www.therams.com Open in urlscan Pro
151.101.65.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.therams.com/stadium/sofi-stadium
Submission: On February 09 via manual (February 9th 2022, 9:00:17 pm UTC) from US — Scanned from DE

Summary HTTP 188 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 53 domains to perform 188 HTTP transactions. The main IP is 151.101.65.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 177231.
TLS certificate: Issued by R3 on February 2nd 2022. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	151.101.65.153 151.101.65.153	54113 (FASTLY) (FASTLY)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	151.101.129.153 151.101.129.153	54113 (FASTLY) (FASTLY)
5	2600:9000:224... 2600:9000:2240:ae00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
15	18.66.122.21 18.66.122.21	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:5000:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:8a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 15	3.248.86.91 3.248.86.91	16509 (AMAZON-02) (AMAZON-02)
1	18.158.39.89 18.158.39.89	16509 (AMAZON-02) (AMAZON-02)
1	52.31.238.195 52.31.238.195	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
8 8	52.51.88.158 52.51.88.158	16509 (AMAZON-02) (AMAZON-02)
1	34.252.166.160 34.252.166.160	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	52.217.86.206 52.217.86.206	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2 2	18.197.1.225 18.197.1.225	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	52.222.250.70 52.222.250.70	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.234.36 2.18.234.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.193.153 151.101.193.153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	52.222.236.19 52.222.236.19	16509 (AMAZON-02) (AMAZON-02)
7 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 12	54.194.183.173 54.194.183.173	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:236... 2600:9000:236e:b000:6:4f98:bc40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.93.153.188 54.93.153.188	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
8 8	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	104.36.113.17 104.36.113.17	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1 1	18.66.97.14 18.66.97.14	16509 (AMAZON-02) (AMAZON-02)
1 1	54.160.183.108 54.160.183.108	14618 (AMAZON-AES) (AMAZON-AES)
2 3	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
188	58

40 151.101.65.153 (United States)

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.129.153 (United States)

ASN54113 (FASTLY, US)

static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2240:ae00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.122.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-21.fra60.r.cloudfront.net

rams.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:5000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.248.86.91 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.39.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-39-89.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.238.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-238-195.eu-west-1.compute.amazonaws.com

nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.51.88.158 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-88-158.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.166.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-166-160.eu-west-1.compute.amazonaws.com

nflenterprises.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.86.206 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.1.225 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-1-225.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-70.fra60.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.38 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.36 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-36.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.153 (United States)

ASN54113 (FASTLY, US)

static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.222.236.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-19.fra56.r.cloudfront.net

auth-id.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.194.183.173 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-183-173.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

auth-id.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:b000:6:4f98:bc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.153.188 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-153-188.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.17 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.14 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-14.fra56.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.183.108 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-183-108.compute-1.amazonaws.com

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	therams.com www.therams.com — Cisco Umbrella Rank: 177231 auth-id.therams.com — Cisco Umbrella Rank: 501153	424 KB
30	nfl.com static.clubs.nfl.com — Cisco Umbrella Rank: 31202 smetrics.nfl.com — Cisco Umbrella Rank: 23858 static.www.nfl.com — Cisco Umbrella Rank: 24358 auth-id.nfl.com — Cisco Umbrella Rank: 25829	990 KB
28	everesttech.net 22 redirects cm.everesttech.net — Cisco Umbrella Rank: 881 pixel.everesttech.net — Cisco Umbrella Rank: 2907 sync-tm.everesttech.net — Cisco Umbrella Rank: 491	10 KB
16	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 187 nfl.demdex.net — Cisco Umbrella Rank: 24809	19 KB
16	formstack.com rams.formstack.com static.formstack.com — Cisco Umbrella Rank: 23135 analytics.formstack.com — Cisco Umbrella Rank: 55035	303 KB
14	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	150 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863	174 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	671 B
5	google.com www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 86	112 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	195 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 505	103 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 266	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6342	718 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	3 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 891 load77.exelator.com — Cisco Umbrella Rank: 2952	2 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314	73 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 407 ajax.googleapis.com — Cisco Umbrella Rank: 250 fonts.googleapis.com — Cisco Umbrella Rank: 35	34 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 5552 evt.undertone.com — Cisco Umbrella Rank: 6500	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 469	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 855 ads.yahoo.com — Cisco Umbrella Rank: 835	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 355	789 B
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	602 B
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2223 forms.hubspot.com — Cisco Umbrella Rank: 3078	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	936 B
2	gstatic.com fonts.gstatic.com	46 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 704	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	74 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 571	231 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 752	546 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 322	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 776	324 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 845	418 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4013	87 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2042	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2019	20 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	353 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 982	174 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 754	402 B
1	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 7079	133 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2180	956 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	parsely.com p1.parsely.com — Cisco Umbrella Rank: 1996	260 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	24 KB
1	amazonaws.com s3.amazonaws.com	2 MB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 387	684 B
1	omtrdc.net nflenterprises.tt.omtrdc.net — Cisco Umbrella Rank: 24814	593 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	345 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829	10 KB
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
188	53

	Domain	Requested by
40	www.therams.com	www.therams.com
18	static.clubs.nfl.com	www.therams.com
15	dpm.demdex.net	2 redirects www.therams.com
13	static.formstack.com	rams.formstack.com
12	pixel.everesttech.net	6 redirects www.therams.com
9	auth-id.nfl.com	cdns.us1.gigya.com auth-id.nfl.com
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
6	www.facebook.com	www.therams.com connect.facebook.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.therams.com
5	quantcast.mgr.consensu.org	www.therams.com quantcast.mgr.consensu.org
4	connect.facebook.net	www.therams.com connect.facebook.net cdns.us1.gigya.com
4	assets.adobedtm.com	www.therams.com assets.adobedtm.com
3	s.amazon-adsystem.com	2 redirects
3	www.google.de	www.therams.com
3	www.google.com	www.therams.com
3	ib.adnxs.com	2 redirects
3	sb.scorecardresearch.com	1 redirects www.therams.com
3	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	apis.google.com	cdns.us1.gigya.com apis.google.com
2	gum.criteo.com	2 redirects
2	pixel.advertising.com	1 redirects
2	match.adsrvr.org	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	pm.w55c.net	2 redirects
2	www.googletagmanager.com	rams.formstack.com assets.adobedtm.com
2	loadm.exelator.com	2 redirects
2	smetrics.nfl.com	assets.adobedtm.com
2	rams.formstack.com	www.therams.com static.formstack.com
2	cdn.onesignal.com	www.therams.com cdn.onesignal.com
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	analytics.formstack.com	static.formstack.com
1	auth-id.therams.com	cdns.us1.gigya.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	analytics.twitter.com	www.therams.com
1	x.dlx.addthis.com	1 redirects
1	static.www.nfl.com	www.therams.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	d.turn.com	1 redirects
1	cdns.us1.gigya.com	www.therams.com
1	js.hs-scripts.com	assets.adobedtm.com
1	www.googleadservices.com	www.googletagmanager.com
1	p1.parsely.com	www.therams.com
1	d1z2jf7jlzjs58.cloudfront.net	assets.adobedtm.com
1	fonts.googleapis.com	ajax.googleapis.com
1	s3.amazonaws.com	rams.formstack.com
1	load77.exelator.com	www.therams.com
1	sync.mathtag.com	1 redirects
1	nflenterprises.tt.omtrdc.net	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	onesignal.com	cdn.onesignal.com
1	rules.quantcount.com	secure.quantserve.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	ajax.googleapis.com	www.therams.com
1	imasdk.googleapis.com	www.therams.com
0	adb2waycm-atl.netmng.com Failed	www.therams.com
188	75

This site contains links to these domains. Also see Links.

Domain
www.nfl.com
www.ramsfanshop.com
www.pntrac.com
sports.yahoo.com
ramsnewlook.com
sofiseats.com
chat.satis.fi
www.teamworkonline.com
www.stanza.co
am.ticketmaster.com
onlocationexp.com
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.commanders.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com
www.ticketmaster.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.formstack.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.nfl.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-26`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.parsely.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-19` - `2022-02-17`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2021-03-05` - `2022-03-10`	a year	crt.sh
static.www.nfl.com R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
auth-id.nfl.com Amazon	`2021-11-22` - `2022-12-20`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
auth-id.therams.com Amazon	`2021-11-16` - `2022-12-15`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.therams.com/stadium/sofi-stadium
Frame ID: 3A0AAFE96403D0EA41B747AD7F4C3A1A
Requests: 147 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: AEFEB77343911A4422C28CB42ECA3E4E
Requests: 34 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
Frame ID: 57BBB99279D41114FA7BB4E17F0E199A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 54BA0C15BFD037EF22CD8D99D33F4889
Requests: 1 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: 102467BC1A63E8F9687C9F71CD400C51
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: 1A4F7E2DE5EE28F468AB7430C3F810FB
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: B19D2DBFC1326E7765100A225E11D2CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SoFi Stadium | Los Angeles Rams - therams.com

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

188
Requests

82 %
HTTPS

41 %
IPv6

53
Domains

75
Subdomains

58
IPs

7
Countries

5520 kB
Transfer

10589 kB
Size

70
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nfl.com/legal/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://www.pntrac.com/t/2-479175-57835-55814
Title: GAME PASS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: https://ramsnewlook.com/?utm_source=therams.com&utm_medium=nav
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://sofiseats.com/rams/landing

Search URL Search Domain Scan URL

URL: https://chat.satis.fi/?pageID=7240
Title: Have a question? Ask our virtual assistant!

Search URL Search Domain Scan URL

URL: https://www.nfl.com/super-bowl/event-info/gameday-guide
Title: CLICK HERE

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.stanza.co/button/launch?calendar=https%3A%2F%2Fspoton.it%2Fschedules%2Fnfl-rams#/
Title: Add to Calendar

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: Rams Account Manager

Search URL Search Domain Scan URL

URL: https://onlocationexp.com/nfl/los-angeles-rams-tickets?utm_source=therams.com&utm_medium=referral&utm_campaign=sb56_teams-rams_footer_menu
Title: Super Bowl Packages

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/

Search URL Search Domain Scan URL

URL: https://www.bengals.com/

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/

Search URL Search Domain Scan URL

URL: https://www.steelers.com/

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/

Search URL Search Domain Scan URL

URL: https://www.patriots.com/

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/

Search URL Search Domain Scan URL

URL: https://www.colts.com/

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/

Search URL Search Domain Scan URL

URL: https://www.chargers.com/

Search URL Search Domain Scan URL

URL: https://www.raiders.com/

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/

Search URL Search Domain Scan URL

URL: https://www.packers.com/

Search URL Search Domain Scan URL

URL: https://www.vikings.com/

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/

Search URL Search Domain Scan URL

URL: https://www.giants.com/

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/

Search URL Search Domain Scan URL

URL: https://www.commanders.com/

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/

Search URL Search Domain Scan URL

URL: https://www.panthers.com/

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/

Search URL Search Domain Scan URL

URL: https://www.49ers.com/

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644440411146 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644440411146

Request Chain 48

https://cm.everesttech.net/cm/dd?d_uuid=06843398865598062741245157783431098547 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgQrWwAAAIsL4wQz

Request Chain 50

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=06843398865598062741245157783431098547&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d06843398865598062741245157783431098547 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=95606204-2b5b-4700-824c-1de8a0532384&ddsuuid=06843398865598062741245157783431098547

Request Chain 51

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=06843398865598062741245157783431098547 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=06843398865598062741245157783431098547&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 67

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=hl5vRmAe1NhU4r5

Request Chain 69

https://sb.scorecardresearch.com/cs/3005386/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 72

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=292226348082004327

Request Chain 92

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7665900717572138239

Request Chain 123

https://x.dlx.addthis.com/e/demdex_sync?na_exid=06843398865598062741245157783431098547&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022020921001200090982919771

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDY4NDMzOTg4NjU1OTgwNjI3NDEyNDUxNTc3ODM0MzEwOTg1NDc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEDTYwf7sUI33l-ERafmTWg&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 143

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEFtmSJmWo9qMrYyDgRQJ2bE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 144

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFtmSJmWo9qMrYyDgRQJ2bE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 145

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEFtmSJmWo9qMrYyDgRQJ2bE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 148

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEFtmSJmWo9qMrYyDgRQJ2bE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 149

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFtmSJmWo9qMrYyDgRQJ2bE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 150

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=0065ceb9-cdf9-44e9-87db-a7d5888f7ba7

Request Chain 158

https://pixel.advertising.com/ups/28/sync?uid=06843398865598062741245157783431098547&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/28/sync?uid=06843398865598062741245157783431098547&_origin=1&redir=true&verify=true

Request Chain 161

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFtmSJmWo9qMrYyDgRQJ2bE&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 164

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AG6bMn04T9ocM5Gz9lWdjWVcNd-xIYhq&gdpr=0&gdpr_consent=

Request Chain 166

https://ps.eyeota.net/match?bid=6j5b2cv&uid=06843398865598062741245157783431098547&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 168

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=06843398865598062741245157783431098547&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-BXxcQFNE2pGrYC6UtdEaPhQIZsSiCpLHTKs-~A

Request Chain 170

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YgQrWwAAAIsL4wQz&sigv=1&esig=1~b55b5969982640f56d315b3ce4d321e789ae46f3

Request Chain 171

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWdRcld3QUFBSXNMNHdReg==

Request Chain 176

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YgQrWwAAAIsL4wQz&expires=90

Request Chain 180

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQrWwAAAIsL4wQz HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQrWwAAAIsL4wQz&C=1

Request Chain 181

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YgQrWwAAAIsL4wQz

Request Chain 182

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgQrWwAAAIsL4wQz

Request Chain 183

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgQrWwAAAIsL4wQz

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQrWwAAAIsL4wQz&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQrWwAAAIsL4wQz&img=1&__user_check__=1&sync_id=47148dec-89eb-11ec-ab93-1d37f49c0106

Request Chain 185

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YgQrWwAAAIsL4wQz&t=2592000&o=0

Request Chain 187

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 188

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=xOLEWJRBRGG8DuiRhdywqA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=06843398865598062741245157783431098547

188 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request sofi-stadium Show response
www.therams.com/stadium/ 256 KB
58 KB 484ms
452ms Document
text/html 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a81eeb16b938ed4039af49d942dd8a15ca390c2d5232d9df370b313f7c08013e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 58261
content-type: text/html
server: envoy
content-encoding: gzip
access-control-allow-origin: *
service-worker-allowed: /
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 257
strict-transport-security: max-age=31536000
origin-site: LA3
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:10 GMT
Age: 0
X-NFL-Geo: country_code=DE
X-NFL-Dma: 276004
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4027-HHN
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1644440410.452638,VS0,VE436
Vary: Accept-Encoding,X-NFL-Geo,Origin

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 508 KB
90 KB 8ms
8ms Stylesheet
text/css 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/stadium/sofi-stadium
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 89
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 90932
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:19:48 GMT
server: envoy
X-Timer: S1644440411.926926,VS0,VE1
etag: "1d81c46e86da2fd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:10 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK d67c44a609a9b0620bc93a8019cd60e8
www.therams.com/compiledassets/theming/ 16 KB
4 KB 24ms
7ms Stylesheet
text/css 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/stadium/sofi-stadium
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 867506
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 34
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3441
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10744-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276004
server: envoy
X-Timer: S1644440411.943263,VS0,VE1
Date: Wed, 09 Feb 2022 21:00:10 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 121ms
84ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0cf19c94211702e8429633ae2194b30555ccce31a52a7635f657ab8f289fb9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27282
x-xss-protection: 0
server: sffe
etag: "1127 / 213 of 1000 / last-modified: 1644427664"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Feb 2022 21:00:11 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 74 KB
27 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86bc752d0407555cfb8f83681c8cf277390cc9ca5b49f8c64a8753480f7c0e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27193
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 21:07:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Wed, 09 Feb 2022 21:08:44 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 49ms
23ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1084
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6db00698ee4591ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 12 Feb 2022 21:00:11 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 273 KB
80 KB 81ms
17ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2465a231a58b82c620d23b94ee93bb2bdc046acf40e9ded0aacf40cc43384952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 00:10:00 GMT
server: AkamaiNetStorage
etag: "2706c6195820af5978bfcfb529ca1907:1640218200.981688"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 81255
expires: Wed, 09 Feb 2022 22:00:11 GMT

GET
H/1.1 200
OK pfzqqwyhguxgqvxd89cd.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 52ms
15ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/pfzqqwyhguxgqvxd89cd.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: aba5ed44fb1cddc664223c23c8afd4a07e75edb3a6c5d9c89ecd9654d8898a07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 4657175
Edge-Cache-Tag: 372951776681891745206645328894684630372,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 372951776681891745206645328894684630372,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="pfzqqwyhguxgqvxd89cd.webp"
Connection: keep-alive
Content-Length: 1962
X-Request-Id: 777dafc29200e5f0f18cc73c49525b60
X-Served-By: cache-iad-kiad7000173-IAD, cache-iad-kiad7000036-IAD, cache-hhn4054-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 17 Dec 2021 23:20:36 GMT
Server: cloudinary
X-Timer: S1644440411.045249,VS0,VE0
Etag: "4b1a004e859023b8645a2c97add07687"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 46

GET
H/1.1 200
OK lwsr9kpjckkvyhp1uegl.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 47ms
10ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/lwsr9kpjckkvyhp1uegl.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 55412c28f1fc7230f98e49ca53c80a4794e61826175304e54c8e84520966bf7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 4823159
Edge-Cache-Tag: 561948427067237913989577602717750212885,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 561948427067237913989577602717750212885,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="lwsr9kpjckkvyhp1uegl.webp"
Connection: keep-alive
Content-Length: 1398
X-Request-Id: 871b2c30b8789811056dec9cce70a0b9
X-Served-By: cache-iad-kjyo7100168-IAD, cache-iad-kiad7000055-IAD, cache-hhn4020-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Thu, 16 Dec 2021 01:14:12 GMT
Server: cloudinary
X-Timer: S1644440411.040594,VS0,VE1
Etag: "fdc077fe45e7db5d60efddfcfde6cf74"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK br1oukintwzib84ykrha.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 44ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/br1oukintwzib84ykrha.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: aaf03219cf050a3a022af73224f8ddad8c051e07354af2e0d880aa8a599c1782

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 6091663
Edge-Cache-Tag: 533685290724722026365348896775649987849,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="br1oukintwzib84ykrha.webp"
Connection: keep-alive
Content-Length: 1510
X-Served-By: cache-bwi5059-BWI, cache-dca17778-DCA, cache-iad-kiad7000162-IAD, cache-hhn4046-HHN
X-Cache: HIT, HIT, HIT, HIT
Last-Modified: Wed, 21 Jul 2021 15:24:31 GMT
Server: cloudinary
X-Timer: S1644440411.037496,VS0,VE1
Etag: "2ccb75563670bbd26063e120640ebe3b"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1, 1

GET
H/1.1 200
OK qydqex97rx1x6o4w53ml.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 47ms
10ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/qydqex97rx1x6o4w53ml.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c576341a29cc7803eae586a5b1b0004e4391f95a0583613a5839d25eabd8fec5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1606960
Edge-Cache-Tag: 561970991575272472998702031147990830514,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 561970991575272472998702031147990830514,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="qydqex97rx1x6o4w53ml.webp"
Connection: keep-alive
Content-Length: 1850
X-Served-By: cache-iad-kjyo7100164-IAD, cache-iad-kjyo7100032-IAD, cache-hhn4069-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Wed, 07 Jul 2021 22:02:48 GMT
Server: cloudinary
X-Timer: S1644440411.040418,VS0,VE1
Etag: "8c60384b9fcdf6ced82c2e3e29e08bb1"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK hlwcxdqhpdl6cu2j6a0q.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 52ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/hlwcxdqhpdl6cu2j6a0q.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7069bd8cd4136cf552c4c02ba4f80c03f4a9e36b9edac2f2a8d7c7313b2e1580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1844922
Edge-Cache-Tag: 497101282059084916626549311246049786825,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 497101282059084916626549311246049786825,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="hlwcxdqhpdl6cu2j6a0q.webp"
Connection: keep-alive
Content-Length: 1676
X-Served-By: cache-iad-kcgs7200079-IAD, cache-iad-kiad7000062-IAD, cache-hhn4046-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sat, 26 Jun 2021 00:38:31 GMT
Server: cloudinary
X-Timer: S1644440411.045728,VS0,VE1
Etag: "9aaaafeb04c97363b8bde226d4f34f07"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/ 6 KB
2 KB 45ms
17ms Script
application/javascript 2600:9000:2240:ae00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aafa5bd1a6d109986f239e94e42036262c7eb9189f63b4f00cefbfe963ca6ad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 09 Feb 2022 20:59:27 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 21:46:46 GMT
server: AmazonS3
age: 45
etag: W/"88ab4a15a734e08bba7a8735b1d3edf4"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 8Z-8L8SmSUa8WUjYJtmWAiOxWa5jNnK8lWVUkV2XTzllXr7Y5SEECw==

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 508 KB
90 KB 27ms
8ms Stylesheet
text/css 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 89
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 90932
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:19:48 GMT
server: envoy
X-Timer: S1644440411.948160,VS0,VE1
etag: "1d81c46e86da2fd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:10 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK d67c44a609a9b0620bc93a8019cd60e8
www.therams.com/compiledassets/theming/ 16 KB
4 KB 29ms
7ms Stylesheet
text/css 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 821898
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 29
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3441
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4044-HHN
X-NFL-Dma: 276004
server: envoy
X-Timer: S1644440411.951721,VS0,VE0
Date: Wed, 09 Feb 2022 21:00:10 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 4, 4

GET
H/1.1 200
OK shifumef044hn5atijym.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 11ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/shifumef044hn5atijym.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 82372e5085d63a3eebd690eca5c085c65b6d0de397b7fbb1a6d7b9fc87d0061e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 459666
Edge-Cache-Tag: 469045599805938173633271981388412517434,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 469045599805938173633271981388412517434,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="shifumef044hn5atijym.webp"
Connection: keep-alive
Content-Length: 1650
X-Served-By: cache-iad-kcgs7200079-IAD, cache-iad-kcgs7200156-IAD, cache-hhn4020-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Wed, 16 Jun 2021 17:49:07 GMT
Server: cloudinary
X-Timer: S1644440411.048962,VS0,VE1
Etag: "02bf793b953bcdc3e2665744cb0c3ae8"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK ctia3r41xpmbep1oc0jn.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 12ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ctia3r41xpmbep1oc0jn.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2799001f240cd99cd731ecf4c933e4aade589dbe85f93901c900dd8ecec01999

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1330737
Edge-Cache-Tag: 480991908323120109040887342500216578479,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 480991908323120109040887342500216578479,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="ctia3r41xpmbep1oc0jn.webp"
Connection: keep-alive
Content-Length: 1906
X-Served-By: cache-iad-kjyo7100105-IAD, cache-iad-kcgs7200066-IAD, cache-hhn4069-HHN
X-Cache: HIT, HIT, HIT
Last-Modified: Sat, 12 Jun 2021 16:01:04 GMT
Server: cloudinary
X-Timer: S1644440411.049055,VS0,VE1
Etag: "8a4e0a39c7df3e47925183cac57ca480"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK fi9r4x7ddwhtum6n96qa.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 12ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/fi9r4x7ddwhtum6n96qa.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6701454491ae4d2c571f9443f60895852709199d4a02f25cf4f8070c6b35d144

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 6005778
Edge-Cache-Tag: 460529375692163520014890492295371359836,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="fi9r4x7ddwhtum6n96qa.webp"
Connection: keep-alive
Content-Length: 1272
X-Served-By: cache-dca17736-DCA, cache-dca17774-DCA, cache-iad-kjyo7100050-IAD, cache-hhn4054-HHN
X-Cache: HIT, HIT, HIT, HIT
Last-Modified: Tue, 25 May 2021 20:48:01 GMT
Server: cloudinary
X-Timer: S1644440411.053844,VS0,VE1
Etag: "87f645d9b64111bd61b4d7b801c3ee99"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1, 1

GET
H/1.1 200
OK psbzct0hyszydhpl75gx.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 13ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/psbzct0hyszydhpl75gx.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0c5ef018746786c973b11ed38934a17a09d5b6ebc739a738c7e924ebe0b15528

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 458149
Edge-Cache-Tag: 468273255908452252408165268047777506138,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 468273255908452252408165268047777506138,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="psbzct0hyszydhpl75gx.webp"
Connection: keep-alive
Content-Length: 1420
X-Served-By: cache-iad-kiad7000171-IAD, cache-iad-kcgs7200153-IAD, cache-hhn4046-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Tue, 25 May 2021 20:55:31 GMT
Server: cloudinary
X-Timer: S1644440411.054751,VS0,VE1
Etag: "d3df97000ab43b3e213018206352b8da"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK b5xchmrrvv7idefzap1h.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 16ms
11ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/b5xchmrrvv7idefzap1h.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 972965a2008fb7426f4a686c601836371b92cfae2afbaa4bf36c7ccbfc3f0a41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 7216203
Edge-Cache-Tag: 396173162133534743980894201067887854722,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="b5xchmrrvv7idefzap1h.webp"
Connection: keep-alive
Content-Length: 1696
X-Served-By: cache-dca17783-DCA, cache-dca17783-DCA, cache-iad-kiad7000123-IAD, cache-hhn4069-HHN
X-Cache: MISS, HIT, HIT, HIT
Last-Modified: Sat, 22 May 2021 16:00:55 GMT
Server: cloudinary
X-Timer: S1644440411.058080,VS0,VE2
Etag: "10c72de5af9ba4f863e0aa6e8440e951"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 77, 1, 1

GET
H/1.1 200
OK lxv1sa2it1asazh5e8hl.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 13ms
10ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/lxv1sa2it1asazh5e8hl.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6199d7ca3ec10c4de7cd008b1f021eb83110f2d7bc5804483b2ab8e6644eae9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 909996
Edge-Cache-Tag: 366107797917474013985585973057224785611,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 366107797917474013985585973057224785611,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="lxv1sa2it1asazh5e8hl.webp"
Connection: keep-alive
Content-Length: 1766
X-Served-By: cache-iad-kcgs7200068-IAD, cache-iad-kcgs7200166-IAD, cache-hhn4020-HHN
X-Cache: HIT, HIT, HIT
Last-Modified: Fri, 21 May 2021 23:51:33 GMT
Server: cloudinary
X-Timer: S1644440411.057878,VS0,VE1
Etag: "b58369db0d25c6daf41cc03bf5407680"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK ubq0bkdxo845e71v362c.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 57ms
54ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ubq0bkdxo845e71v362c.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b96e7301a686b33ddf2cf5a2c5c0f1767276e21ac1f2150a173cf710f353c94d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 43141
Edge-Cache-Tag: 440552214437478461892848529320326980055,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 440552214437478461892848529320326980055,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="ubq0bkdxo845e71v362c.webp"
Connection: keep-alive
Content-Length: 1812
X-Served-By: cache-iad-kiad7000157-IAD, cache-iad-kjyo7100046-IAD, cache-cdg20731-CDG
X-Cache: MISS, MISS, HIT
Last-Modified: Fri, 21 May 2021 17:06:22 GMT
Server: cloudinary
X-Timer: S1644440411.064508,VS0,VE35
Etag: "cace8d9730f32b22a9b3059657748a77"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 0, 1

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 07:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Feb 2023 07:05:24 GMT

GET
H2 200 contactmessl Show response
rams.formstack.com/forms/js.php// 124 KB
125 KB 477ms
412ms Script
text/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-21.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

9d8b72388801d85bbe5e728baa32bc98aed33bbc3bfe96fe3079f16acf04af02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P2
strict-transport-security: max-age=63072000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=5, public
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: efSbUDXjKs9rpqe7ViOLtLaNwOj2JRgxpmbAl3hlmT_DxyF4c6OC4A==
expires: Wed, 09 Feb 2022 21:00:16 GMT

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 88
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644440411.046519,VS0,VE1
etag: "1d81c464054cc4a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 1

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 7ms
7ms Font
font/woff2 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 88
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19348
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10628-LGB, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644440411.009866,VS0,VE1
etag: "1d81c464054c294"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 27ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 16 Feb 2022 21:00:11 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
44 KB 9ms
7ms Script
text/javascript 2600:9000:2240:ae00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:59:39 GMT
content-encoding: br
age: 33
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:49 GMT
server: AmazonS3
etag: W/"654a79dfaa26ade386414ddc75ea4b75"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7quGDv5-KUeJkASQGU_g1qJBFh1N55zQG4v4MDRXAoetu31JdwX9OA==

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 8ms
7ms Font
font/woff2 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 88
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19284
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10729-LGB, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644440411.055489,VS0,VE1
etag: "1d81c464054c254"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
18 KB 12ms
11ms Font
font/woff2 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 88
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18168
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644440411.056065,VS0,VE1
etag: "1d81c464054cff8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 9ms
8ms Font
font/woff2 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 46
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 9
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18504
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644440411.056408,VS0,VE1
etag: "1d81c464054c148"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 1

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 53ms
52ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1077
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6db006996f9791ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 12 Feb 2022 21:00:11 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 34ms
7ms XHR
application/json 2600:9000:225e:5000:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:00:39 GMT
content-encoding: br
age: 64773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 19:52:29 GMT
server: AmazonS3
etag: W/"4b1249837503afcdf64c329aec87b38a"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: wJc6WWcV90znCBTeZs7CxIHimMpQQ1tj
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P4
content-type: application/json
x-amz-cf-id: tDF-HzFTSuAbQ4NIQcZxCwSin0o0x5e1C_8ipisoM_7dDGB1WEyE3A==

GET
H2 200 rules-p-gGpYeVwuEvd4w.js Show response
rules.quantcount.com/ 2 B
345 B 23ms
6ms Script
application/javascript 2600:9000:223c:8a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gGpYeVwuEvd4w.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:02:22 GMT
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
server: AmazonS3
age: 3469
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P2
content-length: 2
x-amz-cf-id: yzA63VZ5b6LYQzRlXFdgcKNUj96hbVUIn24wNGcXGpPcYj2F7Cf3hg==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644440411146
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644440411146

7 KB
3 KB

33ms
33ms

XHR
application/json

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644440411146

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

43f657e34f6a74798dac1f29ed4c23169220f3aef9dff22d4b007c6c634e5836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-0a827ee29.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: WHi1ITUARHs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1996
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v027-0364aa5d9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.therams.com
X-TID: LDaKglTVRG8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644440411146
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 15ms
14ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 09 Feb 2022 22:00:11 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 16ms
15ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 09 Feb 2022 22:00:11 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Wed, 09 Feb 2022 22:00:11 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/39/ 227 KB
55 KB 8ms
7ms Script
text/javascript 2600:9000:2240:ae00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 06:09:18 GMT
content-encoding: br
age: 53453
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:35 GMT
server: AmazonS3
etag: W/"58b24098a17406b31f4f22592394578b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: P-574KisDZ2oEPi4lCvdmdjpVjEAUs98rK_xI2_zlim9MSP5cp3uOA==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 283 KB
33 KB 23ms
8ms XHR
application/json 2600:9000:2240:ae00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 284f3fb5272a62c2fa10bf971794e7d86d1b18a00f5b6b6a3834c318e8cb6e1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:00:36 GMT
content-encoding: br
age: 64776
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 03:00:32 GMT
server: AmazonS3
etag: W/"23a78a08d18dd06e59e2625a31a29823"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Phj3x_Z2w_zsLXb5pV9Uy9tw0rBJdsYfi1ciCTnXXXOQB-tSQKJZnA==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
37 KB 28ms
14ms XHR
application/json 2600:9000:2240:ae00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 551a4a808579c7378031adf0db69216f283b918c1ad8121a2537aea2de752975

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:00:30 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 64782
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 03:00:26 GMT
server: AmazonS3
etag: W/"ad4bcd2cac4f746076ef071869c77880"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: hQiL5_oUzUI07RFEDfQip6pb5wYjKrGtg9OtjITezzMtGR22a-47_Q==

GET
H3 200 pubads_impl_2022020701.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 23ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064765

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5514e154a0779b75c1037f4735d4536a6fdbf7594464157ccf692739cd803cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 14:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122460
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Feb 2023 14:55:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
104 B 30ms
16ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7211d8b26143e07e1cb7b66219fcf0fc4a22a57f6b864c9cee37070df8592d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Wed, 09 Feb 2022 21:00:11 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/fde36100-f0c8-4d64-b942-75e4b965bf86/ 5 KB
2 KB 36ms
28ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/fde36100-f0c8-4d64-b942-75e4b965bf86/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865b09b9c0fc51ee9b69bfdf2d7e8b748c20b8a4789430104e09bba11567764f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3184
cf-polished: origSize=4687
status: 200 OK
x-envoy-upstream-service-time: 217
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f8662370-fe2e-4b4d-801e-8aef88723662
x-runtime: 0.213276
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d981b402820d3fe6ff89b7eb04703c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6db0069a195491ea-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 09 Feb 2022 22:00:11 GMT

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 32ms
7ms XHR
text/plain 18.158.39.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22gGpYeVwuEvd4w%22%2C%22domain%22%3A%22www.therams.com%22%2C%22publisher%22%3A%22Rams%20Web%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%2Be9BB1ZFFULwYoeI9%2BVz%2FA%22%2C%22clientTimestamp%22%3A1644440411214%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-pohgposdgix4x2gcuwb5%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.39.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-39-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Feb 2022 21:00:11 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK dest5.html Show response
nfl.demdex.net/ Frame AEFE 7 KB
3 KB 132ms
31ms Document
text/html 52.31.238.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.238.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-238-195.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 9 Feb 2022 21:00:11 GMT
DCS: dcs-prod-irl1-1-v027-0264697f1.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 19 Jan 2022 13:28:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: JsRIbyB6Tbw=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetrics.nfl.com/ 48 B
505 B 61ms
15ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&mid=06633606513197547491228437161588345868&ts=1644440411329

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

2f3e4d8ec11ab62a46f645476be84198fd1903128d47c73b8e7151af2a8d98b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-8sb7g
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YgQrWwAAAIsL4wQz
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=06843398865598062741245157783431098547
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgQrWwAAAIsL4wQz

42 B
943 B

33ms
32ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgQrWwAAAIsL4wQz

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-04eb20598.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: B609FcCATfY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgQrWwAAAIsL4wQz
Date: Wed, 09 Feb 2022 21:00:11 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
nflenterprises.tt.omtrdc.net/rest/v1/ 357 B
593 B 120ms
40ms XHR
application/json 34.252.166.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nflenterprises.tt.omtrdc.net/rest/v1/delivery?client=nflenterprises&sessionId=e087b5b369774c0084aae80b107a72b4&version=2.4.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.166.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-166-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3da357fbf0f7c5cbe26da19810899f57b13595143aec8ba5cd03613b8dae5c71

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.therams.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 01755ef38eb76c35b006862c7d6442b5

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=95606204-2b5b-4700-824c-1de8a0532384&ddsuuid=06843398865598062741245157783431098547
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=06843398865598062741245157783431098547&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d06843398865598...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=95606204-2b5b-4700-824c-1de8a0532384&ddsuuid=06843398865598062741245157783431098547

42 B
943 B

39ms
39ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=95606204-2b5b-4700-824c-1de8a0532384&ddsuuid=06843398865598062741245157783431098547

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-0fa023e15.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: N4AexOCoSQc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Server: MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=95606204-2b5b-4700-824c-1de8a0532384&ddsuuid=06843398865598062741245157783431098547
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 09 Feb 2022 21:00:10 GMT

GET
H2

200

pixel.gif
load77.exelator.com/ Frame AEFE
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=06843398865598062741245157783431098547
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=06843398865598062741245157783431098547&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
334 B

61ms
13ms

Image
image/gif

2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-nzt: AcO1ry+mz13/nx4HAA==
x-accel-expires: @1645010620
date: Wed, 09 Feb 2022 21:00:11 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: hE3yp0ODiSk=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 466591
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Wed, 09 Feb 2022 21:00:11 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ 2 KB
879 B 22ms
11ms Stylesheet
text/css 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:59:50 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:30 GMT
server: nginx
age: 75621
etag: W/"62016186-616"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: JaMBBwUG7tdUpm0hw2KPSAsu4hTn47mcJUIbNuVrnlaDQ-8DopdjJw==

GET
H2 200 jquery-ui_eb08fdf84b.css
static.formstack.com/forms/css/3/ 32 KB
6 KB 23ms
12ms Stylesheet
text/css 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/jquery-ui_eb08fdf84b.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:59:50 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:30 GMT
server: nginx
age: 75620
etag: W/"62016186-8052"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: BCevJbySAPgp_ZgofEpdwD9QJSxzrMxVJiE86PlmmWaG0Zs6BiBxMQ==

GET
H2 200 default-v4_febab48678.css
static.formstack.com/forms/css/3/ 35 KB
6 KB 20ms
10ms Stylesheet
text/css 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/default-v4_febab48678.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: ac10112e1f23d21b3f4130d8b4ef344ce013dc634f6d8171fa4df2637e52f791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:59:50 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:30 GMT
server: nginx
age: 75620
etag: W/"62016186-8bc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: ne9mS_yYIYRDGXnTH6Fjv5FqMJlRwLHQ1ztxXGDzPtaAAJRepvSRfA==

GET
H2 200 uil-static.css
static.formstack.com/common/css/ 51 KB
8 KB 20ms
11ms Stylesheet
text/css 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/common/css/uil-static.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7e631a807e4b121be305ddb3ba1340afda0f906a8ebc768a17a2df9fc5b4328b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:04:21 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 12:25:40 GMT
server: nginx
age: 10550
etag: W/"6203b2c4-cb81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: WCOWfw8jcwi9BIwgaE68tfjJAh5CrXzfX1PbllYydGXLl1aiOef84A==

GET
H2 200 dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ 170 B
506 B 22ms
13ms Stylesheet
text/css 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:04:21 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 12:26:49 GMT
server: nginx
age: 10550
etag: "6203b309-aa"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 170
x-amz-cf-id: a3RHh6hjWuKekZTFbLbsIE5nAVlgMnab7QnPlmyospyba8CgIECFHA==

GET
H/1.1 200
OK image_16x91.jpg
s3.amazonaws.com/files.formstack.com/public/570723/ 2 MB
2 MB 454ms
147ms Image
image/jpeg 52.217.86.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/files.formstack.com/public/570723/image_16x91.jpg
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.86.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fc98c9f06ecc9a282b433f8171fd80c4fc8a8ac778ee355530d54fffaae0ea31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 09 Feb 2022 21:00:13 GMT
Last-Modified: Mon, 10 Jan 2022 02:03:46 GMT
Server: AmazonS3
x-amz-request-id: BYF1X6JSJ9DVQF97
ETag: "f1a4e9bba71548bbfb99204a67b0dc22"
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Content-Length: 2542560
Accept-Ranges: bytes
X-Robots-Tag: noindex
x-amz-version-id: v._cCilrIvNrHeZt_R0e6ojQDZyMtI96
x-amz-id-2: HFF4DjaccAnknbpt06QtCEDp2pQ6arDyV5AHFOWGOQ08Basin1GKYpzsIaVlJDwfWYM1ZSCkhy4=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 65ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122484269-1

Requested by

Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6562dab0aa4cbe7cb9e2387468f40825b8220024ff728f1c1746c2328e12adb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36075
x-xss-protection: 0
expires: Wed, 09 Feb 2022 21:00:11 GMT

GET
H2 200 jquery.min_1d14cd3798.js Show response
static.formstack.com/forms/js/3/ 91 KB
33 KB 19ms
13ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery.min_1d14cd3798.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Feb 2022 18:04:21 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 12:25:41 GMT
server: nginx
age: 10550
etag: W/"6203b2c5-16cfa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: TI_bjiK7QLpI2lsH9O10OPJK7YEF09CCy-4Tzaoz56rBTQ4MJ2OOzQ==

GET
H2 200 jquery-ui.min_42a497cb9f.js Show response
static.formstack.com/forms/js/3/ 82 KB
24 KB 20ms
14ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery-ui.min_42a497cb9f.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Feb 2022 03:00:40 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:13:27 GMT
server: nginx
age: 64771
etag: W/"62016147-147b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: JvHH45wgGbTA8a9GVKp7zK-nm0N6yQgQwUKbAZwejCtQHPaGAEyu0w==

GET
H2 200 scripts_0d92d709f3.js Show response
static.formstack.com/forms/js/3/ 79 KB
23 KB 25ms
20ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/scripts_0d92d709f3.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6abf2aa9d7790ad3b128a7396c3bfd3367a98948a212d7f110607691d8fb4f2c

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Feb 2022 23:59:50 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:25 GMT
server: nginx
age: 75620
etag: W/"62016181-13ddc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: FcFLwhtjmnLCrS8OhbW-Imw-5NeLYPZWMPP9bbN3UqgrL-oohRHAUg==

GET
H2 200 analytics_3ca069828f.js Show response
static.formstack.com/forms/js/3/ 2 KB
1 KB 24ms
19ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/analytics_3ca069828f.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7cd1ce1596ca026fa2706f1bac7c02464d918ffb8d48c8af15d7fb8fd6c0a9de

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Feb 2022 23:59:51 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:24 GMT
server: nginx
age: 75620
etag: W/"62016180-847"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 39q_WQgLPgnmVsC0ibJSKRNleMA8N4l2BXKImqCJpjZxQ9_5aeCfqA==

GET
H2 200 google-phone-lib_c1e61f3e9c.js Show response
static.formstack.com/forms/js/3/ 239 KB
55 KB 21ms
16ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/google-phone-lib_c1e61f3e9c.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: f86db151732c4212c2cd57d7be7889c95ce5a8f0ca11fb40ce3410b9beeac723

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Feb 2022 18:04:21 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 12:25:41 GMT
server: nginx
age: 10550
etag: W/"6203b2c5-3bca0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: h04qL8qTRUsRKZU3KOLOwFjUcu8ar7bRxO6WefFq61EpyCvOEgpzng==

GET
H2 200 googleanalytics.js Show response
static.formstack.com/forms/js/3/plugins/ 2 KB
1 KB 16ms
12ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: bed924988f40a748ce85d013b93994b31d8b7dd8214c0b47938dab985641fd92

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Feb 2022 23:59:51 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:24 GMT
server: nginx
age: 75620
etag: W/"62016180-860"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: AwhT9u-TnsFK0XoORucnYv5fIz37XfDt1hkU7CUFQVedLC5m_4pJGA==

GET
H2 200 utm_tracking.js Show response
static.formstack.com/forms/js/3/plugins/ 792 B
1 KB 14ms
10ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/utm_tracking.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: b34144c367b6531b6c5a970cf4ffa526804af9b71ab1198444d988235acb3cda

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Feb 2022 23:59:51 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 18:14:24 GMT
server: nginx
age: 75620
etag: "62016180-318"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 792
x-amz-cf-id: fsvW9iTQqZO55iCYiDuvWPfXjS9MlPpk64mWPwqLkkd24z1o44Fc4w==

GET
H2 200 modernizr_60a2d5aeb5.js Show response
static.formstack.com/forms/js/3/ 13 KB
6 KB 18ms
14ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-21.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Feb 2022 18:04:30 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 12:25:41 GMT
server: nginx
age: 10541
etag: W/"6203b2c5-33bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: RfE7vL-0aimFPrFnVsQsiD1o4uA-JvVS-hdJXCvuRT_DwbEMn64vlw==

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=hl5vRmAe1NhU4r5
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=hl5vRmAe1NhU4r5

42 B
943 B

33ms
33ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=hl5vRmAe1NhU4r5

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-0b2ce3821.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: M8ofD5koQP8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 21:00:11 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0a9739bdde9ce53f1@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=hl5vRmAe1NhU4r5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
649 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 19:23:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 21:00:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 21:00:11 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/3005386/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

7ms
7ms

Script
application/javascript

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:45:16 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 896
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 6dhEGzgYfXwnMRd7PUIkIzHYhK8GPPbgYrP2_M6MknJkP1VeM6piXw==

Redirect headers

date: Wed, 09 Feb 2022 21:00:11 GMT
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: wZZTv7cakUll1LLoOhqQqWZ7lyS4VuPZGWU9rc3QOCMGSNwuhp-Q0Q==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 41ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-861929325

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b6ab60738d06a36bd98e77035c4ea4912ce4d52cc4fe81b9865fabf7ae905af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39659
x-xss-protection: 0
expires: Wed, 09 Feb 2022 21:00:11 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/ 66 KB
24 KB 33ms
7ms Script
application/javascript 52.222.250.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/p.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-70.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 22:29:08 GMT
Content-Encoding: gzip
Age: 81917
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Tue, 20 Apr 2021 20:53:44 GMT
Server: nginx
ETag: W/"607f3f58-10707"
Content-Type: application/javascript
Via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: qhMAHwSJlf5mtL75OAfFomBCMCAs2xv35ubz3WrwKQL_MC-vzQt-8A==
Expires: Wed, 09 Feb 2022 22:14:54 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=292226348082004327
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=292226348082004327

42 B
943 B

35ms
35ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=292226348082004327

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0dba01a99.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Yus//YN9TWA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Proxy-Origin: 193.27.14.42; 193.27.14.42; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f95a2689-ac3b-4f4d-80ac-c9121f5cab9d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=292226348082004327
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 6 KB
3 KB 9ms
9ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=c8420aafa79eaa38fad40188218a06ec

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ffb8de82eb4e7ce352d6babc3102b81fdef6a4df507ff6e0df2d4fac007d939c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 88
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1763
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10630-LGB, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.824680,VS0,VE1
etag: "1d81c46f324ff58"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 5356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:30:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 5333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:31:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122484269-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3319
date: Wed, 09 Feb 2022 20:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 09 Feb 2022 22:04:52 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 431ms
106ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1644440411851&plid=97941280&idsite=therams.com&url=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&sref=&sts=1644440411845&slts=0&title=SoFi+Stadium+%7C+Los+Angeles+Rams+-+therams.com&date=Wed+Feb+09+2022+21%3A00%3A11+GMT%2B0000+(GMT)&action=pageview&pvid=81525268&u=pid%3D35255b68638f2448cd7d472ad8d1a49f
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 09-Feb-2022 21:00:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 40ms
19ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-861929325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 21:00:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: HvY+NboR5balgUXXsaaCwGYAB+HMfYNNi3PFL8cWHITGhddtK2ztDG2EGdI6QUkUu/bHqGthZeuIPP0Y4lVSHg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 09 Feb 2022 21:00:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5191967.js Show response
js.hs-scripts.com/ 1 KB
956 B 516ms
466ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5191967.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d46365179f39d09145136221582d83a5c0d271ca34424b528ce9708fa0ac518e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 864d89aa-d014-4920-a46c-d8d94b53cd09
last-modified: Wed, 09 Feb 2022 20:54:52 GMT
server: cloudflare
x-trace: 2B44CD26DE3E3375DE70CC769E0017148F1280D6F8000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6db0069ebb5c83a3-MXP
expires: Wed, 09 Feb 2022 21:01:12 GMT

GET
H2 204 b2
sb.scorecardresearch.com/ 0
225 B 9ms
9ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005386&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=39&cs_cmp_rt=0&cs_it=b2&cv=3.8.0.210223&ns__t=1644440411893&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&c8=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&c9=
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:11 GMT
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: JXviXClOjkwX8FJUfPMGCUEzibnFBsUrltvu5vp98HQ0mKWGR3EF2Q==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/functions/ 982 B
1 KB 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b3a0468ca1d69210db78aefafae46d1fd7efe8b3bfb43ac999b9398384b8dea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1750
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 539
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10643-LGB, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.898663,VS0,VE1
etag: "1d81c46f324e4d6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/functions/ 808 B
1 KB 8ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1750
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10620-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.898646,VS0,VE1
etag: "1d81c46f324e428"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 2 KB
2 KB 8ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1750
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 837
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.898912,VS0,VE1
etag: "1d81c46f324ee25"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 2 KB
2 KB 17ms
17ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1750
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 15
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 846
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-cdg20753-CDG
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.903227,VS0,VE1
etag: "1d81c46f324e096"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK gigya.js Show response
cdns.us1.gigya.com/js/ 401 KB
133 KB 115ms
33ms Script
text/javascript 2.18.234.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f2594d20ca331cd25be0f301e7f786b00e5960826e0f4965c0732c5f02f4d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: cecea2df07de49b19754c9fc3eba4a85
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g6
Connection: keep-alive
x-robots-tag: none
Content-Length: 136047
Expires: Wed, 09 Feb 2022 21:15:11 GMT

GET
H/1.1 200
OK gigyaLoggedInChecker.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/common/ 2 KB
2 KB 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/common/gigyaLoggedInChecker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

02930bc2b4c08b3da50de2d03d6374454b0ff8fbe111ae5463964d1bc251c939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1750
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 920
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.908567,VS0,VE1
etag: "1d81c46f324e089"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK oneSignalAdobeTracker.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 907 B
1 KB 8ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/oneSignalAdobeTracker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1750
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 387
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10667-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.908666,VS0,VE1
etag: "1d81c46f324e48b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H2 200 s33641580066816 Show response
smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.0-LBWB/ 7 KB
8 KB 40ms
39ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.0-LBWB/s33641580066816?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=9%2F1%2F2022%2021%3A0%3A11%203%200&d.&nsid=0&jsonv=1&.d&sdid=0C85AB603D6285CC-3DDC9B284C5BC338&mid=06633606513197547491228437161588345868&aamlh=6&ce=UTF-8&pageName=rams%3Astadium%3Astadium%3Asofi-stadium&g=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&c.&visitorAPI=VisitorAPI%20Present&.c&cc=USD&ch=stadium&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=stadium&v2=rams%3Astadium%3Astadium%3Asofi-stadium&v3=stadium&v4=false&c8=stadium&c12=desktop&v14=stadium&v20=2.0.0.0&c22=nflclubsrams&v24=desktop&v25=nflclubsrams&c33=rams&v33=rams&c48=pv&v48=english&c49=NFL%20Clubs%20-%20Launch%7Cv20200225%7C2.22.0%7C5.2.0%7C2021-12-23T00%3A09%3A53Z%7CServer%20Side%20ID%7C2.4.1&c50=D%3Dmid&v50=D%3Dmid&c51=D%3Dv49&c52=D%3Dv9&v57=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&c67=sofi-stadium&v67=desktop&c71=Launch&c72=D%3Dv57&c73=D%3Dv73&v73=www.therams.com&v83=sofi-stadium&v88=deltatre&v94=standard%20article&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

4e8f48fd9bcf5e8ca301b17c4c178ecb3fbab19245fd7b244c5f2cf163298790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-aam-tid: LSdrl+dRSFs=
date: Wed, 09 Feb 2022 21:00:11 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 7501
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v027-0612854b5.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Thu, 10 Feb 2022 21:00:11 GMT
server: jag
xserver: anedge-cdfbd77b-rmcrs
etag: 3531408893425057792-4619930157515191666
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 08 Feb 2022 21:00:11 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
16ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1382009127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&ul=en-us&de=UTF-8&dt=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=679331019&gjid=901165215&cid=1526685266.1644440412&tid=UA-122484269-1&_gid=458912561.1644440412&_r=1&gtm=2ou270&z=1718670719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1382009127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&ul=en-us&de=UTF-8&dt=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GDAAUABAAAAAC~&jid=&gjid=&cid=1526685266.1644440412&tid=UA-122484269-1&_gid=458912561.1644440412&gtm=2ou270&z=444291338

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 19:39:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4868
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=7665900717572138239
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7665900717572138239

42 B
943 B

32ms
32ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=7665900717572138239

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-02c14aa4a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lg1k/C5LRfk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=7665900717572138239
pragma: no-cache
date: Wed, 09 Feb 2022 21:00:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 93 B
898 B 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1749
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.949189,VS0,VE1
etag: "1d81c46f324e75d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/ 180 B
942 B 150ms
149ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1750
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, MISS
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-cdg20753-CDG
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.954119,VS0,VE133
etag: "1d81c46f324e7b4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 1, 0

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 530 B
1 KB 8ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1749
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10657-LGB, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.950788,VS0,VE1
etag: "1d81c46f324e512"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK gigyaHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 3 KB
2 KB 9ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/gigyaHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

798e9911a02d8cc29927bfceb1f617e25d4e8e4fb5435140419c6236f7b7f5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1749
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1178
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10745-LGB, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.951642,VS0,VE1
etag: "1d81c46f324ec07"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/ 465 B
1 KB 15ms
9ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b25cb256e8187eba8e3e63bc4d6bb8faf1aa6ba285c63d31eb9e85100bfc5de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1749
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 241
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10657-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.957378,VS0,VE1
etag: "1d81c46f324e6d1"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/ 2 KB
2 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/?random=1644440411948&cv=9&fst=1644440411948&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&tiba=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b663582a9efae444143d4937121293634fae2d66168d33f721f23a145675e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 68ms
8ms Image
image/svg+xml 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 519184
X-Cache: HIT, HIT
Server-Timing: fastly;dur=4;cpu=0;start=2022-02-03T20:47:06.668Z;desc=hit,rtt;dur=0
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Content-Length: 3390
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
X-Served-By: cache-iad-kcgs7200080-IAD, cache-hhn4032-HHN
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1644440412.017592,VS0,VE1
Date: Wed, 09 Feb 2022 21:00:12 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK efcje9kfaeyt2wsflhil
static.clubs.nfl.com/image/private/f_auto/rams/ 203 KB
204 KB 25ms
25ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/efcje9kfaeyt2wsflhil
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d846793f4bd5253e13d58e1f45160575835a9ac8091d78654067c7bc5aea13eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:11 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1758888
Edge-Cache-Tag: 574716032961607108415918991315851948435,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 574716032961607108415918991315851948435,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="efcje9kfaeyt2wsflhil.webp"
Connection: keep-alive
Content-Length: 207938
X-Served-By: cache-iad-kcgs7200134-IAD, cache-iad-kiad7000153-IAD, cache-cdg20731-CDG
X-Cache: HIT, HIT, HIT
Last-Modified: Thu, 19 Aug 2021 18:04:45 GMT
Server: cloudinary
X-Timer: S1644440412.970191,VS0,VE3
Etag: "41d37058a71a53ce2068ab00e9feaa4b"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H3 200 604658169716205 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 166ms
154ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/604658169716205?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6540382757a178aae4e2cda77f8c8634e72c93dc80e27cb1435862eac6100203

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: B+yCYarFxZ6yKFTI9zabGhItwf700y7XybSX6pkMDxUCEHLvFwBATbKFnCbTKispNgvfby0W5MJDGCVWkHMfaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 09 Feb 2022 21:00:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 5 KB
3 KB 9ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

229a2534529014c8d62688d11f598a6bfb826f82054827f6ab6633e186a608d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1749
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1979
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10680-LGB, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.968165,VS0,VE0
etag: "1d81c46f324f2d4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 3

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 2 KB
2 KB 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1749
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10742-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.968925,VS0,VE1
etag: "1d81c46f324e0cf"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK smoothScroller.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 2 KB
1 KB 9ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/smoothScroller.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1722
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 742
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.977485,VS0,VE1
etag: "1d81c46f324e117"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/jquery/ 105 KB
40 KB 7ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/jquery/jquery-3.6.0.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1742
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 39864
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10627-LGB, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.977581,VS0,VE0
etag: "1d81c46f32543e7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122484269-1&cid=1526685266.1644440412&jid=679331019&gjid=901165215&_gid=458912561.1644440412&_u=YEBAAUAAAAAAAC~&z=803758692

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Feb 2022 21:00:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sha256.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/sha256/ 9 KB
5 KB 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/sha256/sha256.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1742
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3888
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.997561,VS0,VE0
etag: "1d81c46f324c439"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 4

GET
H/1.1 200
OK nflTokenHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/nflTokenHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c98366a87bd0007a24b135bf9c39038ff3d7ea8d4c77f4222aa834f747afc6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1742
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1551
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10732-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.997935,VS0,VE1
etag: "1d81c46f324f7d5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:11 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/clubs/ 1 KB
1 KB 7ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/clubs/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2a44537ffe33c438fcc6f49f4ee6a02be0daa467010273f3c10f8101bd570073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1742
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 575
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10652-LGB, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.001329,VS0,VE1
etag: "1d81c46f324e329"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1742
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.006045,VS0,VE1
etag: "1d81c46f324e120"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK smooth-scroll.polyfills.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/smooth-scroll/ 6 KB
4 KB 9ms
9ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/smooth-scroll/smooth-scroll.polyfills.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1721
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2828
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.006587,VS0,VE1
etag: "1d81c46f324fe72"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK md5.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/md5/ 4 KB
2 KB 7ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/md5/md5.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1741
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1714
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10630-LGB, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.009057,VS0,VE0
etag: "1d81c46f324e826"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 0, 2

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/js-cookie/ 2 KB
2 KB 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1742
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10643-LGB, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.017482,VS0,VE0
etag: "1d81c46f324e0e6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 0, 3

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/jquery/plugins/ 803 B
1 KB 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1741
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.018284,VS0,VE0
etag: "1d81c46f324e423"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 2

GET
H2 200 /
www.google.com/pagead/1p-user-list/861929325/ 42 B
548 B 45ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/861929325/?random=1644440411948&cv=9&fst=1644440400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&tiba=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=4118800497&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/861929325/ 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/861929325/?random=1644440411948&cv=9&fst=1644440400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&tiba=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=4118800497&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/autocomplete/ 13 KB
6 KB 7ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1741
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.026539,VS0,VE0
etag: "1d81c46f324d59b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK deferredService.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/services/ 751 B
1 KB 9ms
9ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/services/deferredService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1742
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 402
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.029021,VS0,VE0
etag: "1d81c46f324e5ef"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 3

GET
H/1.1 200
OK stringHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 586 B
1 KB 8ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/stringHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1741
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 392
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10635-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.032638,VS0,VE1
etag: "1d81c46f324e54a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK dateHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 287 B
1 KB 9ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/dateHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1741
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 202
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10730-LGB, cache-hhn4044-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.035115,VS0,VE1
etag: "1d81c46f324e61f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK objectHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 395 B
1 KB 7ms
7ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/objectHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1741
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 262
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4047-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.036508,VS0,VE1
etag: "1d81c46f324e68b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK locationHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 995 B
1 KB 8ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/locationHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2bc1e39bc42a6b22ca0750f79347faf3d5720cccd8a3d611682dc53f715c82dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1741
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 502
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10733-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276004
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644440412.041138,VS0,VE1
etag: "1d81c46f324e4e3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 21:00:12 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2022020921001200090982919771
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=06843398865598062741245157783431098547&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022020921001200090982919771

42 B
943 B

38ms
38ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022020921001200090982919771

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-096e6021a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OY+q02zwRlU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022020921001200090982919771
pragma: no-cache
date: Wed, 09 Feb 2022 21:00:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 09 Feb 2022 21:00:12 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1526685266.1644440412&jid=679331019&_u=YEBAAUAAAAAAAC~&z=1955413213

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1526685266.1644440412&jid=679331019&_u=YEBAAUAAAAAAAC~&z=1955413213

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK izdpunlxatdhczal942d.jpg
static.clubs.nfl.com/image/upload/v1643617485/rams/ 473 KB
474 KB 18ms
18ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/v1643617485/rams/izdpunlxatdhczal942d.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c0a91f38e7d188fe81ce0bd28ba637577863b8dd5618d651d7a011a8172680f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 822692
Edge-Cache-Tag: 536327977121421022919912739173439948055,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 536327977121421022919912739173439948055,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 484145
X-Served-By: cache-iad-kiad7000140-IAD, cache-iad-kcgs7200071-IAD, cache-cdg20731-CDG
Last-Modified: Mon, 31 Jan 2022 08:24:46 GMT
Server: cloudinary
X-Timer: S1644440412.070129,VS0,VE2
Etag: "40376bcd9cb81634b3e76f3fbad237b1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK pfzqqwyhguxgqvxd89cd.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/ 22 KB
23 KB 7ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/pfzqqwyhguxgqvxd89cd.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0d387e0a5b706be9dafcb05e88b47197fc3a04e37bf3674507432ae754d0c0b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2981205
Edge-Cache-Tag: 372951776681891745206645328894684630372,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 372951776681891745206645328894684630372,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="pfzqqwyhguxgqvxd89cd.webp"
Connection: keep-alive
Content-Length: 22888
X-Served-By: cache-iad-kjyo7100171-IAD, cache-iad-kjyo7100027-IAD, cache-hhn4069-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 17 Dec 2021 23:20:14 GMT
Server: cloudinary
X-Timer: S1644440412.066197,VS0,VE1
Etag: "5ca3cbf356059cdfb8a61595be959e9c"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK lwsr9kpjckkvyhp1uegl.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/ 26 KB
27 KB 8ms
8ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/lwsr9kpjckkvyhp1uegl.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5bad87b8d37ffcfbf7ac14becab03964573366353388a7dd80825da4d3cceea1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2971625
Edge-Cache-Tag: 561948427067237913989577602717750212885,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 561948427067237913989577602717750212885,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 26510
X-Served-By: cache-iad-kiad7000135-IAD, cache-iad-kjyo7100039-IAD, cache-hhn4020-HHN
Last-Modified: Thu, 16 Dec 2021 01:14:13 GMT
Server: cloudinary
X-Timer: S1644440412.067094,VS0,VE1
Etag: "ba531fdd13b1e4c09502c8efaec3cd38"
Vary: X-NFL-Image-Support
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK br1oukintwzib84ykrha.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/ 52 KB
53 KB 8ms
7ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/br1oukintwzib84ykrha.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c92e958b151f13f6e0ad4998d6c3c0c9bd276f3c261654ec8e1fe6da6efd2e96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1486629
Edge-Cache-Tag: 533685290724722026365348896775649987849,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 533685290724722026365348896775649987849,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 53455
X-Served-By: cache-iad-kcgs7200100-IAD, cache-iad-kiad7000157-IAD, cache-hhn4046-HHN
Last-Modified: Wed, 21 Jul 2021 15:22:35 GMT
Server: cloudinary
X-Timer: S1644440412.066963,VS0,VE1
Etag: "9525e2d9c85ecece2d6e4d8e7e127ebf"
Vary: X-NFL-Image-Support
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK qydqex97rx1x6o4w53ml.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/ 30 KB
31 KB 10ms
9ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/qydqex97rx1x6o4w53ml.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 690507500538e422ee1d1707573b3b3acfd7a57674e1d1234f87c8ee5f587d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1733436
Edge-Cache-Tag: 561970991575272472998702031147990830514,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 561970991575272472998702031147990830514,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 31071
X-Served-By: cache-iad-kjyo7100034-IAD, cache-iad-kiad7000171-IAD, cache-hhn4054-HHN
Last-Modified: Wed, 07 Jul 2021 22:03:14 GMT
Server: cloudinary
X-Timer: S1644440412.070188,VS0,VE1
Etag: "9e2de7ca249a1b40909b7ac496af57d1"
Vary: X-NFL-Image-Support
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 27ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=265163127283621&ev=Adobe-Audience-Manager-Segment&cd[segID]=8512423&noscript=1

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 09 Feb 2022 21:00:12 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ 4 KB
2 KB 146ms
100ms Fetch
text/javascript 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-19.fra56.r.cloudfront.net
Software: /
Resource Hash: aca77db15be14b0832623098ff64902c6caff280f56e411c347e5cc17cedf64f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1511
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
x-callid: 229135d2f3dd4b2a85e722cf9a5a6a63
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g18
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: eZk9TEhtmm-m5X8R2h7AQFsQQlxhJlz-_dKzNlMvjnUjctWRzWorJg==

GET /
adb2waycm-atl.netmng.com/cm/ Frame AEFE 0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604658169716205&ev=PageView&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&rl=&if=false&ts=1644440412170&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644440412169.1761717898&it=1644440411960&coo=false&dpo=&exp=p0&rqm=GET

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 09 Feb 2022 21:00:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=971204136971632&ev=Adobe-Audience-Manager-Segment&cd[segID]=8512423;18940937&noscript=1

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 09 Feb 2022 21:00:12 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEEDTYwf7sUI33l-ERafmTWg&google_cver=1
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDY4NDMzOTg4NjU1OTgwNjI3NDEyNDUxNTc3ODM0MzEwOTg1NDc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEDTYwf7sUI33l-ERafmTWg&google_cver=1?gdpr=0&gdpr_consent=

42 B
949 B

47ms
43ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEDTYwf7sUI33l-ERafmTWg&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v032-02cdee2a6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZwATCDxrTUI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEDTYwf7sUI33l-ERafmTWg&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Api.aspx Show response
auth-id.nfl.com/gs/webSdk/ Frame 57BB 111 KB
40 KB 118ms
97ms Document
text/html 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-19.fra56.r.cloudfront.net

Software

Resource Hash

220e74313fe444d28375d73fda37d0adbf38a1b3e80c76963e5521850889d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 40238
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_748934946734,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g9
x-callid: 8fee771a0f7f46f092ec2262cab44327
date: Wed, 09 Feb 2022 21:00:12 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: iU1ZhdHvPBoDkoekUUSHwGT-uVR5Ed9gulputZrgVNwLDkeAtdBGLg==

GET
H2 200 adsct
analytics.twitter.com/i/ Frame AEFE 43 B
353 B 158ms
115ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=06843398865598062741245157783431098547&p_id=38594

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 09 Feb 2022 21:00:11 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 4ed409f4212d73ad329618d2226f6049786c4af7aa14fac90134d1b06fe7100f
content-length: 43

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 57BB 4 KB
2 KB 275ms
275ms Fetch
text/javascript 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-19.fra56.r.cloudfront.net
Software: /
Resource Hash: aca77db15be14b0832623098ff64902c6caff280f56e411c347e5cc17cedf64f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1511
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-callid: 229135d2f3dd4b2a85e722cf9a5a6a63
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g18
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bRexo7Em_jPCt18bXAtI2lWXVWh_MgOz3SrPCAt93FYf8xTP9m-7BQ==

GET
H2 200 5191967.js Show response
js.hs-analytics.net/analytics/1644440400000/ 62 KB
20 KB 375ms
308ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1644440400000/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f8cc3fcb56bb648341abb1e3b43c0089f0c67f07b5250fc2998bcfeaab34fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: BYF354AJCJ4QGDHQ
x-amz-server-side-encryption: AES256
cf-ray: 6db006a22bde59fb-MXP
x-amz-id-2: WLMrpJx38ywncpwjO+xVKZyJrijWwDFepjo7rCOpT88CGQob9SJL4zPZ7rBF6pLgb7ogHHZ09A4=
last-modified: Mon, 19 Jul 2021 15:06:58 GMT
server: cloudflare
etag: W/"fe913999162c2c133c99e38a8bd81d12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 09 Feb 2022 21:05:12 GMT

GET
H2 200 5191967.js Show response
js.hs-banner.com/ 61 KB
16 KB 564ms
498ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81f1adb70a2c570ba58635581181e8678244887f8e9a3bf50b703368f211948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: F9YBJ1VV9PC3DM8M
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: EsuFsiyPTRE7had5bhxiKhOfyMpg/rgnyVyH8AM10WTfSlu3pfj6aPw15p69V/LZVUmdhLQZfB0=
timing-allow-origin: *
last-modified: Tue, 08 Feb 2022 23:44:45 GMT
server: cloudflare
etag: W/"bc95876d2d9b3bddcf76b200021f4390"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: gRbvMTzJhPs1HCk8BWkh37esu2d9MsL.
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6db006a22f4bd608-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 09 Feb 2022 21:05:12 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 135ms
57ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a077659f2a6ddd4ef5faeeddb3a11f35f9e06e9d7e4983e9b6b94ae4f0c3736

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:12 GMT
via: 1.1 9557da2570df16242f84a67f254d7f30.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 18070
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1076/bundle/main/lead-flows-release.js&cfRay=6dae4d752c8c375c-MXP
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 26 Jan 2022 02:14:13 UTC
server: cloudflare
etag: W/"e38a58bd3c6f3ee06e3815b92e4f051d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: tJ1VrBqTbfMgHAdgAnHHYVgYsiJaQlJ4
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6db006a24a6f59e9-MXP
x-amz-cf-id: A3q1D4e80UZUE9GeyOeJ0_m0yeFCXQw8MQKxNJIWjdn1yHZyF3ZbxQ==
x-hs-target-asset: lead-flows-js/static-1.1076/bundle/main/lead-flows-release.js

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame AEFE
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEFtmSJmWo9qMrYyDgRQJ2bE&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

30ms
29ms

Image
image/png

54.194.183.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 54.194.183.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-183-173.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 21:00:12 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame AEFE
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEF...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

54.194.183.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 54.194.183.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-183-173.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b51f-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 21:00:12 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame AEFE
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
29ms

Image
image/png

54.194.183.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 54.194.183.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-183-173.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 21:00:12 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 54BA 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.therams.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.therams.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Wed, 09 Feb 2022 21:00:12 GMT

GET
H2 200 accounts.webSdkBootstrap Show response
auth-id.therams.com/ 199 B
1 KB 494ms
397ms XHR
text/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&sdk=js_latest&sdkBuild=12833&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: /
Resource Hash: 1f5a4e7e05619704f76cf69ddd2c8ddac8d362033aa1f1cec607109818ba0590

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
x-soa: true, Gator
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
content-length: 167
access-control-allow-origin: https://www.therams.com
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-callid: d9256bd2bbda4b1bb1ca07231e4fd3c4
cache-control: private
x-server: us1d-nomad-g1
access-control-allow-credentials: true
x-robots-tag: none
x-amz-cf-id: J2ZEatN0UemdEN5pDGJyJCRybYLaHaiLdDQJLEwBxqEh7ZBxdhQPIA==

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame AEFE
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

54.194.183.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 54.194.183.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-183-173.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 21:00:12 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame AEFE
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

54.194.183.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 54.194.183.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-183-173.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:12 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 21:00:12 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=0065ceb9-cdf9-44e9-87db-a7d5888f7ba7
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=0065ceb9-cdf9-44e9-87db-a7d5888f7ba7

42 B
943 B

32ms
32ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=0065ceb9-cdf9-44e9-87db-a7d5888f7ba7

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0213a5377.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MI9JKtYESeg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=0065ceb9-cdf9-44e9-87db-a7d5888f7ba7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 analytics.php Show response
rams.formstack.com/forms/ 0
323 B 439ms
439ms Script
application/javascript 18.66.122.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rams.formstack.com/forms/analytics.php?f=3301834&a=fv&m=embedded

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_3ca069828f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-21.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P2
x-frame-options: sameorigin
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-id: tF2AEblVvxfAWSAwPU5DVZ3_pyma0zzPhbrqKBgQpxxvnJ-yQE0pIQ==

GET
H2 200 fsa.js Show response
analytics.formstack.com/js/ 53 KB
13 KB 62ms
7ms Script
application/javascript 2600:9000:236e:b000:6:4f98:bc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.formstack.com/js/fsa.js
Requested by: Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/scripts_0d92d709f3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:b000:6:4f98:bc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3932e62b4ca1e14d91eaeff13bc9b5c8519b08083bd2f6748fd44877693f526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 08:21:36 GMT
content-encoding: gzip
last-modified: Tue, 17 Apr 2018 16:12:22 GMT
server: AmazonS3
age: 45519
etag: W/"b33155f4d362b9a36ea18bee95c0797a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: c5QJpCIb3Gj8b7JGT04VGO-ulTfayp4mROD5PVddWCgk4uZ5eanjKg==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
962 B 234ms
189ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=5191967&rcu=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&pu=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&t=SoFi+Stadium+%7C+Los+Angeles+Rams+-+therams.com&cts=1644440413011&vi=f6401071c3106f5902698b7def54650a&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 08fba313-9c8d-4009-9491-6a4ea3fbe676
cf-ray: 6db006a5abec0f86-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljoueKl4rDPiuYoqTNefN%2B6A2zGaWqpytsjpq8uwYpFbBXNIIOXUjuJ9BZxYOMSBBeXs%2BM34dlEdQhmgy58WDBd7Scrjv1gN3TKmTP0Ye%2BeN0PsLAjmvDaeo8S3t8MvBzblKdrHF0pLA0UHG5u3L"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1382009127&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&ul=en-us&de=UTF-8&dt=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEABCAAAAC~&jid=1802897357&gjid=440012587&cid=1526685266.1644440412&tid=UA-122484269-1&_gid=458912561.1644440412&_r=1&_slc=1&z=1318833082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1382009127&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&ul=en-us&de=UTF-8&dt=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Formstack%20Form%203301834&ea=view&_u=AACAAEABCAAAAC~&jid=&gjid=&cid=1526685266.1644440412&tid=UA-122484269-1&_gid=458912561.1644440412&z=763995015

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 19:39:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4870
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 370ms
319ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5191967&utk=f6401071c3106f5902698b7def54650a&__hstc=121074455.f6401071c3106f5902698b7def54650a.1644440413009.1644440413009.1644440413009.1&__hssc=121074455.1.1644440413009&currentUrl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d8fd8190953b8b190884ac17db75416de34a29419327bd63bd068bbd2073a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5acb5452-492f-4125-8247-5d294d18c02b
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n42%2FfwUw7hPwlM4M0Me%2BwTMQBfjsZiTm3ls%2BJsY5PKRDcUzAIFC4tZTBvqVrDaH5dHXtmwhLKVOTMwFqcoIgYuji2vclRTuQiTp1I92QZ4RUlyqFJe73Gn79N%2BtwjUS7vIWj1bXse4nn7mrJw0E"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6db006a5d8d70f76-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 41ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122484269-1&cid=1526685266.1644440412&jid=1802897357&gjid=440012587&_gid=458912561.1644440412&_u=AACAAEAACAAAAC~&z=821264515

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Feb 2022 21:00:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

sync
pixel.advertising.com/ups/28/ Frame AEFE
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=06843398865598062741245157783431098547&_origin=1&redir=true
https://pixel.advertising.com/ups/28/sync?uid=06843398865598062741245157783431098547&_origin=1&redir=true&verify=true

0
255 B

8ms
8ms

Image
text/plain

54.93.153.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/28/sync?uid=06843398865598062741245157783431098547&_origin=1&redir=true&verify=true

Protocol

Server

54.93.153.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-153-188.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/28/sync?uid=06843398865598062741245157783431098547&_origin=1&redir=true&verify=true
date: Wed, 09 Feb 2022 21:00:13 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
30ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1526685266.1644440412&jid=1802897357&_u=AACAAEAACAAAAC~&z=1045414953

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
31ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1526685266.1644440412&jid=1802897357&_u=AACAAEAACAAAAC~&z=1045414953

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame AEFE
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRcld3QUFBSXNMNHdReg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
30ms

Image
image/png

54.194.183.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.194.183.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-183-173.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:13 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 21:00:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 1024 78 KB
28 KB 99ms
98ms Document
text/html 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-19.fra56.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g1
x-callid: f28bad3b3315435a91e71bd5360fe37d
date: Wed, 09 Feb 2022 21:00:13 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: fKod7IJwxkw4zDxhKIeDDzUmSKbBB16oyFU367m1nktFcRiMAQ85hQ==

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 1A4F 78 KB
28 KB 96ms
96ms Document
text/html 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-19.fra56.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g1
x-callid: f28bad3b3315435a91e71bd5360fe37d
date: Wed, 09 Feb 2022 21:00:13 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: bIAzkJvlqDsrUe2PDcEDSa9BK_GI-55FlPI5ZhBrBF3cI69TS9u5iw==

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=AG6bMn04T9ocM5Gz9lWdjWVcNd-xIYhq&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AG6bMn04T9ocM5Gz9lWdjWVcNd-xIYhq&gdpr=0&gdpr_consent=

42 B
943 B

33ms
32ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AG6bMn04T9ocM5Gz9lWdjWVcNd-xIYhq&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0a9aa4bb8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: HHQqklHsRy0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AG6bMn04T9ocM5Gz9lWdjWVcNd-xIYhq&gdpr=0&gdpr_consent=
date: Wed, 09 Feb 2022 21:00:13 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3622
content-length: 227
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 1024 4 KB
2 KB 97ms
96ms Fetch
text/javascript 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-19.fra56.r.cloudfront.net
Software: /
Resource Hash: c50cd0fcda1c3a9c3ced819919da0d333fc17890114e992d0bbe306c6cda690c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1504
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-callid: 533c7a75b9b94a3da549edf0164091cb
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g12
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Y0orWdsQ9p3hKgjMGkcz5jsOwSV1KDhOQvk5TAFacdFPW-sxq8ySBg==

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=06843398865598062741245157783431098547&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
961 B

31ms
30ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0dba01a99.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: mi4pK92CSio=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Wed, 09 Feb 2022 21:00:13 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 1A4F 4 KB
2 KB 276ms
276ms Fetch
text/javascript 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-19.fra56.r.cloudfront.net
Software: /
Resource Hash: c50cd0fcda1c3a9c3ced819919da0d333fc17890114e992d0bbe306c6cda690c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1504
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-callid: 533c7a75b9b94a3da549edf0164091cb
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g12
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2b9a8sOY8AmZPufxxfuLPOD9XJr6MHv6sZSEeyOvsm_CLElEzg_NNA==

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=06843398865598062741245157783431098547&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-BXxcQFNE2pGrYC6UtdEaPhQIZsSiCpLHTKs-~A

42 B
943 B

34ms
34ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-BXxcQFNE2pGrYC6UtdEaPhQIZsSiCpLHTKs-~A

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-08f66671e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yGlWkvoNS8Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 09 Feb 2022 21:00:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-BXxcQFNE2pGrYC6UtdEaPhQIZsSiCpLHTKs-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 v2
odr.mookie1.com/t/ Frame AEFE 43 B
324 B 33ms
16ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=06843398865598062741245157783431098547&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame AEFE
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YgQrWwAAAIsL4wQz&sigv=1&esig=1~b55b5969982640f56d315b3ce4d321e789ae46f3

0
194 B

75ms
21ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YgQrWwAAAIsL4wQz&sigv=1&esig=1~b55b5969982640f56d315b3ce4d321e789ae46f3

Protocol

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YgQrWwAAAIsL4wQz&sigv=1&esig=1~b55b5969982640f56d315b3ce4d321e789ae46f3
Date: Wed, 09 Feb 2022 21:00:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWdRcld3QUFBSXNMNHdReg==

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWdRcld3QUFBSXNMNHdReg==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644440414.814245,VS0,VE0
x-served-by: cache-hhn4058-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWdRcld3QUFBSXNMNHdReg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame B19D 78 KB
28 KB 97ms
97ms Document
text/html 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-19.fra56.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g1
x-callid: f28bad3b3315435a91e71bd5360fe37d
date: Wed, 09 Feb 2022 21:00:13 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: NPRkjXqyvAQ14OXxOjTJyhrQaEsV98_pKnQUbeSmd8NRnd-hQTW30A==

GET
H2 200 client.js Show response
apis.google.com/js/ 13 KB
6 KB 68ms
45ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

935853b8f0d3a5ff638c5e615585e6202897241974297ee51126ed55c16462f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gDdDGRmtU03q2L+fYulB0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "95c92ebd9be63638ae6eb987d4a89f2a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-gDdDGRmtU03q2L+fYulB0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 09 Feb 2022 21:00:13 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fe8d1049cdc37e5a99e41c07348b0d9ebceffc1f45cd555ff418e0f391cdfd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dxkazSgasJAD6sSIPrOFqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Feb 2022 21:12:29 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: vC/7Ret9zwDVuvmQtn+fcfd6M/8dRyvDfTvGrQUYgUk5v2gNBT1FxsM9Vc904BpmXaia8/qjz4Cx6ddU91SmqA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 27e805dd5586ee38196a6c04a399e172
date: Wed, 09 Feb 2022 21:00:13 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5c97fa0d80a515a25266b9b39bcab371"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d78246b58f98f96bb9767949a9f05fbd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a224c6dd7a17529c46010e3c2e7bcda012e1e22ec2cf9168962e343c7c267d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KqgLb+pAmwbshbKL/EDGOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 09 Feb 2023 18:46:45 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82099
x-fb-rlafr: 0
x-fb-debug: gFoI6W0pio44iq4cHkOryf3/Be/S2aHGqZ5f7QafzuuYOMOf+68H1YDuDTM9ippSjwZUwzvbthcyEZw6EJKNbQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 35bfb16db141a7d3cdeba5e6f2e9b189
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 21:00:13 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "888cd5e759a25209d1ac724a736210aa"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame AEFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YgQrWwAAAIsL4wQz&expires=90

0
239 B

38ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YgQrWwAAAIsL4wQz&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644440414.881742,VS0,VE0
x-served-by: cache-hhn4058-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YgQrWwAAAIsL4wQz&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 112ms
112ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d78246b58f98f96bb9767949a9f05fbd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: XfxRYMstYpIjzrWIziwxGUMYuHHIq5wtp7YEvvy6Ryn8GuKII/T7AYh5nfXRVSh2oAOMk5Uq5aJ5BcQSjGm75Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Wed, 09 Feb 2022 21:00:13 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 311 KB
105 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb40a0de5789dfa39d78fc18f500b732ab0ba79f38ef4c892d8be42699e88350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 05:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 05:51:54 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame B19D 4 KB
2 KB 366ms
366ms Fetch
text/javascript 52.222.236.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-19.fra56.r.cloudfront.net
Software: /
Resource Hash: c50cd0fcda1c3a9c3ced819919da0d333fc17890114e992d0bbe306c6cda690c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:14 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1504
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-callid: 533c7a75b9b94a3da549edf0164091cb
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g12
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4rrIjWKfzaqHX6KTS3Aklj5Di6vRMtDE2-7vzra-alJ_j_EieNMzlg==

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AEFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQrWwAAAIsL4wQz
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQrWwAAAIsL4wQz&C=1

43 B
1003 B

41ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQrWwAAAIsL4wQz&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 21:00:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Feb 2022 21:00:14 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 21:00:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQrWwAAAIsL4wQz&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Wed, 09 Feb 2022 21:00:14 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame AEFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YgQrWwAAAIsL4wQz

43 B
1011 B

39ms
39ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YgQrWwAAAIsL4wQz

Protocol

HTTP/1.1

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 21:00:14 GMT
X-Proxy-Origin: 193.27.14.42; 193.27.14.42; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 00d6ef96-6ca3-409d-9f1d-36e3afe22081
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644440414.087090,VS0,VE0
x-served-by: cache-hhn4058-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YgQrWwAAAIsL4wQz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame AEFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgQrWwAAAIsL4wQz

43 B
274 B

38ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgQrWwAAAIsL4wQz
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:14 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644440414.185418,VS0,VE0
x-served-by: cache-hhn4058-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgQrWwAAAIsL4wQz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AEFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgQrWwAAAIsL4wQz

1 B
546 B

475ms
156ms

Image
text/html

104.36.113.17
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgQrWwAAAIsL4wQz
Protocol: H2
Server: 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:00:13 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug001:0:316
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644440414.285220,VS0,VE0
x-served-by: cache-hhn4058-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgQrWwAAAIsL4wQz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame AEFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQrWwAAAIsL4wQz&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQrWwAAAIsL4wQz&img=1&__user_check__=1&sync_id=47148dec-89eb-11ec-ab93-1d37f49c0106

43 B
549 B

301ms
301ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQrWwAAAIsL4wQz&img=1&__user_check__=1&sync_id=47148dec-89eb-11ec-ab93-1d37f49c0106
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 21:00:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 139
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 09 Feb 2022 21:00:14 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YgQrWwAAAIsL4wQz&img=1&__user_check__=1&sync_id=47148dec-89eb-11ec-ab93-1d37f49c0106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 14
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame AEFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YgQrWwAAAIsL4wQz&t=2592000&o=0

43 B
71 B

109ms
109ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YgQrWwAAAIsL4wQz&t=2592000&o=0

Protocol

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 13:00:14 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: lZnx4LSkVDunabOPln6MJiZr5UQp2m/U+0zGwzwshYFs0inLJ9VOAku2YhhibNN5GNG8dGqsFxXgxe0OyD4uxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Wed, 09 Feb 2022 13:00:14 PST

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644440414.487368,VS0,VE0
x-served-by: cache-hhn4058-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YgQrWwAAAIsL4wQz&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame AEFE 43 B
231 B 36ms
16ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Wed, 09 Feb 2022 21:00:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1644440415.608558,VS0,VE10
x-served-by: cache-fra19175-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame AEFE
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
961 B

31ms
31ms

Image
image/gif

3.248.86.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

3.248.86.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-86-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0654e5006.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,300
X-TID: 4eJ+IMHrQ60=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 21:00:14 GMT
server: istio-envoy
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AEFE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=xOLEWJRBRGG8DuiRhdywqA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=06843398865598062741245157783431098547

43 B
556 B

110ms
110ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=06843398865598062741245157783431098547

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 21:00:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VBGM6BK083X3VZ8XSWQD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v027-06abf313b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ntzgzvSGQaM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=06843398865598062741245157783431098547
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therams.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 05:06:32	Name: demdex Value: 06843398865598062741245157783431098547
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 09:32:56	Name: everest_g_v2 Value: g_surferid~YgQrWwAAAIsL4wQz
.dpm.demdex.net/	1970-01-20 05:06:32	Name: dpm Value: 06843398865598062741245157783431098547
.therams.com/	1970-01-20 18:21:25	Name: mbox Value: session#e087b5b369774c0084aae80b107a72b4#1644442272\|PC#e087b5b369774c0084aae80b107a72b4.37_0#1707685212
.therams.com/	1970-01-20 18:18:32	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19033%7CMCMID%7C06633606513197547491228437161588345868%7CMCAAMLH-1645045211%7C6%7CMCAAMB-1645045211%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1644447611s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19040%7CvVersion%7C5.2.0
.mathtag.com/	1970-01-20 10:13:15	Name: uuid Value: 95606204-2b5b-4700-824c-1de8a0532384
.exelator.com/	1970-01-20 03:40:08	Name: EE Value: "c292513ed59440596c2534c1796d009f"
static.formstack.com/	1970-01-20 00:57:25	Name: AWSALBCORS Value: z3uS92MG6Cm/69OEZ9WZQAJVbMOIcEta0GvlOA7ON/x6+2b1oKz/5c27SBfEYavQitHPymHOnMIsCUVtrAySTrEhwx0S3Ry+hm5p1m2J7b02pUzJ9KKXFTZk0TJ2
.exelator.com/	1970-01-20 03:40:08	Name: ud Value: "eJxrXxzq6XKLQSHZyNLI1NA4NcXU0sTEwNTSLNnI1Ngk2dDc0izFwMAybXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvoiF9fFRSlpDItKik8F7y9QBQAvACjb"
.w55c.net/	1970-01-20 10:13:15	Name: wfivefivec Value: hl5vRmAe1NhU4r5
.w55c.net/	1970-01-20 01:30:32	Name: matchdmx Value: 5
.therams.com/	1970-01-20 00:47:22	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.therams.com/stadium/sofi-stadium%22%2C%22sref%22:%22%22%2C%22sts%22:1644440411845%2C%22slts%22:0}
.therams.com/	1970-01-20 10:16:44	Name: _parsely_visitor Value: {%22id%22:%22pid=35255b68638f2448cd7d472ad8d1a49f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1644440411845}
.therams.com/	1970-01-20 02:56:56	Name: _gcl_au Value: 1.1.458729651.1644440412
.adnxs.com/	1970-01-20 02:56:56	Name: uuid2 Value: 292226348082004327
.therams.com/	1970-01-20 00:47:22	Name: s_pv Value: rams%3Astadium%3Astadium%3Asofi-stadium
.therams.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.therams.com/	1970-01-20 18:18:32	Name: _ga Value: GA1.2.1526685266.1644440412
.therams.com/	1970-01-20 00:48:46	Name: _gid Value: GA1.2.458912561.1644440412
.therams.com/	1970-01-20 00:47:20	Name: _gat_gtag_UA_122484269_1 Value: 1
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 12833-3-27407310
.turn.com/	1970-01-20 05:06:32	Name: uid Value: 7665900717572138239
.facebook.com/	1970-01-20 02:56:56	Name: fr Value: 0DNlPTYO73ageKPVL..BiBCtc...1.0.BiBCtc.
.therams.com/	1970-01-20 02:56:56	Name: _fbp Value: fb.1.1644440412169.1761717898
.doubleclick.net/	1970-01-20 10:08:56	Name: IDE Value: AHWqTUlHqwTSpqT_kHYX-LEET8jjiBrA2PfBfmvw_X9mc6DzNweKk0BfVL_9mmsAVm4
.twitter.com/	1970-01-20 18:18:32	Name: personalization_id Value: "v1_uPsPq1uJh4BtSjks4pnp7Q=="
.everesttech.net/	1970-01-20 01:31:58	Name: ev_sync_ax Value: 20220209
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: YgQrXAAAAfMHz3Ol
.auth-id.nfl.com/	1970-01-20 09:32:56	Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: auth-id.therams.com
www.therams.com/	1970-01-20 10:08:56	Name: __hstc Value: 121074455.f6401071c3106f5902698b7def54650a.1644440413009.1644440413009.1644440413009.1
www.therams.com/	1970-01-20 10:08:56	Name: hubspotutk Value: f6401071c3106f5902698b7def54650a
www.therams.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.therams.com/	1970-01-20 00:47:22	Name: __hssc Value: 121074455.1.1644440413009
.therams.com/	1970-01-20 00:47:20	Name: _gat Value: 1
.adsrvr.org/	1970-01-20 09:32:56	Name: TDID Value: 0065ceb9-cdf9-44e9-87db-a7d5888f7ba7
.therams.com/	1970-01-20 18:18:32	Name: FSAV Value: 1263112057.1050178901.1644440413.1644440413.1644440413.1.
.therams.com/	1970-01-20 05:10:08	Name: FSAC Value: 1263112057.1644440413.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)
.adsrvr.org/	1970-01-20 09:32:56	Name: TDCPM Value: CAESEgoDYWFtEgsIhKztq6aGtjoQBRgFIAEoAjILCKSF4di8hrY6EAU4AQ..
.advertising.com/	1970-01-20 09:34:22	Name: APID Value: UP464799d3-89eb-11ec-92ff-0653f2b12958
.therams.com/	1969-12-31 23:59:59	Name: s_ptc Value: pt.rdr%240.00%5E%5Ept.apc%240.00%5E%5Ept.dns%240.00%5E%5Ept.tcp%240.03%5E%5Ept.req%240.45%5E%5Ept.rsp%240.01%5E%5Ept.prc%242.09%5E%5Ept.onl%240.02%5E%5Ept.tot%242.60%5E%5Ept.pfi%241
.auth-id.therams.com/	1970-01-20 09:32:56	Name: gmid Value: gmid.ver4.AcbHjgkRBQ.u3-ydlnDfrP8ZNNsIuO-9URFVIuMDfIgjdCopVR5PD84smui7zBhB3Buyvzo4lDP.Wpda59oZ4ViPGahyx1Umr9cJ9R26UbK4oZ8pejE2LtO_bcbDAYUqVc2yN1eDiSur-BDsXooGfjDiUrZITsa8rA.sc3
.auth-id.therams.com/	1970-01-20 09:32:56	Name: ucid Value: -a8gUeSv5jJYxwa3ZrjPhA
.auth-id.therams.com/	1970-01-20 05:07:55	Name: hasGmid Value: ver4
.therams.com/	1970-01-20 09:32:56	Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ Value: auth-id_ver4
.hubspot.com/	1970-01-20 00:47:22	Name: __cf_bm Value: U6y7TsIjsYSPhKJfnn3PYAGNyB6OGL5s2ATmDESfvqA-1644440413-0-AVsMwKw4jju5pzhdUTW7uYSTSHQfDlQAUUR0PohEQKNR9aFsnsqPIvwPHYpv4N0+n6tIuf8zCFT4k5mIsJk+je8=
.criteo.com/	1970-01-20 10:08:56	Name: uid Value: 9bfcbe5a-75dd-4ce9-bc65-e94feba167fd
.eyeota.net/	1970-01-20 00:47:21	Name: SERVERID Value: 20801~DM
.auth-id.nfl.com/	1970-01-20 09:32:56	Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: false
.auth-id.nfl.com/	1970-01-20 09:32:56	Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: 12833-3-27407310
.yahoo.com/	1970-01-20 09:33:18	Name: A3 Value: d=AQABBF0rBGICELEjQM__o3Ha5IFvhJ-gqJQ&S=AQAAAiVqlo_yNDjVr3Scsc1pFu8
.everesttech.net/	1970-01-20 01:31:58	Name: ev_sync_yh Value: 20220209
.google.com/	1970-01-20 05:10:51	Name: NID Value: 511=B_-t1GSQLxZM7xS5eSC3gDbYLzVKMA5aUpP9kd119K6F-8PHABB7IKq12f8vVpHlcoezd1NPXIIa2DyO0ofgoZHd79tawCynxnpeEwlSu3tKkF6neHdnI87mSNqHIqrLITM4u0R_XVkfTN8GlGqMbrO7drzFkMKBu9MVMpwisW4
.casalemedia.com/	1970-01-20 09:32:56	Name: CMID Value: YgQrXj236WJh67tu711fqgAA
.casalemedia.com/	1970-01-20 02:56:56	Name: CMPS Value: 3236
.adnxs.com/	1970-01-20 02:56:56	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GTyrH=$m!]tbPl1MwL(!R7qUY$+0Cw?3_YWJWx_(dN'D%WSDGH2(!<QG=%9sk?bIRwi:w9Ld1It`)h17Mco/y@Yw#tzpI*SC(b
.casalemedia.com/	1970-01-20 02:56:56	Name: CMPRO Value: 1195
.casalemedia.com/	1970-01-20 00:48:46	Name: CMST Value: YgQrXmIEK14A
.casalemedia.com/	1970-01-20 09:32:56	Name: CMRUM3 Value: 5862042b5e2760YgQrWwAAAIsL4wQz
.spotxchange.com/	1970-01-20 09:33:00	Name: audience Value: 47148db0-89eb-11ec-ab93-1d37f49c0106
.pubmatic.com/	1970-01-20 02:56:56	Name: KRTBCOOKIE_218 Value: 4056-YgQrWwAAAIsL4wQz&KRTB&22978-YgQrWwAAAIsL4wQz&KRTB&23194-YgQrWwAAAIsL4wQz&KRTB&23209-YgQrWwAAAIsL4wQz
.pubmatic.com/	1970-01-20 01:30:32	Name: PugT Value: 1644440413
.pubmatic.com/	1970-01-20 02:56:56	Name: PUBMDCID Value: 1
.demdex.net/	1970-01-20 05:06:32	Name: dextp Value: 269-1-1644440411479\|3-1-1644440411580\|359-1-1644440411685\|358-1-1644440411812\|470-1-1644440411941\|843-1-1644440412046\|640-1-1644440412147\|771-1-1644440412248\|1123-1-1644440412349\|1083-1-1644440412450\|1085-1-1644440412550\|1086-1-1644440412651\|1087-1-1644440412752\|1088-1-1644440412869\|903-1-1644440412970\|6835-1-1644440413071\|19913-1-1644440413172\|28645-1-1644440413273\|30064-1-1644440413374\|30646-1-1644440413474\|30862-1-1644440413575\|83349-1-1644440413676\|144230-1-1644440413777\|144231-1-1644440413877\|144232-1-1644440413978\|144233-1-1644440414079\|144234-1-1644440414180\|144235-1-1644440414281\|144236-1-1644440414382\|144237-1-1644440414483\|147592-1-1644440414584\|152416-1-1644440414686\|139200-1-1644440414787
.amazon-adsystem.com/	1970-01-20 06:24:18	Name: ad-id Value: A6vYbOmno0QHsrmE0r6NlR4
.amazon-adsystem.com/	1970-01-21 21:50:13	Name: ad-privacy Value: 0
.undertone.com/	1970-01-20 09:32:56	Name: UTID Value: e9597346a54b46cf8edf38de7912d0b1
.undertone.com/	1970-01-20 09:32:56	Name: UTID_ENC Value: dtc1nbxdgvgozxnuvn2mzf7w1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.therams.com/stadium/sofi-stadium(Line 49) Message: A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/stadium/sofi-stadium(Line 50) Message: A preload for 'https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1941) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery.min_1d14cd3798.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1942) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery-ui.min_42a497cb9f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1943) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/scripts_0d92d709f3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1944) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/analytics_3ca069828f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1945) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/google-phone-lib_c1e61f3e9c.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1946) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/googleanalytics.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1947) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/utm_tracking.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1948) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pixel.advertising.com/ups/28/sync?uid=06843398865598062741245157783431098547&_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.therams.com/stadium/sofi-stadium Message: The resource https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.therams.com/stadium/sofi-stadium Message: The resource https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
ajax.googleapis.com
analytics.formstack.com
analytics.twitter.com
apis.google.com
assets.adobedtm.com
audit-tcfv2.quantcast.mgr.consensu.org
auth-id.nfl.com
auth-id.therams.com
cdn.onesignal.com
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
evt.undertone.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
nflenterprises.tt.omtrdc.net
odr.mookie1.com
onesignal.com
p1.parsely.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
quantcast.mgr.consensu.org
rams.formstack.com
rules.quantcount.com
s.amazon-adsystem.com
s3.amazonaws.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
smetrics.nfl.com
static.clubs.nfl.com
static.formstack.com
static.www.nfl.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
test.quantcast.mgr.consensu.org
track.hubspot.com
trc.taboola.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
104.111.215.191
104.244.42.195
104.36.113.17
13.32.121.37
13.32.121.38
13.36.218.177
142.250.184.226
142.250.185.98
142.250.186.162
151.101.129.153
151.101.130.49
151.101.193.153
151.101.65.153
18.158.39.89
18.197.1.225
18.66.122.21
18.66.97.14
185.29.134.248
185.33.223.38
185.94.180.125
2.18.234.21
2.18.234.36
2001:678:cb4:bbbb::13
209.54.177.54
212.82.100.182
2600:9000:223c:8a00:6:44e3:f8c0:93a1
2600:9000:2240:ae00:9:46dc:4700:93a1
2600:9000:225e:5000:3:a4cd:8380:93a1
2600:9000:236e:b000:6:4f98:bc40:93a1
2606:4700::6811:45b0
2606:4700::6811:d5cc
2606:4700::6811:e9cc
2606:4700::6812:14bf
2606:4700::6812:e134
2606:4700::6813:9b53
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7000
2a00:1450:4001:800::200a
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9a
2a02:2638:1::13
2a02:26f0:6c00:28a::1e80
2a02:6ea0:c700::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
3.122.214.165
3.248.86.91
34.194.161.83
34.252.166.160
34.254.143.3
34.98.67.61
35.244.159.8
52.217.86.206
52.222.236.19
52.222.250.70
52.223.40.198
52.31.238.195
52.51.88.158
54.160.183.108
54.194.183.173
54.93.153.188
69.173.144.139
02930bc2b4c08b3da50de2d03d6374454b0ff8fbe111ae5463964d1bc251c939
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5ef018746786c973b11ed38934a17a09d5b6ebc739a738c7e924ebe0b15528
0cf19c94211702e8429633ae2194b30555ccce31a52a7635f657ab8f289fb9fd
0d387e0a5b706be9dafcb05e88b47197fc3a04e37bf3674507432ae754d0c0b6
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915
1f5a4e7e05619704f76cf69ddd2c8ddac8d362033aa1f1cec607109818ba0590
220e74313fe444d28375d73fda37d0adbf38a1b3e80c76963e5521850889d44f
229a2534529014c8d62688d11f598a6bfb826f82054827f6ab6633e186a608d0
22d8fd8190953b8b190884ac17db75416de34a29419327bd63bd068bbd2073a5
2465a231a58b82c620d23b94ee93bb2bdc046acf40e9ded0aacf40cc43384952
2799001f240cd99cd731ecf4c933e4aade589dbe85f93901c900dd8ecec01999
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
284f3fb5272a62c2fa10bf971794e7d86d1b18a00f5b6b6a3834c318e8cb6e1e
2a44537ffe33c438fcc6f49f4ee6a02be0daa467010273f3c10f8101bd570073
2bc1e39bc42a6b22ca0750f79347faf3d5720cccd8a3d611682dc53f715c82dd
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3e4d8ec11ab62a46f645476be84198fd1903128d47c73b8e7151af2a8d98b9
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5
3da357fbf0f7c5cbe26da19810899f57b13595143aec8ba5cd03613b8dae5c71
43f657e34f6a74798dac1f29ed4c23169220f3aef9dff22d4b007c6c634e5836
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6ab60738d06a36bd98e77035c4ea4912ce4d52cc4fe81b9865fabf7ae905af
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8f48fd9bcf5e8ca301b17c4c178ecb3fbab19245fd7b244c5f2cf163298790
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5514e154a0779b75c1037f4735d4536a6fdbf7594464157ccf692739cd803cf5
551a4a808579c7378031adf0db69216f283b918c1ad8121a2537aea2de752975
55412c28f1fc7230f98e49ca53c80a4794e61826175304e54c8e84520966bf7e
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3
5bad87b8d37ffcfbf7ac14becab03964573366353388a7dd80825da4d3cceea1
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
6199d7ca3ec10c4de7cd008b1f021eb83110f2d7bc5804483b2ab8e6644eae9a
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947
6540382757a178aae4e2cda77f8c8634e72c93dc80e27cb1435862eac6100203
6562dab0aa4cbe7cb9e2387468f40825b8220024ff728f1c1746c2328e12adb2
6701454491ae4d2c571f9443f60895852709199d4a02f25cf4f8070c6b35d144
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
690507500538e422ee1d1707573b3b3acfd7a57674e1d1234f87c8ee5f587d19
6abf2aa9d7790ad3b128a7396c3bfd3367a98948a212d7f110607691d8fb4f2c
6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba
6fe8d1049cdc37e5a99e41c07348b0d9ebceffc1f45cd555ff418e0f391cdfd5
7069bd8cd4136cf552c4c02ba4f80c03f4a9e36b9edac2f2a8d7c7313b2e1580
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
7211d8b26143e07e1cb7b66219fcf0fc4a22a57f6b864c9cee37070df8592d6d
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
798e9911a02d8cc29927bfceb1f617e25d4e8e4fb5435140419c6236f7b7f5b3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cd1ce1596ca026fa2706f1bac7c02464d918ffb8d48c8af15d7fb8fd6c0a9de
7e631a807e4b121be305ddb3ba1340afda0f906a8ebc768a17a2df9fc5b4328b
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
82372e5085d63a3eebd690eca5c085c65b6d0de397b7fbb1a6d7b9fc87d0061e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865b09b9c0fc51ee9b69bfdf2d7e8b748c20b8a4789430104e09bba11567764f
86bc752d0407555cfb8f83681c8cf277390cc9ca5b49f8c64a8753480f7c0e3e
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
8a077659f2a6ddd4ef5faeeddb3a11f35f9e06e9d7e4983e9b6b94ae4f0c3736
8b663582a9efae444143d4937121293634fae2d66168d33f721f23a145675e38
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8f2594d20ca331cd25be0f301e7f786b00e5960826e0f4965c0732c5f02f4d69
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
935853b8f0d3a5ff638c5e615585e6202897241974297ee51126ed55c16462f7
9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8
972965a2008fb7426f4a686c601836371b92cfae2afbaa4bf36c7ccbfc3f0a41
9d8b72388801d85bbe5e728baa32bc98aed33bbc3bfe96fe3079f16acf04af02
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a224c6dd7a17529c46010e3c2e7bcda012e1e22ec2cf9168962e343c7c267d78
a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
a81eeb16b938ed4039af49d942dd8a15ca390c2d5232d9df370b313f7c08013e
a81f1adb70a2c570ba58635581181e8678244887f8e9a3bf50b703368f211948
a9f8cc3fcb56bb648341abb1e3b43c0089f0c67f07b5250fc2998bcfeaab34fb
aaf03219cf050a3a022af73224f8ddad8c051e07354af2e0d880aa8a599c1782
aafa5bd1a6d109986f239e94e42036262c7eb9189f63b4f00cefbfe963ca6ad3
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
aba5ed44fb1cddc664223c23c8afd4a07e75edb3a6c5d9c89ecd9654d8898a07
ac10112e1f23d21b3f4130d8b4ef344ce013dc634f6d8171fa4df2637e52f791
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca77db15be14b0832623098ff64902c6caff280f56e411c347e5cc17cedf64f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b25cb256e8187eba8e3e63bc4d6bb8faf1aa6ba285c63d31eb9e85100bfc5de8
b34144c367b6531b6c5a970cf4ffa526804af9b71ab1198444d988235acb3cda
b3a0468ca1d69210db78aefafae46d1fd7efe8b3bfb43ac999b9398384b8dea7
b96e7301a686b33ddf2cf5a2c5c0f1767276e21ac1f2150a173cf710f353c94d
bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65
bb40a0de5789dfa39d78fc18f500b732ab0ba79f38ef4c892d8be42699e88350
bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bed924988f40a748ce85d013b93994b31d8b7dd8214c0b47938dab985641fd92
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c0a91f38e7d188fe81ce0bd28ba637577863b8dd5618d651d7a011a8172680f3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c50cd0fcda1c3a9c3ced819919da0d333fc17890114e992d0bbe306c6cda690c
c576341a29cc7803eae586a5b1b0004e4391f95a0583613a5839d25eabd8fec5
c92e958b151f13f6e0ad4998d6c3c0c9bd276f3c261654ec8e1fe6da6efd2e96
c98366a87bd0007a24b135bf9c39038ff3d7ea8d4c77f4222aa834f747afc6ee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef
d46365179f39d09145136221582d83a5c0d271ca34424b528ce9708fa0ac518e
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d846793f4bd5253e13d58e1f45160575835a9ac8091d78654067c7bc5aea13eb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02
e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3932e62b4ca1e14d91eaeff13bc9b5c8519b08083bd2f6748fd44877693f526
f86db151732c4212c2cd57d7be7889c95ce5a8f0ca11fb40ce3410b9beeac723
fc98c9f06ecc9a282b433f8171fd80c4fc8a8ac778ee355530d54fffaae0ea31
ffb8de82eb4e7ce352d6babc3102b81fdef6a4df507ff6e0df2d4fac007d939c

www.therams.com Open in urlscan Pro 151.101.65.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

188 Requests

82 %HTTPS

41 %IPv6

53 Domains

75 Subdomains

58 IPs

7 Countries

5520 kBTransfer

10589 kBSize

70 Cookies

54 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.therams.com Open in urlscan Pro
151.101.65.153 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

82 %
HTTPS

41 %
IPv6

53
Domains

75
Subdomains

58
IPs

7
Countries

5520 kB
Transfer

10589 kB
Size

70
Cookies

188 HTTP transactions
2 data transactions