75565
x-xss-protection: 0
pragma: public
x-fb-debug: kvMXxZmXXtYCfhvH4BxcunLRxxNBdi/ZMAoCKNpypc/4IZtWouMP9UN6Az6r5Cb0iRlgGL91ThpTUfQmtMPNXQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 12 Jul 2021 15:39:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5191967.js Show response
js.hs-banner.com/ 59 KB
14 KB 114ms
108ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dcc4eb4c5550cc2d6f9eb7d8c45e93503b926d95f3d0f2d60b31ed360f8455c

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 116
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: 3XWE4HJDEZ488Y5D
x-amz-id-2: kigoIQ6dN21pL3RRJb7qI+4qIUUSpV5TMCXWPqmZfmFftDYBhnQRCTCeHc4AdRmTTEcp4wJa4Pc=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 17:14:00 GMT
server: cloudflare
etag: W/"2dfa0570b7f5a315fb1ea33875e49d0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: B7O_VaukQ6RUXjxu13SXw6I375NeQmLz
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 66db5d60fda64aa4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 12 Jul 2021 15:42:35 GMT

GET
H2 200 5191967.js Show response
js.hs-analytics.net/analytics/1626104100000/ 62 KB
19 KB 241ms
236ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1626104100000/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8208cb1a25b266fc08af8723134bf043c107eaf8a5009025a3b26317caf3c91

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 236
x-guploader-uploadid: ADPycdvpNoAzTVYv-SjPO69AE4FmCowfWMns7Uo2bFiSE0l2QeNPRKaGAl7VXD9b2RcxJVumGDjapXDeF-8oaRawBR9FmnR4lg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Wed, 12 May 2021 19:50:06 GMT
server: cloudflare
etag: W/"5e13d30ef0a5dc1dbb70e94a6f9a9ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ceFb+A==, md5=XhPTDvCl3B27cOlKb5qewA==
x-goog-generation: 1620849006662469
cache-control: max-age=300, public
access-control-allow-credentials: false
x-goog-stored-content-length: 63674
cf-ray: 66db5d60ffb9bee7-FRA
expires: Mon, 12 Jul 2021 15:40:35 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 475 KB
80 KB 67ms
45ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e734e59613ad8acfa314df40d191a7ffc831d35ce0409836d712e6233ade125a

Request headers

Origin: https://www.therams.com
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
via: 1.1 224f09e9c236b40d399a8b2851ac0069.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 67768
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1029/bundle/main/lead-flows-release.js&cfRay=66d4e6e5fc2e2c3a-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 66db5d611857dfff-FRA
last-modified: Mon, 28 Jun 2021 03:28:39 UTC
server: cloudflare
etag: W/"16c85022f7119b37a5c687536a0fc6c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 2ZrFT_N1HUqNtLS_U.sDzHSxM6LIMAgx
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: La-EZluP-lGLOS04t9jlA2hl6NO2I9_QKZZ2qwPIBJ7Lbv6QAJllUg==
x-hs-target-asset: lead-flows-js/static-1.1029/bundle/main/lead-flows-release.js

GET
H2 403 homepage
us.connextra.com/dcs/tagController/tag/11935e1e2233/ 0
0 40ms
7ms Script
text/html 23.37.44.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us.connextra.com/dcs/tagController/tag/11935e1e2233/homepage
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.44.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-length: 34
content-type: text/html

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-122484269-1&cid=1791601799.1626104371&jid=2071770043&gjid=856783080&_gid=339152025.1626104371&_u=YEBAAUAAAAAAAC~&z=1544438312

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Jul 2021 15:39:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/helpers/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4043-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.384341,VS0,VE1
etag: "1d773416e38b8a0"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 29ms
28ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-122484269-1&cid=1791601799.1626104371&jid=2071770043&_u=YEBAAUAAAAAAAC~&z=1764099340

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 29ms
27ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-122484269-1&cid=1791601799.1626104371&jid=2071770043&_u=YEBAAUAAAAAAAC~&z=1764099340

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK carouselCore.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/core/ 1 KB
1 KB 10ms
9ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/core/carouselCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

41467ed67137303db7ed68ed286db782e86b00fdd5fde7da4e948e095e93c067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396347
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 586
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4043-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.398705,VS0,VE1
etag: "1d773416e38ba4b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK keyboardNavigationService.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/services/carousel/ 4 KB
2 KB 8ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/services/carousel/keyboardNavigationService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9247bf155a8a116837aa7d977a9716d1846e38e1ccc8baa7c0038376d5103817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396347
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1367
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.397592,VS0,VE1
etag: "1d773416e38b183"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/ 530 B
1 KB 9ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396347
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10667-LGB, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.397686,VS0,VE1
etag: "1d773416e38bc92"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK rn-video-player.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/nfl-components/ 482 B
1 KB 8ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/nfl-components/rn-video-player.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0d771e643cb1f39914e2457f9797e43d0e0cba57aa328c4b064d82e3cadcabec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396301
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 314
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4048-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.397857,VS0,VE1
etag: "1d773416e38bf62"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK enumHelper.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/helpers/ 1 KB
1 KB 9ms
9ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/helpers/enumHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0ec6a921e65c77a1c0f221aeb30045cd3843c3b0dc0cea16e34cc94d496c0713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396301
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 327
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4034-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.399433,VS0,VE1
etag: "1d773416e38ba8d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK mediaPlayerHelper.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/helpers/ 226 B
960 B 8ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/helpers/mediaPlayerHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8f0399e0fcc1875db49a73c67cf33523a2316000331b6877bcaa40ae15b33396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396300
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 168
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4026-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.398371,VS0,VE0
etag: "1d773416e38be62"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 3

GET
H/1.1 200
OK tabsCore.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/core/ 1 KB
1 KB 15ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/modules/core/tabsCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 581
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10672-LGB, cache-hhn4034-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.413516,VS0,VE1
etag: "1d773416e38ba73"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/jquery/plugins/ 803 B
1 KB 8ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400371
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10633-LGB, cache-hhn4043-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.413760,VS0,VE1
etag: "1d773416e38bda3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 0, 1

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/js-cookie/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400371
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, MISS, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10633-LGB, cache-hhn4082-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.413969,VS0,VE0
etag: "1d773416e38b966"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 0, 534

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/autocomplete/ 13 KB
6 KB 9ms
8ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 400372
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10669-LGB, cache-hhn4048-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104371.414771,VS0,VE1
etag: "1d773416e388c1b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 1, 1, 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 18ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604658169716205&ev=PageView&dl=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&rl=&if=false&ts=1626104371431&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626104371429.1564920954&it=1626104371342&coo=false&dpo=&rqm=GET

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 12 Jul 2021 15:39:31 GMT

GET
H2

200

react.production.min.js Show response
unpkg.com/react@16.14.0/umd/
Redirect Chain

https://unpkg.com/react@16/umd/react.production.min.js
https://unpkg.com/react@16.14.0/umd/react.production.min.js

12 KB
5 KB

127ms
126ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.14.0/umd/react.production.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9657827
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 037001727ddbe308a1224f75c0e817ff
cache-control: public, max-age=31536000
cf-ray: 66db5d620b8f325c-FRA

Redirect headers

date: Mon, 12 Jul 2021 15:39:31 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FADNK791SHYE7G4ZKKHP6QDJ
server: cloudflare
age: 382
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /react@16.14.0/umd/react.production.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66db5d61dafc325c-FRA
access-control-allow-origin: *

GET
H2

200

react-dom.production.min.js Show response
unpkg.com/react-dom@16.14.0/umd/
Redirect Chain

https://unpkg.com/react-dom@16/umd/react-dom.production.min.js
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

116 KB
36 KB

36ms
35ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9657826
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 50984341323288420ed713de41130725
cache-control: public, max-age=31536000
cf-ray: 66db5d626c7a325c-FRA

Redirect headers

date: Mon, 12 Jul 2021 15:39:31 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FADNFFZBMTZRX19QCVR0ZW17
server: cloudflare
age: 507
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /react-dom@16.14.0/umd/react-dom.production.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66db5d61db04325c-FRA
access-control-allow-origin: *

GET
H2 200 s52370296718038 Show response
smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.0-LBQ1/ 7 KB
8 KB 42ms
41ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.0-LBQ1/s52370296718038?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F6%2F2021%2017%3A39%3A31%201%20-120&d.&nsid=0&jsonv=1&.d&sdid=2A0C864EE5B63DDD-724962C0855BAB0E&mid=51818276948484250051108976081098261888&aamlh=6&ce=UTF-8&pageName=rams%3Ahome%3Ahome%3Alanding&g=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&c.&visitorAPI=VisitorAPI%20Present&.c&cc=USD&ch=home&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=home&v2=rams%3Ahome%3Ahome%3Alanding&v3=home&v4=false&c8=home&c12=desktop&v14=home&v20=2.0.0.0&c22=nflclubsrams&v24=desktop&v25=nflclubsrams&c33=rams&v33=rams&c48=pv&v48=english&c49=NFL%20Clubs%20-%20Launch%7Cv20200225%7C2.22.0%7C5.2.0%7C2021-03-30T04%3A16%3A25Z%7CServer%20Side%20ID%7C2.4.1&v49=utm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&c50=D%3Dmid&v50=D%3Dmid&c51=D%3Dv49&c52=D%3Dv9&v57=https%3A%2F%2Fwww.therams.com%2F&c67=landing&v67=desktop&c71=Launch&c72=D%3Dv57&c73=D%3Dv73&v73=www.therams.com&v83=landing&v88=deltatre&v94=standard%20article&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

90c00b765ebe2360b48dc263c32e67bd15ba820cfdadd8c81221740857be3677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: dImonFZWSes=
date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
vary: *
content-length: 7539
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v012-0cc960d1b.edge-irl1.demdex.com 6.3.1.20210623115127
pragma: no-cache
last-modified: Tue, 13 Jul 2021 15:39:31 GMT
server: jag
xserver: anedge-58944c9887-44fwt
etag: 3492032547061923840-4619918838746735576
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 11 Jul 2021 15:39:31 GMT

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=e11160ec-6233-4600-80f5-f90d5feac558&ddsuuid=51618174972899657141092165386555734335
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=51618174972899657141092165386555734335&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d51618174972899...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=e11160ec-6233-4600-80f5-f90d5feac558&ddsuuid=51618174972899657141092165386555734335

42 B
956 B

46ms
45ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=e11160ec-6233-4600-80f5-f90d5feac558&ddsuuid=51618174972899657141092165386555734335

Requested by

Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0ce83c453.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0PH0kWEYTLk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Mon, 12 Jul 2021 15:38:54 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=e11160ec-6233-4600-80f5-f90d5feac558&ddsuuid=51618174972899657141092165386555734335
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 12 Jul 2021 15:38:53 GMT

GET
H/1.1 200
OK owl.carousel-2.3.4.min.js Show response
www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/owlcarousel2/ 49 KB
15 KB 8ms
7ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/vendor/owlcarousel2/owl.carousel-2.3.4.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.therams.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Cookie: at_check=true; _gcl_au=1.1.721782918.1626104371; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}; AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg=1; _ga=GA1.2.1791601799.1626104371; _gid=GA1.2.339152025.1626104371; _gat_gtag_UA_122484269_1=1; mbox=session#c678f253de9440e288e840de3bdbaf04#1626106232|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172; AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18828%7CvVersion%7C5.2.0; _fbp=fb.1.1626104371429.1564920954; s_pv=rams%3Ahome%3Ahome%3Alanding; s_cc=true
Connection: keep-alive
Referer: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 396347
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 14875
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10666-LGB, cache-hhn4048-HHN
X-NFL-Dma: 276003
last-modified: Wed, 07 Jul 2021 15:04:49 GMT
server: envoy
X-Timer: S1626104372.510780,VS0,VE1
etag: "1d773416e387dc9"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Mon, 12 Jul 2021 15:39:31 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK ezrx8xmmieupbnulxh0r.gif
static.clubs.nfl.com/image/upload/v1584628975/rams/ 3 MB
3 MB 11ms
11ms Image
image/gif 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/v1584628975/rams/ezrx8xmmieupbnulxh0r.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f1f31fc8d45105480e38e1ad3b5ba04da6502b2b6de36b3d7936c4a63f7a5130

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:31 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 447441
Edge-Cache-Tag: 420288692916591184636406562450202469628,c34f21cfe162ce329654d565922e8c70
X-Cache: HIT, HIT, HIT
Connection: keep-alive
Content-Length: 2920274
X-Served-By: cache-dca17735-DCA, cache-dca17729-DCA, cache-hhn4049-HHN
Last-Modified: Thu, 19 Mar 2020 14:42:57 GMT
Server: cloudinary
X-Timer: S1626104372.514616,VS0,VE4
Etag: "ce4dbe3d08ccceb1a75024821738bc33"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK nilpk4gmdgz5qt8oswr7.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 72 KB
73 KB 26ms
25ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/nilpk4gmdgz5qt8oswr7.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d024db94a30b5afb5b56a5663d16d1f53bb5e09c660afa71ec950ea8f156aaef

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:31 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 254276
Edge-Cache-Tag: 307680586384926496072692309338083953322,585147726592303587139188067252872359897,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="nilpk4gmdgz5qt8oswr7.webp"
Connection: keep-alive
Content-Length: 74178
X-Request-Id: a0d25bd2cd89edc3257385ebcc029a6c
X-Served-By: cache-dca17748-DCA, cache-dca17779-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 09 Jul 2021 17:01:37 GMT
Server: cloudinary
X-Timer: S1626104372.644896,VS0,VE1
Etag: "fad42bf8da455cb7875139822ffc57ff"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 2, 1

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 12A5
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=51618174972899657141092165386555734335
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=51618174972899657141092165386555734335&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
334 B

21ms
6ms

Image
image/gif

2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzWW+/rvbBYAAA==
x-accel-expires: @1627135431
date: Mon, 12 Jul 2021 15:39:31 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: LRNk+c2JsTw=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 5740
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Mon, 12 Jul 2021 15:39:31 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H3-29

200

/
www.google.de/pagead/1p-user-list/845516241/ Frame 12A5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845516241/?value=0&guid=ON&script=0&data=8512423
https://www.google.com/pagead/1p-user-list/845516241/?value=0&guid=ON&script=0&data=8512423&is_vtc=1&random=47192483
https://www.google.de/pagead/1p-user-list/845516241/?value=0&guid=ON&script=0&data=8512423&is_vtc=1&random=47192483&ipr=y

42 B
64 B

19ms
18ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/845516241/?value=0&guid=ON&script=0&data=8512423&is_vtc=1&random=47192483&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/845516241/?value=0&guid=ON&script=0&data=8512423&is_vtc=1&random=47192483&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
379 B 31ms
31ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=5191967&rcu=https%3A%2F%2Fwww.therams.com%2F&pu=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&t=Los+Angeles+Rams+Home+%7C+Los+Angeles+Rams+-+therams.com&cts=1626104371689&vi=e0da644e7f9f83948ed53a7da45f0617&nc=true&u=121074455.e0da644e7f9f83948ed53a7da45f0617.1626104371685.1626104371685.1626104371685.1&b=121074455.1.1626104371685&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f1910ddc-8a09-49db-adaf-16390b47eaa2
cf-ray: 66db5d631f2e4ee0-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PF49PYAVpfN3BTdCUdsOxh08iDm09b4GtfZiKPPSpXQT4c9xfEL9ICzta4NlxnR1KgdOa3W3senJSGb%2FYF%2B3HL3akea79MVWK6zmyA9KiYxuGBGoThMIB3EDJqnthJbLo556D1Hyon%2FVpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H/1.1 200
OK NflRnUmdComponents.Video.js Show response
p.nfltags.com/nfl/ 3 MB
1 MB 35ms
9ms Script
application/javascript 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflRnUmdComponents.Video.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 804761bf02c84a46cad691cb19c2ef7747349d73f37ac56fd591cf0f8ded9bd0

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:31 GMT
Content-Encoding: gzip
Age: 16
X-Cache: HIT
Connection: keep-alive
Content-Length: 1247871
X-Served-By: cache-hhn4082-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 22 Apr 2021 22:18:22 GMT
Server: nginx/1.18.0
X-Timer: S1626104372.768746,VS0,VE2
ETag: W/"6081f62e-33fc7a"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Mon, 12 Jul 2021 15:40:02 GMT
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
651 B 144ms
143ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5191967&utk=e0da644e7f9f83948ed53a7da45f0617&__hstc=121074455.e0da644e7f9f83948ed53a7da45f0617.1626104371685.1626104371685.1626104371685.1&__hssc=121074455.1.1626104371685&currentUrl=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e6926366da9f826d07a36564eb658e4d4306471e856f199d4d1d70e9ac6ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9813674b-1f17-42f4-8a59-9ef24a70e3a0
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gui4G1OIp3NmBA7aBsUjAdN6jCibgSZVugMjzvuKv52kHHUHER8xk%2B4iDxJjrj9DiOgvi20N1evxM4Xuf48ceaHYDnSxooJtw8xXiEyTBZp%2FHImzs8ZwPZ%2BkXIkZ7fy7KSVE3Hd9dqYlZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 66db5d636cba4eb5-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 7ms
7ms Image
image/svg+xml 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2358166
X-Cache: HIT, HIT
Server-Timing: fastly;dur=1;cpu=0;start=2021-06-15T08:36:46.091Z;desc=hit,rtt;dur=0
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Content-Length: 3390
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
X-Served-By: cache-dca17737-DCA, cache-hhn4023-HHN
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1626104372.747655,VS0,VE0
Date: Mon, 12 Jul 2021 15:39:31 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 2, 3

GET
H/1.1 200
OK c0csx2usqztyi9o1cwmb
static.clubs.nfl.com/image/private/f_auto/rams/ 100 KB
101 KB 8ms
7ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/c0csx2usqztyi9o1cwmb
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/70e638f1309f0997ad31049a0cea88d0/functions/intersectionObserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 89345d6703be7137b30b1182de2231b4abf8531a41e70457c732e89a856ba1c4

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:31 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2882636
Edge-Cache-Tag: 558838206634316344475616196733815080529,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="c0csx2usqztyi9o1cwmb.webp"
Connection: keep-alive
Content-Length: 102226
X-Served-By: cache-dca17758-DCA, cache-dca17732-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 21 May 2021 20:00:46 GMT
Server: cloudinary
X-Timer: S1626104372.747840,VS0,VE1
Etag: "b73a9138a369e918748fa7aaf65b2090"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=BSoa9ZSM1M2Y1R5
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=BSoa9ZSM1M2Y1R5

42 B
956 B

33ms
33ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=BSoa9ZSM1M2Y1R5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0d93da951.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fp1cQyLQRj8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 15:39:31 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-00d04c025752e7422@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=BSoa9ZSM1M2Y1R5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=265163127283621&ev=Adobe-Audience-Manager-Segment&cd[segID]=8512423&noscript=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 12 Jul 2021 15:39:31 GMT

GET
H2 200 anvload.js Show response
w3.cdn.anvato.net/player/prod/v3/scripts/ 265 KB
79 KB 28ms
7ms Script
application/javascript 35.241.40.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.cdn.anvato.net/player/prod/v3/scripts/anvload.js
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflRnUmdComponents.Video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.69 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 580105e5c1fd2b475091f5d6d46b6eb90fd5e6c287469526105b9f58b7810470

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:22:52 GMT
content-encoding: gzip
age: 8200
x-guploader-uploadid: ADPycdtbtjmi6gqG2mFn8JLWBJqgIyBsMrZLkjRv8lyF_P_T25lnT4vk7oAas7o6qsH8kix5wGN_JAewDM-1-lYTFKw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 80023
last-modified: Wed, 30 Jun 2021 09:26:48 GMT
server: UploadServer
etag: "94a095b51332b0b298eb898d05dc1bd1"
x-goog-hash: crc32c=rCvF+g==, md5=lKCVtRMysLKY64mNBdwb0Q==
x-goog-generation: 1625045208821551
access-control-allow-origin: *
cache-control: public, max-age=21600,no-transform
x-goog-stored-content-length: 80023
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 12 Jul 2021 19:22:52 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=8100931264692939584
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8100931264692939584

42 B
956 B

42ms
42ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=8100931264692939584

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0b36363e9.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: PG83eeIQTVc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 15:39:32 GMT
X-Proxy-Origin: 193.176.87.52; 193.176.87.52; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b84778ff-6931-46e6-8182-7960cc915bf5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=8100931264692939584
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604658169716205&ev=Microdata&dl=https%3A%2F%2Fwww.therams.com%2F%3Futm_source%3Demail%26utm_medium%3Drams_report%26utm_campaign%3D07_07_2021&rl=&if=false&ts=1626104372247&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com%22%2C%22meta%3Adescription%22%3A%22Los%20Angeles%20Rams%20Home%3A%20Official%20team%20site%20with%20news%2C%20videos%2C%20photos%2C%20schedule%2C%20roster%2C%20depth%20charts%2C%20transactions%2C%20statistics%2C%20player%20profiles%20and%20ticket%20info.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Official%20Site%20of%20the%20Los%20Angeles%20Rams%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.therams.com%2F%22%2C%22og%3Alocale%22%3A%22en-US%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626104371429.1564920954&it=1626104371342&coo=false&dpo=&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 12 Jul 2021 15:39:32 GMT

POST
H2 200 client Show response
api.nfl.com/identity/v1/token/ 753 B
988 B 192ms
192ms Fetch
application/json 151.101.193.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v1/token/client
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflRnUmdComponents.Video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 54ff65b1edafba755588609f61f9a09c47f7d15ec5d1fe00b92014ad7f4f0c53

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jul 2021 15:39:32 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
x-cache: MISS, MISS, MISS
x-envoy-upstream-service-time: 26
content-length: 753
x-served-by: cache-nf-las9120-NF-LAS, cache-lax10631-LGB, cache-hhn4083-HHN
server: envoy
x-timer: S1626104372.322367,VS0,VE186
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0, 0

OPTIONS
H2 200 client
api.nfl.com/identity/v1/token/ Frame 0
0 41ms
6ms Preflight
text/html 151.101.193.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v1/token/client
Protocol: H2
Server: 151.101.193.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.therams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
content-type: text/html
access-control-max-age: 600
accept-ranges: bytes
date: Mon, 12 Jul 2021 15:39:32 GMT
via: 1.1 varnish
x-served-by: cache-hhn4083-HHN
x-cache: HIT
x-cache-hits: 0
access-control-allow-origin: *
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
content-length: 2

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=2995638683338240578
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2995638683338240578

42 B
956 B

37ms
36ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=2995638683338240578

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0ebff4e77.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: UlSYNF0xQ0w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=2995638683338240578
pragma: no-cache
date: Mon, 12 Jul 2021 15:39:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2021071215393300094285948664
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=51618174972899657141092165386555734335&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2021071215393300094285948664

42 B
956 B

33ms
33ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2021071215393300094285948664

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-012f73cb5.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lKtwMO0eQfc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2021071215393300094285948664
pragma: no-cache
date: Mon, 12 Jul 2021 15:39:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 12 Jul 2021 15:39:33 GMT

GET /
adb2waycm-atl.netmng.com/cm/ Frame 12A5 0
0

GET
H2 200 / Show response
api.nfl.com/v3/shield/ 264 B
411 B 146ms
146ms Fetch
application/json 151.101.193.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/v3/shield/?query=%20query%7Bviewer%7BmediaToken(anvack%3A%22GXvEgwyJeWem8KCYXfeoHWknwP48Mboj%22%2Cid%3A%22943740%22)%7Bid%20token%7D%7D%7D&variables=null
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflRnUmdComponents.Video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 867930d0a608fc9977076137f76b6969c155aa701f28d3b5936f5372da9f2f36

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.therams.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjbGllbnRJZCI6ImU1MzVjN2MwLTgxN2YtNDc3Ni04OTkwLTU2NTU2ZjhiMTkyOCIsImRtYUNvZGUiOiIyNzYwMDMiLCJmb3JtRmFjdG9yIjoiREVTS1RPUCIsImlzcyI6Ik5GTCIsImRldmljZUlkIjoiZmY1ZDlhNzctYmI0NC00N2M0LWFmNWUtMWNmMjgzMzljOGRjIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicHJvZHVjdE5hbWUiOiJXRUIiLCJjb3VudHJ5Q29kZSI6IkRFIiwicGxhbnMiOlt7InNvdXJjZSI6Ik5GTCIsInBsYW4iOiJmcmVlIiwidHJpYWwiOiJmYWxzZSIsInN0YXR1cyI6IkFDVElWRSIsImV4cGlyYXRpb25EYXRlIjoiMjAyMi0wNy0xMiJ9XSwiY2VsbHVsYXIiOmZhbHNlLCJicm93c2VyIjoiQ2hyb21lIiwiRGlzcGxheU5hbWUiOiJXRUJfREVTS1RPUF9ERVNLVE9QIiwibHVyYUFwcEtleSI6IlNaczU3ZEJHUnhiTDcyOGxWcDdEWVEiLCJleHAiOjE2MjYxMDc5NzIsIk5vdGVzIjoiIn0.BSdMf9i_xhKs7IB6EmbugAqQdychQeLnZFQrAidQbG4
Content-Type: application/json

Response headers

date: Mon, 12 Jul 2021 15:39:32 GMT
via: 1.1 varnish, 1.1 varnish
age: 29
x-cache: HIT, MISS
x-nfl-app: jarvis
content-encoding: gzip
content-length: 241
x-served-by: cache-nf-las9122-NF-LAS, cache-hhn4083-HHN
x-timer: S1626104373.530052,VS0,VE140
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=30, s-maxage=30
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 1, 0

OPTIONS
H2 200 /
api.nfl.com/v3/shield/ Frame 0
0 6ms
6ms Preflight
text/html 151.101.193.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/v3/shield/?query=%20query%7Bviewer%7BmediaToken(anvack%3A%22GXvEgwyJeWem8KCYXfeoHWknwP48Mboj%22%2Cid%3A%22943740%22)%7Bid%20token%7D%7D%7D&variables=null
Protocol: H2
Server: 151.101.193.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.therams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
content-type: text/html
access-control-max-age: 600
accept-ranges: bytes
date: Mon, 12 Jul 2021 15:39:32 GMT
via: 1.1 varnish
x-served-by: cache-hhn4083-HHN
x-cache: HIT
x-cache-hits: 0
access-control-allow-origin: *
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
content-length: 2

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEMDIXfxsOEsB0ODezRYB9vw&google_cver=1
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTE2MTgxNzQ5NzI4OTk2NTcxNDEwOTIxNjUzODY1NTU3MzQzMzU=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMDIXfxsOEsB0ODezRYB9vw&google_cver=1?gdpr=0&gdpr_consent=

42 B
956 B

32ms
31ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMDIXfxsOEsB0ODezRYB9vw&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-098cbf070.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Gygnl5aGRWI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMDIXfxsOEsB0ODezRYB9vw&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 12A5 43 B
581 B 130ms
115ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=51618174972899657141092165386555734335&p_id=38594

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 12 Jul 2021 15:39:32 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 47affc095df7fa86d73c194002595ab13958de32f467a61714a377659e086ce8
x-transaction: af2e201ced371924
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 12A5
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEBjzQXr8nZZi7D3x0wdJE7Q&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

30ms
30ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:32 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "36b51d-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 12 Jul 2021 15:39:32 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 12A5
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEB...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
30ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:32 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "b3b520-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 12 Jul 2021 15:39:32 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 12A5
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

36ms
36ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:33 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "b3b51c-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 12 Jul 2021 15:39:33 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 12A5
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

32ms
31ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:33 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "b3b51c-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 12 Jul 2021 15:39:33 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 12A5
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU13QUFBRFotSHhIbA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
31ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:33 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "36b510-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 12 Jul 2021 15:39:33 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=cb85acdf-ea49-408e-b528-4d53eacc0316
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=cb85acdf-ea49-408e-b528-4d53eacc0316

42 B
956 B

33ms
33ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=cb85acdf-ea49-408e-b528-4d53eacc0316

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0eecf40e0.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: LDPlvjsyQ34=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v012-053bbcc6f.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: l9+K88hNTBE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=cb85acdf-ea49-408e-b528-4d53eacc0316
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

404

sync
pixel.advertising.com/ups/28/ Frame 12A5
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=51618174972899657141092165386555734335&_origin=1&redir=true
https://pixel.advertising.com/ups/28/sync?uid=51618174972899657141092165386555734335&_origin=1&redir=true&verify=true

0
255 B

9ms
8ms

Image
text/plain

35.156.153.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/28/sync?uid=51618174972899657141092165386555734335&_origin=1&redir=true&verify=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:33 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/28/sync?uid=51618174972899657141092165386555734335&_origin=1&redir=true&verify=true
date: Mon, 12 Jul 2021 15:39:33 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 12A5
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WU94aU5RQUFBZEgxOUVtSQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&google_hm=WU94aU5RQUFBZEgxOUVtSQ&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WU94aU5RQUFBQjdidWhOZw
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEDpYlw2pCZ3zl6ea5FoLQDY&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

30ms
30ms

Image
image/png

34.246.227.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.227.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:33 GMT
Last-Modified: Wed, 23 Jun 2021 11:50:42 GMT
Server: Apache
ETag: "36b510-80-5c56d841aa880"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 12 Jul 2021 15:39:33 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=mlro8Z9dq0Wunu4qLuhNGIz9B-Zl27TZ&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mlro8Z9dq0Wunu4qLuhNGIz9B-Zl27TZ&gdpr=0&gdpr_consent=

42 B
956 B

33ms
32ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mlro8Z9dq0Wunu4qLuhNGIz9B-Zl27TZ&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0d93da951.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +ReIxBvNQUw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mlro8Z9dq0Wunu4qLuhNGIz9B-Zl27TZ&gdpr=0&gdpr_consent=
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3306
date: Mon, 12 Jul 2021 15:39:33 GMT
content-length: 227
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=2qTsgcA4VGqGfX2aHXG5LJQr6ukSUqwFYdnXG3124Ffk
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=51618174972899657141092165386555734335&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=51618174972899657141092165386555734335&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2qTsgcA4VGqGfX2aHXG5LJQr6ukSUqwFYdnXG3124Ffk

42 B
956 B

33ms
33ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2qTsgcA4VGqGfX2aHXG5LJQr6ukSUqwFYdnXG3124Ffk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0924b2ac2.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sdviURjSTiU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2qTsgcA4VGqGfX2aHXG5LJQr6ukSUqwFYdnXG3124Ffk
Date: Mon, 12 Jul 2021 15:39:33 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=51618174972899657141092165386555734335&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-HsTi8nBE2pF4absG3WM4oj9vRTyVRscwz6Q-~A

42 B
956 B

32ms
32ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-HsTi8nBE2pF4absG3WM4oj9vRTyVRscwz6Q-~A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-053bbcc6f.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7413HpXkTfo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 12 Jul 2021 15:39:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-HsTi8nBE2pF4absG3WM4oj9vRTyVRscwz6Q-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 v2
odr.mookie1.com/t/ Frame 12A5 43 B
324 B 42ms
16ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=51618174972899657141092165386555734335&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:33 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 12A5
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YOxiNQAAAB7buhNg&sigv=1&esig=1~c8a996278ee7e305c4ab1d6933fb42f668ea71d9

0
445 B

20ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YOxiNQAAAB7buhNg&sigv=1&esig=1~c8a996278ee7e305c4ab1d6933fb42f668ea71d9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:34 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YOxiNQAAAB7buhNg&sigv=1&esig=1~c8a996278ee7e305c4ab1d6933fb42f668ea71d9
Date: Mon, 12 Jul 2021 15:39:34 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 12A5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU94aU5RQUFBQjdidWhOZw==

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU94aU5RQUFBQjdidWhOZw==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626104374.163753,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU94aU5RQUFBQjdidWhOZw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 12A5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YOxiNQAAAB7buhNg&expires=90

0
239 B

48ms
15ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YOxiNQAAAB7buhNg&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626104374.240448,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YOxiNQAAAB7buhNg&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 12A5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOxiNQAAAB7buhNg
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOxiNQAAAB7buhNg&C=1

43 B
1003 B

37ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOxiNQAAAB7buhNg&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 15:39:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 12 Jul 2021 15:39:34 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 15:39:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOxiNQAAAB7buhNg&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Mon, 12 Jul 2021 15:39:34 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 12A5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YOxiNQAAAB7buhNg
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYOxiNQAAAB7buhNg

43 B
1 KB

15ms
15ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYOxiNQAAAB7buhNg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 15:39:34 GMT
X-Proxy-Origin: 193.176.87.52; 193.176.87.52; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 92b3ced5-4e89-475e-a556-3f03663e5717
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 15:39:34 GMT
X-Proxy-Origin: 193.176.87.52; 193.176.87.52; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bcfb0507-48fc-478e-8b03-e58ec6f6986f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYOxiNQAAAB7buhNg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 12A5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YOxiNQAAAB7buhNg
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YOxiNQAAAB7buhNg

43 B
180 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YOxiNQAAAB7buhNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:34 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YOxiNQAAAB7buhNg
date: Mon, 12 Jul 2021 15:39:34 GMT
via: 1.1 google
server: OXGW/16.210.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 12A5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOxiNQAAAB7buhNg

1 B
547 B

48ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOxiNQAAAB7buhNg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 15:39:33 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:513
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626104375.644003,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOxiNQAAAB7buhNg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 12A5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YOxiNQAAAB7buhNg&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YOxiNQAAAB7buhNg&img=1&__user_check__=1&sync_id=5bc69937-e327-11eb-bcb9-14d534130206

43 B
549 B

18ms
18ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YOxiNQAAAB7buhNg&img=1&__user_check__=1&sync_id=5bc69937-e327-11eb-bcb9-14d534130206
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 107
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 12 Jul 2021 15:39:34 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YOxiNQAAAB7buhNg&img=1&__user_check__=1&sync_id=5bc69937-e327-11eb-bcb9-14d534130206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 57
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 12A5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YOxiNQAAAB7buhNg&t=2592000&o=0

43 B
517 B

43ms
43ms

Image
image/gif

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YOxiNQAAAB7buhNg&t=2592000&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 08:39:34 PDT
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Y2EtUzk3bFKheGuSS1GSes95NNpPBkpbmS8NHNkhbP485hTVkoHUBwVyI/tMXWIPjnrXDeMpBJXwmL2+h8jUrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Mon, 12 Jul 2021 08:39:34 PDT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626104375.846665,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YOxiNQAAAB7buhNg&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 12A5 43 B
229 B 33ms
15ms Image
image/gif 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 12 Jul 2021 15:39:34 GMT
via: 1.1 varnish
server: nginx
x-timer: S1626104375.964670,VS0,VE9
x-served-by: cache-fra19138-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame 12A5
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
974 B

32ms
31ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0569733e3.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300,104
X-TID: OqeJbb5pTOo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 15:39:35 GMT
server: istio-envoy
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 12A5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=Yi3EhWXdRlSdI9jLw5Sfow&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=72160427484934511130260430017220302821

43 B
344 B

106ms
105ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=72160427484934511130260430017220302821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 15:39:35 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v012-0d4a987fa.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ftd0ihPgSA8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=72160427484934511130260430017220302821
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK hdwx6h3wqihcbfefkwzj.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 62 KB
62 KB 8ms
8ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/hdwx6h3wqihcbfefkwzj.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 89424fb41ced989fa9ee725311a7f87c3318dd2f1bd7c325d704963d8d51329e

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:35 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 82512
Edge-Cache-Tag: 329464158480656470646481935100971372458,585147726592303587139188067252872359897,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="hdwx6h3wqihcbfefkwzj.webp"
Connection: keep-alive
Content-Length: 63010
X-Request-Id: fd781252278435e8a0f53893cd05060b
X-Served-By: cache-dca17760-DCA, cache-dca17768-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sun, 11 Jul 2021 16:44:23 GMT
Server: cloudinary
X-Timer: S1626104376.718161,VS0,VE1
Etag: "52c052ae89e10b9a2df4a9534ab3dfa3"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK jrnk08jt3tiuszwrzbuc.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 49 KB
50 KB 9ms
8ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/jrnk08jt3tiuszwrzbuc.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c57d4425c6c036798b1f411a924b689bef978bc693f43075b4ffbc89af4c510a

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:39 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 230819
Edge-Cache-Tag: 303581740547235104812067347945250435997,585147726592303587139188067252872359897,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="jrnk08jt3tiuszwrzbuc.webp"
Connection: keep-alive
Content-Length: 50166
X-Request-Id: fbcae998a9a0870270c845617935efa2
X-Served-By: cache-dca17741-DCA, cache-dca17735-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 09 Jul 2021 23:32:41 GMT
Server: cloudinary
X-Timer: S1626104380.717164,VS0,VE1
Etag: "1a17c24ea5aaf9bfbccf4ae9db827bf4"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK f9dx4ot87uosm0fsaa3f.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 37 KB
38 KB 8ms
8ms Image
image/webp 151.101.113.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/f9dx4ot87uosm0fsaa3f.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.153 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: bf1fd87ee7ae12e55106ce28f1837fdb2d1c3baa0d96c4b10309a2a98f029bd5

Request headers

Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:39:43 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 231926
Edge-Cache-Tag: 309405477765013701381759962866602567383,585147726592303587139188067252872359897,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="f9dx4ot87uosm0fsaa3f.webp"
Connection: keep-alive
Content-Length: 37496
X-Request-Id: f66387f8b6dd907220bad1644911f105
X-Served-By: cache-dca17776-DCA, cache-dca17731-DCA, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 09 Jul 2021 23:14:18 GMT
Server: cloudinary
X-Timer: S1626104384.734087,VS0,VE1
Etag: "009ea9d16b61282bca5499b8ef13e01b"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 00:00:56	Name: dextp Value: 269-1-1626104371503\|3-1-1626104371627
.demdex.net/	1970-01-20 00:00:56	Name: demdex Value: 51618174972899657141092165386555734335
www.therams.com/	1970-01-19 19:41:46	Name: __hssc Value: 121074455.1.1626104371685
www.therams.com/	1970-01-20 05:03:20	Name: hubspotutk Value: e0da644e7f9f83948ed53a7da45f0617
.therams.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.therams.com/	1970-01-19 19:41:46	Name: s_pv Value: rams%3Ahome%3Ahome%3Alanding
.therams.com/	1970-01-19 21:51:20	Name: _fbp Value: fb.1.1626104371429.1564920954
.therams.com/	1970-01-20 13:12:56	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18821%7CMCMID%7C51818276948484250051108976081098261888%7CMCAAMLH-1626709171%7C6%7CMCAAMB-1626709171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1626111571s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18828%7CvVersion%7C5.2.0
.therams.com/	1970-01-20 13:15:49	Name: mbox Value: session#c678f253de9440e288e840de3bdbaf04#1626106232\|PC#c678f253de9440e288e840de3bdbaf04.37_0#1689349172
.therams.com/	1970-01-19 19:43:10	Name: _gid Value: GA1.2.339152025.1626104371
.therams.com/	1970-01-20 13:12:56	Name: _ga Value: GA1.2.1791601799.1626104371
www.therams.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therams.com/	1970-01-20 05:11:08	Name: _parsely_visitor Value: {%22id%22:%22pid=a850479dd51b7333dd827a1de4f2719c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1626104371217}
.therams.com/	1970-01-19 21:51:20	Name: _gcl_au Value: 1.1.721782918.1626104371
.therams.com/	1970-01-19 19:41:46	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.therams.com/?utm_source=email&utm_medium=rams_report&utm_campaign=07_07_2021%22%2C%22sref%22:%22%22%2C%22sts%22:1626104371217%2C%22slts%22:0}
www.therams.com/	1970-01-20 05:03:20	Name: __hstc Value: 121074455.e0da644e7f9f83948ed53a7da45f0617.1626104371685.1626104371685.1626104371685.1
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
.therams.com/	1970-01-19 19:41:44	Name: _gat_gtag_UA_122484269_1 Value: 1
.therams.com/	1970-01-19 20:24:56	Name: aam_sc Value: aamsc%3D8512423%7C15218229
.therams.com/	1969-12-31 23:59:59	Name: at_check Value: true

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061771(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api	info	(Line 119) Message: ('a[data-link_name='GAME PASS'],a[data-link_name='WATCH']') ready! Execute: true [object HTMLAnchorElement]
console-api	log	(Line 12) Message: [object HTMLAnchorElement]
console-api	log	URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js(Line 8) Message: fired plugins
console-api	log	URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js(Line 2) Message: visitor.publishDestinations() result: The destination publishing iframe is already attached and loaded.
console-api	warning	URL: https://p.nfltags.com/nfl/NflRnUmdComponents.Video.js(Line 6) Message: Data would be lost after reload cause there is no storageBackend specified! Either use localStorage(for web) or AsyncStorage(for React Native) as a storageBackend.
console-api	error	URL: https://unpkg.com/react-dom@16/umd/react-dom.production.min.js(Line 125) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
analytics.twitter.com
api.nfl.com
assets.adobedtm.com
cdn.onesignal.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
email.therams.info
evt.undertone.com
forms.hubspot.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
nflenterprises.tt.omtrdc.net
odr.mookie1.com
p.nfltags.com
p1.parsely.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
quantcast.mgr.consensu.org
rules.quantcount.com
s.amazon-adsystem.com
secure.quantserve.com
securepubads.g.doubleclick.net
smetrics.nfl.com
static.clubs.nfl.com
static.www.nfl.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
track.hubspot.com
trc.taboola.com
unpkg.com
us-u.openx.net
us.connextra.com
w3.cdn.anvato.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
104.244.42.131
107.21.58.76
13.224.89.174
13.248.242.197
13.36.218.177
142.250.181.226
142.250.184.194
143.204.98.82
151.101.113.153
151.101.114.49
151.101.193.152
159.127.187.12
18.198.69.109
185.29.135.234
185.33.221.53
185.64.189.110
185.94.180.126
2.18.234.21
2001:678:cb4:bbbb::13
212.82.100.182
216.58.212.162
23.37.44.220
23.45.99.241
2600:9000:2190:7a00:9:46dc:4700:93a1
2600:9000:2190:8a00:6:44e3:f8c0:93a1
2606:4700::6810:7eaf
2606:4700::6811:45b0
2606:4700::6811:d4cc
2606:4700::6811:e6cc
2606:4700::6812:14bf
2606:4700::6812:e134
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7000
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c08::9d
2a02:2638::1c
2a02:26f0:6c00:28a::1e80
2a02:6ea0:c700::4
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:3::300
3.125.70.222
3.127.92.82
34.246.227.69
34.253.145.149
34.98.64.218
34.98.67.61
35.156.153.71
35.241.40.69
52.205.167.202
52.31.176.223
52.46.130.13
54.75.9.158
69.173.144.138
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0d771e643cb1f39914e2457f9797e43d0e0cba57aa328c4b064d82e3cadcabec
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
0ec6a921e65c77a1c0f221aeb30045cd3843c3b0dc0cea16e34cc94d496c0713
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17293dedef15c5e03e31bcec364d626d7dd85eaedeba388428c74649f4630077
187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915
19af64338e066269716ef5e8eddc3c70d0525407e0849695fcc1a3d4b182ed25
2b4ec6bd00d172b229209eed6a085517c7ca7a9e9c92e4874e6920538bce6ec7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3202b14c8de03f16995bc2b7e09816d8d78316c9a8817a4d99176f49aaec24f0
34381430ebca804e3dbf3b62aa50166985f5edf26f32b85ee385a591651ccbf9
38b6a2a173ebdf021834f06169e394d38b7a3a65e55ea38006a13059f3c76242
3aede11abdf5cfb8e94d60f1137029f1dc2668aabd48e2cf0ce1f2d80c0ad4da
3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5
3e0bd44b845ac9cbcfb8dc3dc3a119b4b3feaf35d627913ca2e270ed27b6d998
41467ed67137303db7ed68ed286db782e86b00fdd5fde7da4e948e095e93c067
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46a5921e2a82b9c177b78fccb591e848f2f667030d082268f227dc74b07f5c8f
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f89a9e9c75d9fec44ced16b817fd581e2763bc935f62c948a6f12a3a026c52d
50f450d6b556c65b79acc84cceb804755851cb22730a7847466290041a95cc19
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
52ba7f534d8eb6b81573798f5d9d3b62278d67624ecf49c7a902e1b4e998b9b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ff65b1edafba755588609f61f9a09c47f7d15ec5d1fe00b92014ad7f4f0c53
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
5586703405a3581334ca85ec968d9c2f68c45db0e9c123c88ffcc58aa31344a4
55e6926366da9f826d07a36564eb658e4d4306471e856f199d4d1d70e9ac6ac7
55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7
56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
580105e5c1fd2b475091f5d6d46b6eb90fd5e6c287469526105b9f58b7810470
590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
6abcbf91db20e6be336bc5984c8470477c79f2ab12ee63c2b089a7abaae5ef36
6bb6f27c495e42eac7fdc790ff75d0917228612e4fbc625ee84488df8f20e5f7
6f98534431413d2d2f40ccac80e47a82fe5b32217885400ec3ad81faf70a5017
7211d8b26143e07e1cb7b66219fcf0fc4a22a57f6b864c9cee37070df8592d6d
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7480d835a755e5c9463da6d5b48a458594da2a6c1cc8ef8a1168418d0f1d798b
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
804761bf02c84a46cad691cb19c2ef7747349d73f37ac56fd591cf0f8ded9bd0
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
82fc214fe2194d0db5a49e3a6c48ed181d3aa7bfa43cb949618a640718e8dd82
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867930d0a608fc9977076137f76b6969c155aa701f28d3b5936f5372da9f2f36
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89345d6703be7137b30b1182de2231b4abf8531a41e70457c732e89a856ba1c4
89424fb41ced989fa9ee725311a7f87c3318dd2f1bd7c325d704963d8d51329e
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8dcc4eb4c5550cc2d6f9eb7d8c45e93503b926d95f3d0f2d60b31ed360f8455c
8f0399e0fcc1875db49a73c67cf33523a2316000331b6877bcaa40ae15b33396
9032a2dd736386bb62b3fe150836a1ae73dc7352ed8be39ccc90aa781b450600
90c00b765ebe2360b48dc263c32e67bd15ba820cfdadd8c81221740857be3677
9247bf155a8a116837aa7d977a9716d1846e38e1ccc8baa7c0038376d5103817
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
a96dc5b0582eec7819c50f01a1fa257e66c58fee7ffbc3739c54821d466616c2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae036a63c59a88766020367aec318c62c228290790b2a12f4334c8fd08545466
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3cf915704736b8ba3c7b91e411a929b51afea72ec00e1f3f1a8ee8f70efb46d
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bf1fd87ee7ae12e55106ce28f1837fdb2d1c3baa0d96c4b10309a2a98f029bd5
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
bfdf5156c103e09dadb4813c2c58477030aaf2bae5d05a5b35945e0403ce9a32
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c230294f0c9625d64e88cca2498e4a4b4b1c037b7e117587646601364ba886e9
c57d4425c6c036798b1f411a924b689bef978bc693f43075b4ffbc89af4c510a
c8ec681976cb015670631b64005039e813a64b5734c7b809498b960d70ef4800
ce6b5da8296a461ba8deb1d7c6b3164965fd04e56d78e59c0f07b1d32e0e8f8d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d024db94a30b5afb5b56a5663d16d1f53bb5e09c660afa71ec950ea8f156aaef
d06f13526749334a6849f9276f40951671674887e05692da3dc1d463bae956b4
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dae3f9d81f56651803ab48b4cf637746cdd2c75bb3f147d8a76f7d916d2b6494
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded376434a6611077152187701fada1cbd436ec6df99f545f11347530d23d741
dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e734e59613ad8acfa314df40d191a7ffc831d35ce0409836d712e6233ade125a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f31fc8d45105480e38e1ad3b5ba04da6502b2b6de36b3d7936c4a63f7a5130
f20282f9db33010073224dee90c3a3c16f6e3d2b5606161b96c794259c9cc89a
f8208cb1a25b266fc08af8723134bf043c107eaf8a5009025a3b26317caf3c91
fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9
fdcd7a82b031c2fda290557cc946fd3683489cbd7bc3f9eb0a5e2302f8132759

www.therams.com Open in urlscan Pro 151.101.113.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

99 %HTTPS

44 %IPv6

53 Domains

66 Subdomains

49 IPs

7 Countries

5880 kBTransfer

11314 kBSize

20 Cookies

56 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.therams.com Open in urlscan Pro
151.101.113.153 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

99 %
HTTPS

44 %
IPv6

53
Domains

66
Subdomains

49
IPs

7
Countries

5880 kB
Transfer

11314 kB
Size

20
Cookies

141 HTTP transactions
2 data transactions