www.therams.com Open in urlscan Pro
151.101.1.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://therams.com/
Effective URL:
https://www.therams.com/
Submission: On August 18 via api (August 18th 2022, 8:50:27 pm UTC) from US — Scanned from DE

Summary HTTP 184 Redirects Links 64 Behaviour Indicators

Summary

This website contacted 60 IPs in 10 countries across 54 domains to perform 184 HTTP transactions. The main IP is 151.101.1.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 330016.
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	151.101.129.153 151.101.129.153	54113 (FASTLY) (FASTLY)
1 49	151.101.1.153 151.101.1.153	54113 (FASTLY) (FASTLY)
3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:ea:... 2a02:26f0:ea:296::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:224... 2600:9000:2240:2000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
12	151.101.129.152 151.101.129.152	54113 (FASTLY) (FASTLY)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:5a00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:ca00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.47.209.16 23.47.209.16	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.65.153 151.101.65.153	54113 (FASTLY) (FASTLY)
2 14	34.241.142.170 34.241.142.170	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	18.66.17.43 18.66.17.43	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:211... 2600:9000:211a:ac00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	52.222.236.97 52.222.236.97	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	18.193.0.23 18.193.0.23	16509 (AMAZON-02) (AMAZON-02)
1	54.216.133.37 54.216.133.37	16509 (AMAZON-02) (AMAZON-02)
3	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
8 8	34.247.98.180 34.247.98.180	16509 (AMAZON-02) (AMAZON-02)
1	79.125.52.138 79.125.52.138	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	13.32.121.67 13.32.121.67	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2 2	54.93.60.116 54.93.60.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
7 8	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
6 12	54.154.5.146 54.154.5.146	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	18.193.198.179 18.193.198.179	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
8 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1 1	99.86.4.115 99.86.4.115	16509 (AMAZON-02) (AMAZON-02)
1 1	52.201.208.245 52.201.208.245	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
184	60

15 151.101.129.153 (United States) 1 redirects

ASN54113 (FASTLY, US)

therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.nfltags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 151.101.1.153 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:ea:296::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:2000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.129.152 (United States)

ASN54113 (FASTLY, US)

api.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:5a00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ca00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.209.16 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-16.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.153 (United States)

ASN54113 (FASTLY, US)

static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.241.142.170 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.17 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.17.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-43.vie50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211a:ac00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.222.236.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-97.fra56.r.cloudfront.net

auth-id.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.0.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-0-23.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.133.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-133-37.eu-west-1.compute.amazonaws.com

nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

smetrics.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.247.98.180 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-98-180.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.52.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-52-138.eu-west-1.compute.amazonaws.com

nflenterprises.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.243 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-67.fra60.r.cloudfront.net

auth-id.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.60.116 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-60-116.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.154.5.146 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.198.179 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-198-179.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.115 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-115.fra6.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.208.245 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-208-245.compute-1.amazonaws.com

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	therams.com 2 redirects therams.com — Cisco Umbrella Rank: 309399 www.therams.com — Cisco Umbrella Rank: 330016 auth-id.therams.com — Cisco Umbrella Rank: 760921	483 KB
39	nfl.com static.clubs.nfl.com — Cisco Umbrella Rank: 24673 api.nfl.com — Cisco Umbrella Rank: 17163 static.www.nfl.com — Cisco Umbrella Rank: 21393 auth-id.nfl.com — Cisco Umbrella Rank: 22030 smetrics.nfl.com — Cisco Umbrella Rank: 19516	881 KB
28	everesttech.net 22 redirects cm.everesttech.net — Cisco Umbrella Rank: 872 pixel.everesttech.net — Cisco Umbrella Rank: 3074 sync-tm.everesttech.net — Cisco Umbrella Rank: 590	11 KB
15	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 201 nfl.demdex.net — Cisco Umbrella Rank: 22739	18 KB
13	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 stats.g.doubleclick.net — Cisco Umbrella Rank: 108 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	162 KB
5	quantcast.com test.cmp.quantcast.com — Cisco Umbrella Rank: 11238 cmp.quantcast.com — Cisco Umbrella Rank: 3682 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12605	144 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 278 cms.analytics.yahoo.com — Cisco Umbrella Rank: 796 ads.yahoo.com — Cisco Umbrella Rank: 2295	1 KB
4	google.com www.google.com — Cisco Umbrella Rank: 9 apis.google.com — Cisco Umbrella Rank: 134	111 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	458 B
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 868	45 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	197 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 445	108 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 282	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1363 load77.exelator.com — Cisco Umbrella Rank: 3270	2 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3094 www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	157 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 146	2 KB
3	nfltags.com p.nfltags.com — Cisco Umbrella Rank: 21884	489 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3409 onesignal.com — Cisco Umbrella Rank: 1263	73 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 5965 evt.undertone.com — Cisco Umbrella Rank: 7329	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 521	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	2 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 407	790 B
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2112 forms.hubspot.com — Cisco Umbrella Rank: 3009	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6076	655 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 783	1 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2530	49 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 707	376 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 877	225 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 399	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 327	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 929	356 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 949	418 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 975	211 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	265 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 517	355 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1129	175 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 983	402 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 476	684 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130	16 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 4213	44 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1988	20 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4077	88 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2009	16 KB
1	omtrdc.net nflenterprises.tt.omtrdc.net — Cisco Umbrella Rank: 21410	722 B
1	parsely.com p1.parsely.com — Cisco Umbrella Rank: 2102	259 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2226	967 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	24 KB
1	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 8638	151 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 933	2 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 976	10 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 440	31 KB
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
184	54

	Domain	Requested by
49	www.therams.com	1 redirects www.therams.com
14	dpm.demdex.net	2 redirects www.therams.com
12	pixel.everesttech.net	6 redirects
12	api.nfl.com	p.nfltags.com
11	static.clubs.nfl.com	www.therams.com
9	auth-id.nfl.com	cdns.us1.gigya.com auth-id.nfl.com
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
4	www.facebook.com	www.therams.com connect.facebook.net
4	unpkg.com	2 redirects www.therams.com
4	connect.facebook.net	www.therams.com connect.facebook.net cdns.us1.gigya.com
4	static.www.nfl.com	www.therams.com
4	assets.adobedtm.com	www.therams.com assets.adobedtm.com
3	s.amazon-adsystem.com	2 redirects
3	ib.adnxs.com	2 redirects
3	smetrics.nfl.com	assets.adobedtm.com
3	cmp.quantcast.com	quantcast.mgr.consensu.org
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	sb.scorecardresearch.com	1 redirects www.therams.com
3	p.nfltags.com	www.therams.com
3	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	gum.criteo.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	apis.google.com	cdns.us1.gigya.com apis.google.com
2	www.google.de	www.therams.com
2	www.google.com	www.therams.com
2	pm.w55c.net	2 redirects
2	loadm.exelator.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	quantcast.mgr.consensu.org	www.therams.com quantcast.mgr.consensu.org
2	cdn.onesignal.com	www.therams.com cdn.onesignal.com
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	pixel.advertising.com	1 redirects
1	match.adsrvr.org
1	analytics.twitter.com
1	x.dlx.addthis.com	1 redirects
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	d.turn.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	load77.exelator.com	www.therams.com
1	auth-id.therams.com	cdns.us1.gigya.com
1	sync.mathtag.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.evgnet.com	assets.adobedtm.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	region1.google-analytics.com	www.googletagmanager.com
1	nflenterprises.tt.omtrdc.net	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	p1.parsely.com	www.therams.com
1	js.hs-scripts.com	assets.adobedtm.com
1	d1z2jf7jlzjs58.cloudfront.net	assets.adobedtm.com
1	cdns.us1.gigya.com	www.therams.com
1	rules.quantcount.com	secure.quantserve.com
1	test.cmp.quantcast.com	quantcast.mgr.consensu.org
1	onesignal.com	cdn.onesignal.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	imasdk.googleapis.com	www.therams.com
1	therams.com	1 redirects
0	adb2waycm-atl.netmng.com Failed
184	76

This site contains links to these domains. Also see Links.

Domain
www.nfl.com
www.ramsfanshop.com
www.pntrac.com
sports.yahoo.com
ramsnewlook.com
www.ticketmaster.com
www.ramssuites.com
laramsplates.com
am.ticketmaster.com
itunes.apple.com
play.google.com
www.facebook.com
www.instagram.com
www.snapchat.com
twitter.com
www.youtube.com
www.tiktok.com
open.spotify.com
www.linkedin.com
rams.formstack.com
www.teamworkonline.com
www.stanza.co
onlocationexp.com
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.commanders.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
ndc-production-san.nfl.com R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
*.cmp.quantcast.com R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
clubsweb.san1.nfl.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-04`	a year	crt.sh
static.www.nfl.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-28` - `2022-08-26`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
auth-id.nfl.com Amazon	`2021-11-22` - `2022-12-20`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.parsely.com R3	`2022-07-16` - `2022-10-14`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.nfl.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-13` - `2023-04-12`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
auth-id.therams.com Amazon	`2021-11-16` - `2022-12-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.therams.com/
Frame ID: 273D62E2242D18FB9723DA1A4A8A8FDF
Requests: 138 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: 2A562D95F94FB68C7F1E2D7F8A8A3628
Requests: 34 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13318
Frame ID: 673F21FC6B6F6B669D9E6D6CFE398F05
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
Frame ID: 107B2CE83D4B800E730298C0533E9497
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
Frame ID: B6B194F61DFB389BB29AFFBDBDD0C014
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
Frame ID: 04BADECA8C0B789527E1D97E013BE6D9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Los Angeles Rams Home | Los Angeles Rams - therams.com

Page URL History Show full URLs

http://therams.com/ HTTP 301
http://www.therams.com/ HTTP 301
https://www.therams.com/ Page URL

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

184
Requests

82 %
HTTPS

42 %
IPv6

54
Domains

76
Subdomains

60
IPs

10
Countries

3351 kB
Transfer

9785 kB
Size

58
Cookies

64 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nfl.com/legal/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://www.pntrac.com/t/2-479175-57835-55814
Title: GAME PASS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: https://ramsnewlook.com/?utm_source=therams.com&utm_medium=nav
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/0A005C957C9C0F9E?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_PRE_GAME1&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_PRE_GAME1
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.ramssuites.com/games/Preseason-Game-1-Los-Angeles-Rams-70455/?utm_source=therams.com&utm_medium=schedule_page&utm_campaign=schedule_release
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://laramsplates.com/

Search URL Search Domain Scan URL

URL: https://www.ramssuites.com/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: ACCOUNT MANAGER

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8
Title: DOWNLOAD FOR iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams
Title: DOWNLOAD FOR ANDROID

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Rams/
Title: facebook Rams

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rams/
Title: instagram Rams

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/snaptherams
Title: snapchat SnapTheRams

Search URL Search Domain Scan URL

URL: https://twitter.com/ramsnfl
Title: twitter RamsNFL

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCyJ6yZdVUkBvt2vl4R03jcA
Title: youtube Los Angeles Rams

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@rams
Title: tiktok Rams

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/5mkt0hgTNL81R8cjngLS1e
Title: spotify Rams Iconic Podcast

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/los-angeles-rams
Title: linkedin Los Angeles Rams

Search URL Search Domain Scan URL

URL: https://rams.formstack.com/forms/sign_up
Title: email Email/SMS

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.stanza.co/button/launch?calendar=https%3A%2F%2Fspoton.it%2Fschedules%2Fnfl-rams#/
Title: Add to Calendar

Search URL Search Domain Scan URL

URL: https://onlocationexp.com/nfl/los-angeles-rams-tickets?utm_source=therams.com&utm_medium=referral&utm_campaign=sb56_teams-rams_footer_menu
Title: Super Bowl Packages

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/

Search URL Search Domain Scan URL

URL: https://www.bengals.com/

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/

Search URL Search Domain Scan URL

URL: https://www.steelers.com/

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/

Search URL Search Domain Scan URL

URL: https://www.patriots.com/

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/

Search URL Search Domain Scan URL

URL: https://www.colts.com/

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/

Search URL Search Domain Scan URL

URL: https://www.chargers.com/

Search URL Search Domain Scan URL

URL: https://www.raiders.com/

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/

Search URL Search Domain Scan URL

URL: https://www.packers.com/

Search URL Search Domain Scan URL

URL: https://www.vikings.com/

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/

Search URL Search Domain Scan URL

URL: https://www.giants.com/

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/

Search URL Search Domain Scan URL

URL: https://www.commanders.com/

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/

Search URL Search Domain Scan URL

URL: https://www.panthers.com/

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/

Search URL Search Domain Scan URL

URL: https://www.49ers.com/

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://therams.com/ HTTP 301
http://www.therams.com/ HTTP 301
https://www.therams.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1660855821425 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1660855821425

Request Chain 62

https://sb.scorecardresearch.com/cs/3005386/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 70

https://unpkg.com/react@17/umd/react.production.min.js HTTP 302
https://unpkg.com/react@17.0.2/umd/react.production.min.js

Request Chain 71

https://unpkg.com/react-dom@17/umd/react-dom.production.min.js HTTP 302
https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js

Request Chain 97

https://cm.everesttech.net/cm/dd?d_uuid=28664114033281145681577195862555278524 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yv6mDQAAAFSPYwNe

Request Chain 119

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=28664114033281145681577195862555278524&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d28664114033281145681577195862555278524 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=9e2762fe-a60f-4000-affa-583a031c6af5&ddsuuid=28664114033281145681577195862555278524

Request Chain 121

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=28664114033281145681577195862555278524 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=28664114033281145681577195862555278524&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 130

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=F4N8PyAC1OoMt85

Request Chain 132

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6031289576951394711

Request Chain 141

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=9037757071320561458

Request Chain 150

https://x.dlx.addthis.com/e/demdex_sync?na_exid=28664114033281145681577195862555278524&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022081820502300011082999383

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Mjg2NjQxMTQwMzMyODExNDU2ODE1NzcxOTU4NjI1NTUyNzg1MjQ= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMFM8QKNtbYRtD7UEM4cd_Q&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 159

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEKIOLb0b5uNGgqnKcB1JTLU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 160

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEKIOLb0b5uNGgqnKcB1JTLU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 161

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEKIOLb0b5uNGgqnKcB1JTLU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 162

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEKIOLb0b5uNGgqnKcB1JTLU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 163

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEKIOLb0b5uNGgqnKcB1JTLU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 165

https://pixel.advertising.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true&verify=true

Request Chain 166

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEKIOLb0b5uNGgqnKcB1JTLU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 167

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=wpS_pPQ59sci9tL8mXG_HGbhg4StFvv2&gdpr=0&gdpr_consent=

Request Chain 168

https://ps.eyeota.net/match?bid=6j5b2cv&uid=28664114033281145681577195862555278524&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 169

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=28664114033281145681577195862555278524&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bM5Des5E2pETBUCqVSusnF317NqGojgzoWw-~A

Request Chain 171

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Yv6mDQAAAFSPYwNe&sigv=1&esig=1~a70cc165e4d61073a752af8c762dd9e6fe98ba78

Request Chain 172

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXY2bURRQUFBRlNQWXdOZQ==

Request Chain 173

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yv6mDQAAAFSPYwNe&expires=90

Request Chain 174

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yv6mDQAAAFSPYwNe HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yv6mDQAAAFSPYwNe&C=1

Request Chain 175

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Yv6mDQAAAFSPYwNe

Request Chain 176

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yv6mDQAAAFSPYwNe

Request Chain 177

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yv6mDQAAAFSPYwNe

Request Chain 178

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yv6mDQAAAFSPYwNe&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yv6mDQAAAFSPYwNe&img=1&__user_check__=1&sync_id=62607bb6-1f37-11ed-9e21-19b4ac340106

Request Chain 179

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yv6mDQAAAFSPYwNe&t=2592000&o=0

Request Chain 181

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 182

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=n8HvmpdZQ2ab4juPoaukUQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28664114033281145681577195862555278524

184 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.therams.com/
Redirect Chain

http://therams.com/
http://www.therams.com/
https://www.therams.com/

504 KB
89 KB

38ms
8ms

Document
text/html

151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ac00f3cecc9eef12f3853268387a481506bf85a817fe192130ca72770b97ddd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 2
Cache-Control: public, max-age=5
Connection: keep-alive
Content-Length: 90201
Date: Thu, 18 Aug 2022 20:50:20 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS, HIT
X-Cache-Hits: 0, 0, 1
X-NFL-Dma: 276002
X-NFL-Geo: country_code=DE
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10625-LGB, cache-hhn4083-HHN
X-Timer: S1660855821.916833,VS0,VE1
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
origin-site: LA3
server: envoy
service-worker-allowed: /
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1426
x-xss-protection: 1; mode=block

Redirect headers

Accept-Ranges: bytes
Cache-Control: private
Connection: close
Content-Length: 0
Date: Thu, 18 Aug 2022 20:50:20 GMT
Location: https://www.therams.com/
Retry-After: 0
Server: Varnish
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-NFL-Dma: 276002
X-NFL-Geo: country_code=DE
X-Served-By: cache-hhn4035-HHN

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 519 KB
91 KB 7ms
7ms Stylesheet
text/css 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cfab52cc7b2b5bf6b7b11949a985cb1d6e62ec9b04fa1fee0b4901164a3331bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 86
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 92690
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:35:54 GMT
server: envoy
X-Timer: S1660855821.933555,VS0,VE0
etag: "1d8b2145d38cb50"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:20 GMT
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK 9c1710eb28ecb50f3b9dd9d56e12097a
www.therams.com/compiledassets/theming/ 16 KB
4 KB 16ms
7ms Stylesheet
text/css 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/9c1710eb28ecb50f3b9dd9d56e12097a

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ceefac20b0eb7f371f4fda5df5999508915c5e325433e63235f891a4ec00ff72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 932913
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 29
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3522
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10663-LGB, cache-hhn4083-HHN
X-NFL-Dma: 276002
server: envoy
X-Timer: S1660855821.942454,VS0,VE1
Date: Thu, 18 Aug 2022 20:50:20 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 3, 1, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 144ms
48ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

sffe /

Resource Hash

f72c8c65f89a858d7cd253603abec60fa8183fc8e695cd9c8e7b2092a7bec6ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28729
x-xss-protection: 0
server: sffe
etag: "1308 / 803 of 1000 / last-modified: 1660821002"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 Aug 2022 20:50:21 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 83 KB
31 KB 137ms
40ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e973beb94df06a2b8cc634db4063e97fc13e6c8cbfee8dc20cee752aa587aea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30868
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 18 Aug 2022 21:05:21 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 52ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73cd857229176987-FRA
date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 821
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 21 Aug 2022 20:50:21 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 293 KB
86 KB 155ms
19ms Script
application/x-javascript 2a02:26f0:ea:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:296::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d87efda72dac76418ccc8e03916c7ca543d94d22f57b71177e6f9f9f7408177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 22:12:43 GMT
server: AkamaiNetStorage
etag: "510374225cf2476d155f7f1c277dc451:1660342363.110559"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 87229
expires: Thu, 18 Aug 2022 21:50:21 GMT

GET
H/1.1 200
OK NflUmdComponents.NFLToken.js Show response
p.nfltags.com/nfl/ 226 KB
72 KB 73ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e99e90d1a5a6cb07d12b33b2c5ffb55fe2bfae7d437f8725d9a2c8dc804aca93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Content-Encoding: gzip
Age: 36
X-Cache: HIT
Connection: keep-alive
Content-Length: 72804
X-Served-By: cache-hhn4037-HHN
Access-Control-Allow-Origin: *
Last-Modified: Mon, 25 Jul 2022 03:40:16 GMT
Server: nginx/1.20.2
X-Timer: S1660855821.999460,VS0,VE1
ETag: W/"62de10a0-389ed"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Thu, 18 Aug 2022 20:50:51 GMT
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK t6lsabayxreh9mijdgze.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/ 6 KB
7 KB 45ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/t6lsabayxreh9mijdgze.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6b97959fd23987c7e5888b3625ce5b1ddf317086be85a603318eda3e7463a932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 6527
Edge-Cache-Tag: 626183243551778981186058754785924156816,480394454469946857818415004125663383920,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 626183243551778981186058754785924156816,480394454469946857818415004125663383920,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="t6lsabayxreh9mijdgze.webp"
Connection: keep-alive
Content-Length: 6284
X-Request-Id: 387419c7cba235ab3f78eb4e67c93ca0
X-Served-By: cache-iad-kcgs7200112-IAD, cache-iad-kiad7000110-IAD, cache-hhn4049-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Thu, 18 Aug 2022 19:01:35 GMT
Server: cloudinary
X-Timer: S1660855821.212781,VS0,VE1
Etag: "515ef73fe9a8293312f0f6741f46b2ab"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/ 6 KB
2 KB 42ms
8ms Script
application/javascript 2600:9000:2240:2000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:2000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06f2f8756599914d284c595fbff44205b62c8039be1ebacbc86f3bf45fbcfc8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Aug 2022 20:50:20 GMT
content-encoding: br
last-modified: Thu, 03 Mar 2022 00:07:08 GMT
server: AmazonS3
age: 2
etag: W/"d9f77f86c68236f87bc6d2423aa86aa2"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: iVrxutvLHzLQYtBPn_6lQAauLiRfGXd8eygpfjuXxq7T1ihBsPiNCw==

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 519 KB
91 KB 8ms
7ms Stylesheet
text/css 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cfab52cc7b2b5bf6b7b11949a985cb1d6e62ec9b04fa1fee0b4901164a3331bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 86
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 92690
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:35:54 GMT
server: envoy
X-Timer: S1660855821.958338,VS0,VE1
etag: "1d8b2145d38cb50"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:20 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK 9c1710eb28ecb50f3b9dd9d56e12097a
www.therams.com/compiledassets/theming/ 16 KB
4 KB 9ms
9ms Stylesheet
text/css 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/9c1710eb28ecb50f3b9dd9d56e12097a

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ceefac20b0eb7f371f4fda5df5999508915c5e325433e63235f891a4ec00ff72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 951182
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 37
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3522
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
server: envoy
X-Timer: S1660855821.958521,VS0,VE1
Date: Thu, 18 Aug 2022 20:50:20 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK jsi44ha1fbr5njpgvrts.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 44ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/jsi44ha1fbr5njpgvrts.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b5dd7532bde5ec8603b649e7097aa28cc4d95e57cdc1e26e767c508098fc1ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 70264
Edge-Cache-Tag: 403742347707808170267722326979156788854,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 403742347707808170267722326979156788854,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="jsi44ha1fbr5njpgvrts.webp"
Connection: keep-alive
Content-Length: 1740
X-Request-Id: 30d704830a2e64c7cbd12b0dc6edded3
X-Served-By: cache-iad-kiad7000073-IAD, cache-iad-kcgs7200060-IAD, cache-hhn4064-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Thu, 18 Aug 2022 01:19:18 GMT
Server: cloudinary
X-Timer: S1660855821.212436,VS0,VE1
Etag: "41ee158415de643df7c1ffa9be3ef8e7"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK zye8xrsomvwqoztugezn.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 43ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/zye8xrsomvwqoztugezn.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 61dcf9b1c65c352f85c8619ecb5d868fcaef26dad46b814abd098464234e6e2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 231299
Edge-Cache-Tag: 560278973104244445332196224263255212265,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 560278973104244445332196224263255212265,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="zye8xrsomvwqoztugezn.webp"
Connection: keep-alive
Content-Length: 1910
X-Request-Id: 326ee1f71851b9e5487bbc3e570e35a9
X-Served-By: cache-iad-kjyo7100170-IAD, cache-iad-kjyo7100116-IAD, cache-hhn4045-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Tue, 16 Aug 2022 04:35:23 GMT
Server: cloudinary
X-Timer: S1660855821.212443,VS0,VE1
Etag: "7249bda040e33cdf8a7b2f2cbe920973"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK hbjf1stzaydvgicg9mcw.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 45ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/hbjf1stzaydvgicg9mcw.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 14709a4cdf76028870e32cbf601d5822a6169ad427d7982982db282844a072ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 332258
Edge-Cache-Tag: 396673536818252703605532804400843454582,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 396673536818252703605532804400843454582,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="hbjf1stzaydvgicg9mcw.webp"
Connection: keep-alive
Content-Length: 1600
X-Request-Id: 5e896fbcb4d35d7ad8f35a58b16c6cdf
X-Served-By: cache-iad-kcgs7200039-IAD, cache-iad-kcgs7200134-IAD, cache-hhn4051-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Mon, 15 Aug 2022 00:32:44 GMT
Server: cloudinary
X-Timer: S1660855821.212660,VS0,VE1
Etag: "4070863adf26a4d6e42091c944cd7ea8"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK xoaqlyrqdqfldcnul3kg.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 55ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/xoaqlyrqdqfldcnul3kg.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 82515c0f922258f4154443f676019e7a222f85afb23bc81ceb616ac055ac61bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 474063
Edge-Cache-Tag: 577822122912920262004273880752820954225,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 577822122912920262004273880752820954225,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="xoaqlyrqdqfldcnul3kg.webp"
Connection: keep-alive
Content-Length: 1292
X-Served-By: cache-iad-kiad7000128-IAD, cache-iad-kjyo7100077-IAD, cache-hhn4045-HHN
X-Cache: HIT, HIT, HIT
Last-Modified: Thu, 19 Aug 2021 17:31:28 GMT
Server: cloudinary
X-Timer: S1660855821.222662,VS0,VE1
Etag: "228d1d1d332588f027c1cf6bf8bec59e"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK fbvmsdkuaqllhqaa8svo.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 55ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/fbvmsdkuaqllhqaa8svo.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c6a9563efc298908aaa1fbfe750739d7e2ddc36f5a32b33f66c9a045bc997e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 225331
Edge-Cache-Tag: 376478009509735034352339071327420009227,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 376478009509735034352339071327420009227,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="fbvmsdkuaqllhqaa8svo.webp"
Connection: keep-alive
Content-Length: 1278
X-Served-By: cache-iad-kjyo7100141-IAD, cache-iad-kcgs7200033-IAD, cache-hhn4061-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Thu, 30 Jul 2020 01:39:48 GMT
Server: cloudinary
X-Timer: S1660855821.223165,VS0,VE1
Etag: "eaf974c61e99bb67ea7ca3a0dc55e568"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 8ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 87
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:28:16 GMT
server: envoy
X-Timer: S1660855821.178674,VS0,VE1
etag: "1d8b2134c33d54a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

POST
H2 200 token Show response
api.nfl.com/identity/v3/ 935 B
1 KB 308ms
308ms Fetch
application/json 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 713e5cd3ee66ef7b32c38e84d115ef43ca441cac4e88c6320a36d5446a4f8814

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 varnish, 1.1 varnish
origin-site: LV1
x-cache: MISS, MISS
x-envoy-upstream-service-time: 142
content-length: 935
x-served-by: cache-sna10742-LGB, cache-hhn4029-HHN
server: envoy
x-timer: S1660855821.251673,VS0,VE301
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 token
api.nfl.com/identity/v3/ Frame 0
0 76ms
6ms Preflight
text/html 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Thu, 18 Aug 2022 20:50:21 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4029-HHN

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 9ms
9ms Font
font/woff2 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 2
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19348
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:28:16 GMT
server: envoy
X-Timer: S1660855821.181130,VS0,VE1
etag: "1d8b2134c33db94"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 1, 1

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 23ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73cd857289ae6987-FRA
date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1939
etag: W/"2f96824aee4bf927e734cc519e3e726d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 21 Aug 2022 20:50:21 GMT

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 9ms
9ms Font
font/woff2 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 2
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19284
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:28:16 GMT
server: envoy
X-Timer: S1660855821.209568,VS0,VE1
etag: "1d8b2134c33db54"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
18 KB 8ms
7ms Font
font/woff2 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 2
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18168
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:28:16 GMT
server: envoy
X-Timer: S1660855821.209313,VS0,VE1
etag: "1d8b2134c33d6f8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 1, 1

GET
H3 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 117ms
38ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Aug 2023 15:13:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 89 B
105 B 133ms
60ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

51c6543f886ad7a6aee0e9c53cf42af71843863d9a792582cb7b4ea32649645e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Thu, 18 Aug 2022 20:50:21 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 50ms
7ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
etag: "gV5iHc/sd8Rde4C/i53H5w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 25 Aug 2022 20:50:21 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
47 KB 8ms
8ms Script
text/javascript 2600:9000:2240:2000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:2000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f2f1f02fc851d4d6bdaab153f5511584d04c8fbe30742a2acedc68f955d547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:49:23 GMT
content-encoding: gzip
age: 59
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Tue, 02 Aug 2022 14:10:55 GMT
server: AmazonS3
etag: W/"805f78a1dab7fe51dfcd464bfbbbcf04"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: VOJscEdxjesgKmOCulyHeEBvVJCXIMoydS0726odip_33fprGi6vpQ==

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 34ms
34ms Font
font/woff2 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 2
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18504
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:28:16 GMT
server: envoy
X-Timer: S1660855821.292128,VS0,VE1
etag: "1d8b2134c33d848"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H2 200 web Show response
onesignal.com/api/v1/sync/fde36100-f0c8-4d64-b942-75e4b965bf86/ 6 KB
2 KB 22ms
14ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/fde36100-f0c8-4d64-b942-75e4b965bf86/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c69cfc85fbac9e5d01d191a3cecfb7a940c02fdedfabd94d1e42fbc763da1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 356
cf-polished: origSize=5995
status: 200 OK
x-envoy-upstream-service-time: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f6f058da-6614-40ce-bccc-75a2cce85359
x-runtime: 0.027078
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"283d33321410f97a6cd05411f7c8999e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 73cd85731a616987-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 18 Aug 2022 21:50:21 GMT

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 6 KB
3 KB 7ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=b1aa46b63382f4920059eeb4f7f32e90

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1671c3dceb95698fab06ae23604e12c7e0828913828e7a54bb62ba8a45c61f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 86
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1786
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.312864,VS0,VE1
etag: "1d8b2146621ba68"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 117ms
29ms XHR
application/json 2600:9000:2304:5a00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5a00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f3060ece094097feb40c8b919c5b44a0798362a67bd346d29453debfdcf0b54

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:00:39 GMT
content-encoding: br
age: 64183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Wed, 17 Aug 2022 19:52:30 GMT
server: AmazonS3
etag: W/"9297700eee01f428c1da587e562ca0f1"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: bHEYYMA82SLX7hzwdTeJOYD.zLXTYfpc
via: 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: VIE50-P1
content-type: application/json
x-amz-cf-id: kjR6evCUTBDx-Ap2NWK8g2n1cKfGkNxuyqpCAucqele0WfCRfkPc9g==

GET
H2 200 rules-p-gGpYeVwuEvd4w.js Show response
rules.quantcount.com/ 3 KB
2 KB 42ms
8ms Script
application/javascript 2600:9000:223c:ca00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gGpYeVwuEvd4w.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ca00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44162d91b43b569b82bde0fa6b322917cc29b78b639e6a99813bf738ff691284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:05:04 GMT
content-encoding: gzip
age: 2721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 16:57:54 GMT
server: AmazonS3
etag: W/"fb5b5c7483862fd9ef5f1cfc610de623"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 6MvN8_6VDJoZSMPTr1op0dahEKdMjxADGrF7yiVld_TngB2CrgNOpA==

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/functions/ 982 B
1 KB 9ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b3a0468ca1d69210db78aefafae46d1fd7efe8b3bfb43ac999b9398384b8dea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 539
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.333516,VS0,VE1
etag: "1d8b2146621a156"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/functions/ 808 B
1 KB 10ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-lax10670-LGB, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.334870,VS0,VE0
etag: "1d8b2146621a1a8"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 2

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 2 KB
2 KB 45ms
36ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 837
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.367745,VS0,VE1
etag: "1d8b2146621aba5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 2 KB
2 KB 17ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 846
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.342291,VS0,VE0
etag: "1d8b2146621a516"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK liveService.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/services/ 3 KB
2 KB 26ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/services/liveService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3c6ee2db8f21171f3d93e12093c33e5fedd1f55480c5ea1e75bc6f4c1746ff7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 77321
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1209
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10654-LGB, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.349807,VS0,VE1
etag: "1d8b2146621a8e5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK gigya.js Show response
cdns.us1.gigya.com/js/ 462 KB
151 KB 157ms
33ms Script
text/javascript 23.47.209.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.209.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24f8d71db24e7953618303f5a1b2a65c3381ccdc9ddec171cb833164de0e076f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 20cde7c1a4b24217a930d89afcbad943
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g2
Connection: keep-alive
x-robots-tag: none
Content-Length: 154351
Expires: Thu, 18 Aug 2022 21:05:21 GMT

GET
H/1.1 200
OK gigyaLoggedInChecker.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/common/ 2 KB
2 KB 28ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/common/gigyaLoggedInChecker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c06f3fcb3a93af5c96f6d7eda17c8bf3bb02fc99b8d68e4fea7cfecd1d0fe948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 909
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4070-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.351818,VS0,VE2
etag: "1d8b2146621a5f1"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK oneSignalAdobeTracker.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 907 B
1 KB 18ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/oneSignalAdobeTracker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 387
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10648-LGB, cache-hhn4030-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.351951,VS0,VE1
etag: "1d8b2146621a10b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 93 B
941 B 21ms
9ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10733-LGB, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.362997,VS0,VE1
etag: "1d8b2146621a2dd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 57ms
6ms Image
image/svg+xml 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 5659218
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Server-Timing: fastly;dur=116;cpu=0;start=2022-06-14T08:50:03.723Z;desc=miss,rtt;dur=0,cloudinary;dur=112;start=2022-06-14T08:50:03.725Z
Content-Length: 3390
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
X-Served-By: cache-iad-kcgs7200079-IAD, cache-hhn4032-HHN
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1660855821.405595,VS0,VE0
Date: Thu, 18 Aug 2022 20:50:21 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Connection: keep-alive
X-Cache-Hits: 3, 10

GET
H/1.1 200
OK HOU
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 1 KB
2 KB 59ms
6ms Image
image/svg+xml 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/HOU

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9c016c1575b12f1f28f9c1a4da2cc91a7da7d62cbfea4c9a2b70a01d40fed0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 226770
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="HOU"
Server-Timing: fastly;dur=3;cpu=0;start=2022-08-16T05:50:51.822Z;desc=hit,rtt;dur=0
Content-Length: 687
Etag: "d7600e883c694e4f7bc3a91c8132c98c"
X-Served-By: cache-iad-kcgs7200137-IAD, cache-hhn4080-HHN
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:24:00 GMT
Server: Cloudinary
X-Timer: S1660855821.407990,VS0,VE0
Date: Thu, 18 Aug 2022 20:50:21 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Connection: keep-alive
X-Cache-Hits: 4, 5

GET
H/1.1 200
OK ng3owh4n3h9mg9gfcthc
static.clubs.nfl.com/image/private/f_auto/rams/ 17 KB
18 KB 10ms
10ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/ng3owh4n3h9mg9gfcthc
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f84b4447d116e974b6f3646109d552c4a44505026d7417cea3ea251e9af0ee7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 661471
Edge-Cache-Tag: 352665967413951146933992078677468419321,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 352665967413951146933992078677468419321,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="ng3owh4n3h9mg9gfcthc.webp"
Connection: keep-alive
Content-Length: 17514
X-Served-By: cache-iad-kiad7000051-IAD, cache-iad-kjyo7100039-IAD, cache-hhn4061-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sat, 14 Aug 2021 22:21:10 GMT
Server: cloudinary
X-Timer: S1660855821.362915,VS0,VE1
Etag: "a32d2e76f0e8458b0a6e0d380b85c296"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 6 KB
3 KB 8ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab15c82a59fb7fe870a1647e29f4f132fb99492c66f1174fc64bec40a9ca9cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2157
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4070-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.362324,VS0,VE1
etag: "1d8b2146621bab7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 2 KB
2 KB 8ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4030-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.362529,VS0,VE1
etag: "1d8b2146621a54f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK live-game-cta.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/nfl-components/ 428 B
1 KB 12ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/nfl-components/live-game-cta.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5d1f064f884a4594e05424464b5d6d0cd4eed5495042086e4296f242bfc14c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 61677
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 308
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4070-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.373415,VS0,VE1
etag: "1d8b2146621a32c"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK live-game-yahoo-cta.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/nfl-components/ 402 B
1 KB 10ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/nfl-components/live-game-yahoo-cta.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

62395563f638a3227da0c4cfeefda13f053ee80277d24f3609117a5ad66bacb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 288
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.375578,VS0,VE1
etag: "1d8b2146621a312"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK deferredService.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/services/ 751 B
1 KB 10ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/services/deferredService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 402
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4030-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.375106,VS0,VE1
etag: "1d8b2146621a06f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK googletagHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 2 KB
2 KB 11ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/googletagHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7e3c075ba97e2919379bb94ded7d9a7fad2b6364d33c0576fca0bc5cd9cf4840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 77321
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 754
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.378398,VS0,VE1
etag: "1d8b2146621a409"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/addons/services/ 180 B
940 B 13ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4061-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.380825,VS0,VE1
etag: "1d8b2146621a234"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 530 B
1 KB 18ms
15ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4027-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.384506,VS0,VE1
etag: "1d8b2146621a092"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK gigyaHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 3 KB
2 KB 7ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/gigyaHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3a0435d0fda0fcd4089048e5777b708154969ce1bd51b76aadba5f27d6b8bc93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1191
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-sna10720-LGB, cache-hhn4070-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.381353,VS0,VE1
etag: "1d8b2146621a9b5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/addons/services/ 790 B
1 KB 7ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/addons/services/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

4fdcdac7e2d396a2c015dc5e02be134c83b76d9aa8ac26adbd093df83f8e5fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78100
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 461
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.383534,VS0,VE1
etag: "1d8b2146621a196"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1660855821425
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1660855821425

7 KB
3 KB

33ms
32ms

XHR
application/json

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1660855821425

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1ac77d2c43254db9f1eac4820fbda88793235474afc8b91a1ae3b4fdf172ab45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-0481eca2e.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: DToxOekmTh4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1995
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v038-006789e8c.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.therams.com
X-TID: WvK4IUxTR/Q=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1660855821425
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 18ms
18ms Script
application/x-javascript 2a02:26f0:ea:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:296::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Thu, 18 Aug 2022 21:50:21 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 19ms
19ms Script
application/x-javascript 2a02:26f0:ea:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:296::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Thu, 18 Aug 2022 21:50:21 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 25 KB
9 KB 19ms
19ms Script
application/x-javascript 2a02:26f0:ea:296::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:296::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "26a8cd142b539700557eb4710c3d56bd:1644856531.982003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8753
expires: Thu, 18 Aug 2022 21:50:21 GMT

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10650-LGB, cache-hhn4027-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.453695,VS0,VE1
etag: "1d8b2146621a4a0"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/jquery/ 105 KB
40 KB 8ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/jquery/jquery-3.6.0.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 39864
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10665-LGB, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.456780,VS0,VE0
etag: "1d8b21466200667"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 2

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/3005386/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

7ms
7ms

Script
application/javascript

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:40:23 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 599
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: bmpKP3c4Km5M3D3SFg7O0r145rP-F_mJmi1oVYYyd_t2IrsBtoFcLw==

Redirect headers

location: /internal-cs/default/beacon.js
date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: oticLFPN0O2I7ygOUhNtjv5jdnB-MnBBpmTBqvJ5jH1YN_LUeZ3dJQ==
x-cache: Miss from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 152ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8Z32CEL1KS&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c70a2051e038daafbd0746e5ca39a19e2701eb07c9ec2564698a5e1def4f6a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72209
x-xss-protection: 0
expires: Thu, 18 Aug 2022 20:50:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 69ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: cLruOS7ZxrTt++Gwy1DJfZwT5u+PqjM+h6zgKhWplHwSs1FjqkJ6pf0dN0VUEoJ6Io3zv5CgBSWb7P4Wd1/5Ew==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 18 Aug 2022 20:50:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/ 66 KB
24 KB 78ms
22ms Script
application/javascript 18.66.17.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/p.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-43.vie50.r.cloudfront.net
Software: nginx /
Resource Hash: d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 01:25:56 GMT
Content-Encoding: gzip
Age: 69865
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Tue, 20 Apr 2021 20:53:44 GMT
Server: nginx
ETag: W/"607f3f58-10707"
Content-Type: application/javascript
Via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: VIE50-P1
X-Amz-Cf-Id: QNpy5ughegpSVidGr1LlJi4_gacyWY3M549ao5Knvzua0Xvq1Q-nFA==
Expires: Fri, 19 Aug 2022 01:25:56 GMT

GET
H2 200 5191967.js Show response
js.hs-scripts.com/ 1 KB
967 B 443ms
395ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5191967.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45cf78d4bd5fea42c98411bc30d739890c95cbe9c12e93173dda54fc18bee611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 04850a05-a65c-4ae1-8cc1-b0f5130b7acd
last-modified: Thu, 18 Aug 2022 20:46:27 GMT
server: cloudflare
x-trace: 2BA244FD3A6A9D0CDCEA86DA13248210E5C40DF953000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 73cd85747c479966-FRA
expires: Thu, 18 Aug 2022 20:51:21 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/43/ 247 KB
60 KB 110ms
32ms Script
text/javascript 2600:9000:211a:ac00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/43/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc4dde25a5a7430ac92a98e5ea5a91ce49f3c45e8791581c999da75221b1264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:41:57 GMT
content-encoding: br
age: 36505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 02 Aug 2022 14:10:37 GMT
server: AmazonS3
etag: W/"cdd513c37d4fc734e0fb03e5d9e813a7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: ZdRD0Av5hp0RFGdz83uMJka86jD929gvIuVboiAdLZI3rMVUb58gAQ==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 337 KB
45 KB 109ms
33ms XHR
application/json 2600:9000:211a:ac00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d1627f72485993621281a48bd4f0d5251aa69b37b51b643af4c59abdf68ad07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:02:03 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 64099
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 03:02:00 GMT
server: AmazonS3
etag: W/"4e8eea2033843e502fb29c8bf2909487"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 0ao7fdUrL_o4k9N_z8Y9dx1e3KavPu1seUmTVsJIi56Cz-Vb3hr0fw==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 151 KB
36 KB 138ms
63ms XHR
application/json 2600:9000:211a:ac00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01221da7571bda9135de704c433d67e3c4908ed930df8894a09fd812eee8b53e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 63993
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 03:03:46 GMT
server: AmazonS3
etag: W/"e40a23522f0a1d8d61ca13116f6503f2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: mB-fJS3t0S20UeyTYq5nsn2onqjYli25eLTVoNiKiilMNDgXO2tDHg==

GET
H2

200

react.production.min.js Show response
unpkg.com/react@17.0.2/umd/
Redirect Chain

https://unpkg.com/react@17/umd/react.production.min.js
https://unpkg.com/react@17.0.2/umd/react.production.min.js

11 KB
5 KB

16ms
16ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@17.0.2/umd/react.production.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17752085
fly-request-id: 01FT89TMFMHZ74572AM7VT29F2
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"2cb0-bAUYnMLQi7KnYJwALwZ1ycZw02I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73cd8574ce48928d-FRA

Redirect headers

date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GASAZ60Q308QQXPPRW6TEG21-fra
server: cloudflare
age: 593
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /react@17.0.2/umd/react.production.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73cd85748ded928d-FRA
access-control-allow-origin: *

GET
H2

200

react-dom.production.min.js Show response
unpkg.com/react-dom@17.0.2/umd/
Redirect Chain

https://unpkg.com/react-dom@17/umd/react-dom.production.min.js
https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js

118 KB
39 KB

19ms
18ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17752084
fly-request-id: 01FT89TKXQ07SBQ2CQT6W7Z5D4
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1d709-vwi4rRrXPBKnycshGSbOI6hh2wc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73cd8574ce49928d-FRA

Redirect headers

date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GASAZEPMXWEY1HT5C2Z4DJ9H-fra
server: cloudflare
age: 584
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /react-dom@17.0.2/umd/react-dom.production.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73cd85748dee928d-FRA
access-control-allow-origin: *

GET
H/1.1 200
OK livegameHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 692 B
1 KB 7ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/livegameHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

06d429557a21947eeecf89c2f9751970adb608607819574f1f8be1469ca215d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 61676
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 388
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855821.496812,VS0,VE1
etag: "1d8b2146621a034"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK sha256.min.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/sha256/ 9 KB
5 KB 12ms
11ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/sha256/sha256.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3888
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-lax10682-LGB, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.508697,VS0,VE1
etag: "1d8b214662181b9"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK nflTokenHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 3 KB
2 KB 7ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/nflTokenHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1146
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.517440,VS0,VE0
etag: "1d8b2146621a996"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK locationHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 995 B
1 KB 8ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/locationHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2bc1e39bc42a6b22ca0750f79347faf3d5720cccd8a3d611682dc53f715c82dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 502
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.525821,VS0,VE0
etag: "1d8b2146621a163"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK carousel.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 3 KB
2 KB 8ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/carousel.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6bb6f27c495e42eac7fdc790ff75d0917228612e4fbc625ee84488df8f20e5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78098
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1134
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10680-LGB, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.533677,VS0,VE1
etag: "1d8b2146621a892"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK tabs.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/ 822 B
1 KB 15ms
15ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/tabs.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78077
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 471
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4027-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.542077,VS0,VE1
etag: "1d8b2146621a1b6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK md5.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/md5/ 4 KB
2 KB 10ms
9ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/md5/md5.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1714
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.544034,VS0,VE1
etag: "1d8b2146621ada6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/jquery/plugins/ 803 B
1 KB 8ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4070-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.546308,VS0,VE1
etag: "1d8b2146621a1a3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/autocomplete/ 13 KB
6 KB 8ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4061-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.546753,VS0,VE1
etag: "1d8b2146621901b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/js-cookie/ 2 KB
2 KB 8ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4025-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.547271,VS0,VE1
etag: "1d8b2146621a566"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK stringHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 586 B
1 KB 8ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/stringHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 392
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4083-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.552734,VS0,VE1
etag: "1d8b2146621a0ca"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK dateHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 287 B
993 B 9ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/dateHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78099
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 202
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4070-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.555123,VS0,VE1
etag: "1d8b2146621a39f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK objectHelper.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/ 395 B
1 KB 7ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/helpers/objectHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78098
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 262
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-lax10630-LGB, cache-hhn4061-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.555604,VS0,VE0
etag: "1d8b2146621a30b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 2

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ 4 KB
2 KB 147ms
12ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: af34acadfc88bc43b1ccf5f8aeba73e316fa5c3b369602a8630204ea57ea9fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:42:00 GMT
content-encoding: gzip
x-soa: true, Gator
age: 501
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
content-length: 1699
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-callid: 6ae02a1c737f4b9e9a1cc4d0b27a607d
cache-control: public, s-maxage=900
x-server: us1d-nomad-g17
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ShEsQgg3PqQntaFiTjBTP2apz-MMKQtYNf0LDb759ncZ13jvA5aR4g==

GET
H/1.1 200
OK carouselCore.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/core/ 1 KB
1 KB 12ms
12ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/core/carouselCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

804b5aa180e095fff2fa8ad389c57a1640e94e3084a28ff21610d6f85b6c0fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78098
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 655
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10738-LGB, cache-hhn4070-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.576853,VS0,VE1
etag: "1d8b2146621a7f7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK keyboardNavigationService.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/services/carousel/ 4 KB
2 KB 9ms
8ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/services/carousel/keyboardNavigationService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bcd2cdc5985a1cac0f1ee443788c768f2f9a5524aafbe9b2e2b4456575b8f2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78097
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1374
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10634-LGB, cache-hhn4061-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.573798,VS0,VE1
etag: "1d8b2146621adbd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H3 200 604658169716205 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 253ms
230ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/604658169716205?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73dea9c78a03940721aa144f24590585de10d589ff4ae903b09ab908433be1ea

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: b/POWe5f0iTvFZxIjmwn02x2hw3g/qNxjLZ78WdlVGGw6qGvxZX7febZDbhWT+2gVYw3KlMk05dsnAhbEzq+Ww==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 18 Aug 2022 20:50:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660855821818
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 b2
sb.scorecardresearch.com/ 0
190 B 10ms
9ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005386&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=43&cs_cmp_rt=0&cs_it=b2&cv=3.8.0.210223&ns__t=1660855821576&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2F&c8=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&c9=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 0yQpEoEdHcpNoC6r7xAgDpA9zPZBHfsNzaGAmKzA26D7MjvrwfKtHg==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK tabsCore.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/core/ 1 KB
1 KB 8ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/modules/core/tabsCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78077
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 581
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-sna10733-LGB, cache-hhn4061-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.583049,VS0,VE1
etag: "1d8b2146621a673"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 133ms
30ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1660855821592&plid=21373754&idsite=therams.com&url=https%3A%2F%2Fwww.therams.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.therams.com%2F&sref=&sts=1660855821588&slts=0&title=Los+Angeles+Rams+Home+%7C+Los+Angeles+Rams+-+therams.com&date=Thu+Aug+18+2022+20%3A50%3A21+GMT%2B0000+(GMT)&action=pageview&pvid=65191191&u=pid%3D79692c9bdd4ba6f58e9d345132d73f3a
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 18-Aug-2022 20:50:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK sjouo9fohxqn1xnetimi.jpg
static.clubs.nfl.com/image/upload/v1652389990/rams/ 538 KB
539 KB 8ms
8ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/v1652389990/rams/sjouo9fohxqn1xnetimi.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: faac8d7d95ca789270ccf5cf794f9a06fe0d5c4a2e0e3fa47df288924ee55a9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 5718712
Edge-Cache-Tag: 356430553583485398061367276148130209091,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 356430553583485398061367276148130209091,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 551277
X-Served-By: cache-iad-kiad7000063-IAD, cache-iad-kjyo7100121-IAD, cache-hhn4061-HHN
Last-Modified: Thu, 12 May 2022 21:13:11 GMT
Server: cloudinary
X-Timer: S1660855822.637730,VS0,VE2
Etag: "53dff6e83216fcb17ac5959cd1c57c6b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK t6lsabayxreh9mijdgze.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 43 KB
44 KB 10ms
10ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/t6lsabayxreh9mijdgze.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b9bb44f9eb6bcf4624e64301806cccd190d31b18f811a58a4d7b450a04b03dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 6526
Edge-Cache-Tag: 626183243551778981186058754785924156816,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 626183243551778981186058754785924156816,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="t6lsabayxreh9mijdgze.webp"
Connection: keep-alive
Content-Length: 43540
X-Request-Id: a3e92b94e288132afaae6ecb29d11cf8
X-Served-By: cache-iad-kcgs7200156-IAD, cache-iad-kjyo7100096-IAD, cache-hhn4045-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Thu, 18 Aug 2022 19:01:36 GMT
Server: cloudinary
X-Timer: S1660855822.637522,VS0,VE1
Etag: "f365de1835983aae418d884c93d3f81d"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 63ms
7ms XHR
text/plain 18.193.0.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22gGpYeVwuEvd4w%22%2C%22domain%22%3A%22www.therams.com%22%2C%22publisher%22%3A%22Rams%20Web%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.43%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22UOLEk3ICAx4wPHwdg%2BNrnQ%22%2C%22clientTimestamp%22%3A1660855821649%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-o32afuypxo4aqb37uypd%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/43/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.0.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-0-23.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Aug 2022 20:50:21 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK dest5.html Show response
nfl.demdex.net/ Frame 2A56 7 KB
3 KB 130ms
30ms Document
text/html 54.216.133.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.133.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-133-37.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v038-0c1b2a0e8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qlipTplUT2o=
content-encoding: gzip
date: Thu, 18 Aug 2022 20:50:21 GMT
last-modified: Wed, 3 Aug 2022 11:53:45 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.nfl.com/ 48 B
506 B 92ms
18ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&mid=28497763729065705511560684432526360579&ts=1660855821681

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

cfde9888ac0d5f1af930f4d3129387484040888d19c9263dedde8be2d3c10920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-69c8d8cc76-wnjz8
vary: Origin
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yv6mDQAAAFSPYwNe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=28664114033281145681577195862555278524
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yv6mDQAAAFSPYwNe

42 B
942 B

34ms
33ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yv6mDQAAAFSPYwNe

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-0cd01d737.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QS0+pdxVSTQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yv6mDQAAAFSPYwNe
Date: Thu, 18 Aug 2022 20:50:21 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
nflenterprises.tt.omtrdc.net/rest/v1/ 357 B
722 B 150ms
40ms XHR
application/json 79.125.52.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nflenterprises.tt.omtrdc.net/rest/v1/delivery?client=nflenterprises&sessionId=547e5787526d42c88a9806078e20d108&version=2.9.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.52.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-52-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e95cd9c39e9cb7db60e67a71faa421a998500e4d32add3b4d807eced5ff478c1

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.therams.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 194b059ec40569c34ce616f65b3a92e5

GET
H/1.1 200
OK owl.carousel-2.3.4.min.js Show response
www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/owlcarousel2/ 49 KB
15 KB 12ms
12ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/vendor/owlcarousel2/owl.carousel-2.3.4.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 78098
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 14875
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4061-HHN
X-NFL-Dma: 276002
last-modified: Wed, 17 Aug 2022 08:36:09 GMT
server: envoy
X-Timer: S1660855822.715676,VS0,VE1
etag: "1d8b214662161c9"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Thu, 18 Aug 2022 20:50:21 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK NflUmdComponents.WatchLiveButtons.js Show response
p.nfltags.com/nfl/ 792 KB
247 KB 8ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: a5151782af3d024f55f6cc4ad6ce87f6b3ede122e0e3f3a40273e86fdf2d3502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Content-Encoding: gzip
Age: 5
X-Cache: HIT
Connection: keep-alive
Content-Length: 252403
X-Served-By: cache-hhn4037-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 18 Aug 2022 01:03:24 GMT
Server: nginx/1.20.2
X-Timer: S1660855822.730180,VS0,VE1
ETag: W/"62fd8fdc-c5e1e"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Thu, 18 Aug 2022 20:50:52 GMT
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK NflUmdComponents.WatchLiveButtonsFallbackPromo.js Show response
p.nfltags.com/nfl/ 550 KB
170 KB 27ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtonsFallbackPromo.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: a9ecc74dc31f30a2be09e7d13a393bcede54851344f7a12eeeb09b0dcbeef2c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:21 GMT
Content-Encoding: gzip
Age: 5
X-Cache: HIT
Connection: keep-alive
Content-Length: 173556
X-Served-By: cache-hhn4037-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 18 Aug 2022 01:03:24 GMT
Server: nginx/1.20.2
X-Timer: S1660855822.748784,VS0,VE1
ETag: W/"62fd8fdc-899b2"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Thu, 18 Aug 2022 20:50:52 GMT
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 138ms
58ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-861929325&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Z32CEL1KS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e957af792c5cbec1697b2f690606d629460cca8f12f33e116192ae470282114c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45847
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 19:13:42 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Aug 2022 20:50:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 137ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122484269-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Z32CEL1KS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fc204b3ab724d6efd26182ceb119e0e3f5b9cb041fa110465613771c19ebb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41880
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 19:13:42 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Aug 2022 20:50:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 105ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8Z32CEL1KS&gtm=2oe8h0&_p=1038637781&cid=2114773297.1660855822&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660855821&sct=1&seg=0&dl=https%3A%2F%2Fwww.therams.com%2F&dt=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Z32CEL1KS&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Api.aspx Show response
auth-id.nfl.com/gs/webSdk/ Frame 673F 116 KB
42 KB 24ms
9ms Document
text/html 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13318

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-97.fra56.r.cloudfront.net

Software

Resource Hash

6c87b3cec605e3e7dcd433fd91a5a7d65220bac033d7ce64f21e02c20c29e035

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 991
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 41887
content-type: text/html; charset=utf-8
date: Thu, 18 Aug 2022 20:33:49 GMT
edge-cache-tag: siteid_748934946734,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id: nrlZrFrpyxdl-Z778vpYbfriY_AVEc-qAJRiObV9HiECTpgh5KJy5Q==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-callid: 3c0cf64609794f338aa26bb25a1404c6
x-robots-tag: none
x-server: us1d-nomad-g24
x-soa: true, Gator

POST
H2 200 refresh Show response
api.nfl.com/identity/v3/token/ 935 B
1 KB 275ms
274ms Fetch
application/json 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token/refresh
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 2264b607cde85fe03e323e71b6f5924bebd8404378a442389ccfc6f00f9eb711

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
via: 1.1 varnish, 1.1 varnish
origin-site: LA3
x-cache: MISS, MISS
x-envoy-upstream-service-time: 119
content-length: 935
x-served-by: cache-nf-las9121-NF-LAS, cache-hhn4029-HHN
server: envoy
x-timer: S1660855822.005793,VS0,VE268
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0

OPTIONS
H2 200 refresh
api.nfl.com/identity/v3/token/ Frame 0
0 7ms
7ms Preflight
text/html 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token/refresh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Thu, 18 Aug 2022 20:50:21 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4029-HHN

POST
H2 200 refresh Show response
api.nfl.com/identity/v3/token/ 935 B
1 KB 289ms
288ms Fetch
application/json 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token/refresh
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtonsFallbackPromo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 61bcc99283fd988c431d00c133b04e6684188870a3879b39c015d6233e7ac06c

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
via: 1.1 varnish, 1.1 varnish
origin-site: LV1
x-cache: MISS, MISS
x-envoy-upstream-service-time: 140
content-length: 935
x-served-by: cache-nf-las9123-NF-LAS, cache-hhn4029-HHN
server: envoy
x-timer: S1660855822.043276,VS0,VE282
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0

OPTIONS
H2 200 refresh
api.nfl.com/identity/v3/token/ Frame 0
0 7ms
6ms Preflight
text/html 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token/refresh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Thu, 18 Aug 2022 20:50:22 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4029-HHN

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 673F 4 KB
2 KB 9ms
8ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: af34acadfc88bc43b1ccf5f8aeba73e316fa5c3b369602a8630204ea57ea9fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:42:00 GMT
content-encoding: gzip
x-soa: true, Gator
age: 502
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
content-length: 1699
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-callid: 6ae02a1c737f4b9e9a1cc4d0b27a607d
cache-control: public, s-maxage=900
x-server: us1d-nomad-g17
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: lHk3KRjKX8w5iYsY8G0AKUr3kRbXlo4v98SaJso1BP_7TbUqakSAig==

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 59ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604658169716205&ev=PageView&dl=https%3A%2F%2Fwww.therams.com%2F&rl=&if=false&ts=1660855822082&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660855822080.1608762492&it=1660855821574&coo=false&dpo=&rqm=GET

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 18 Aug 2022 20:50:22 GMT

GET
H2 200 s28633453025399 Show response
smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.4-LCUM/ 7 KB
7 KB 46ms
45ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.4-LCUM/s28633453025399?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=18%2F7%2F2022%2020%3A50%3A22%204%200&d.&nsid=0&jsonv=1&.d&sdid=64414F7DB3582DD0-344688CF121CFAB5&mid=28497763729065705511560684432526360579&aamlh=6&ce=UTF-8&pageName=rams%3Anews%3Aquotes%20%26%20notes%20%3Alanding&g=https%3A%2F%2Fwww.therams.com%2F&c.&visitorAPI=VisitorAPI%20Present&.c&cc=USD&ch=news&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=quotes%20%26%20notes&v2=rams%3Anews%3Aquotes%20%26%20notes%20%3Alanding&v3=news&v4=false&c8=news&c12=desktop&v14=quotes%20%26%20notes&v20=2.0.0.0&c22=nflclubsrams&v24=desktop&v25=nflclubsrams&c33=rams&v33=rams&c48=pv&v48=english&c49=NFL%20Clubs%20-%20Launch%7Cv20200225%7C2.22.4%7C5.4.0%7C2022-08-12T22%3A12%3A33Z%7CServer%20Side%20ID%7C2.9.0&c50=D%3Dmid&v50=D%3Dmid&c51=D%3Dv49&c52=D%3Dv9&v57=https%3A%2F%2Fwww.therams.com%2F&c67=landing&v67=desktop&c71=Launch&c72=D%3Dv57&c73=D%3Dv73&v73=www.therams.com&v83=landing&v88=deltatre&v94=cp%20video&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

9b139ad5a90d471cd49f8231ef3c33b86672e052017a9efa0c5af2445a1bdf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-aam-tid: tpRdU/OdRac=
date: Thu, 18 Aug 2022 20:50:22 GMT
x-content-type-options: nosniff
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
vary: *
content-length: 7139
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v038-0b30dd767.edge-irl1.demdex.com 6 ms
pragma: no-cache
last-modified: Fri, 19 Aug 2022 20:50:22 GMT
server: jag
xserver: anedge-69c8d8cc76-k5c47
etag: 3566660721023647744-4619624402468440034
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 17 Aug 2022 20:50:22 GMT

GET
H2 200 5191967.js Show response
js.hs-banner.com/ 60 KB
16 KB 441ms
408ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b921af962558ef57118c201f0c5b3e8d8667b9d7afc4b81838d8489231425d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 9J30W5J3BCG7K0M7
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: RCOeYHv2t2/byz6Z/Km5pMn6jeW/QPcTB4ZJe0bfRmQZq0bqjbHywBjqKOwaL6HW79HaE5fu4vg=
timing-allow-origin: *
last-modified: Tue, 16 Aug 2022 21:28:07 GMT
server: cloudflare
etag: W/"3c59868488a9e9fd098631ea751db542"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: NPTxybhJqFRlpIn_q7qTuDXt2Ouw2du4
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 73cd85785ef19bfe-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 18 Aug 2022 20:55:22 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 547 KB
88 KB 74ms
42ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8598f014db2cb1ee468796657129c4d2319715d818ad6a0ea1049b7873b19fe

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
via: 1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 53720
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1101/bundle/main/lead-flows-release.js&cfRay=73c865f26eb99c04-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 73cd85785eb29131-FRA
last-modified: Mon, 18 Jul 2022 01:14:17 UTC
server: cloudflare
etag: W/"46823b230a10099f9c99f5d6e551b1de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: yT2X7qjRd3nfD17wwjIyU26GMxKILzTr
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 2IXMW7rqBG7YjLOYnf02tVO1_iSQvwN6B7pPGePSXBle1ZB6HL4AzQ==
x-hs-target-asset: lead-flows-js/static-1.1101/bundle/main/lead-flows-release.js

GET
H2 200 5191967.js Show response
js.hs-analytics.net/analytics/1660855800000/ 62 KB
20 KB 182ms
148ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1660855800000/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a478f8c0fdf19656315058a4c85b70a42cb5aa825e725116983c6e485296c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: YGYZ9DSYMMN8VW5H
x-amz-server-side-encryption: AES256
cf-ray: 73cd85785a51904e-FRA
x-amz-id-2: EFCpDbIPmt2UHrf3SB0p1lviPUA7bUkhyRCx+jwkXXXa9PTnbXUq27EW6WCkwTkyyV2vT7qYdSY=
last-modified: Tue, 26 Jul 2022 14:59:49 GMT
server: cloudflare
etag: W/"c277152428ac961cf28aa904ec5e3208"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Thu, 18 Aug 2022 20:55:22 GMT

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/losangelesrams/staging/scripts/ 160 KB
44 KB 55ms
7ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/losangelesrams/staging/scripts/evergage.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bff1a38061c215d8db48e1da6d3724d1b88c4899feb42dddf26a58b6e73e947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: 3KXxqFnl7ZmOa2omXVgb41duf5xLf7CN
content-encoding: gzip
etag: "4322a9e9218089112f9d5218df9a5373"
timing-allow-origin: *
age: 49
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 44030
x-amz-id-2: cFTv4qb+lku2d4CqWlGexbs/1KaUQ7UCRz/eP3wtyzAbBz5KcqbzpVPA2BpMB9DVQBJacfOah5M=
x-served-by: cache-iad-kjyo7100077-IAD, cache-hhn4083-HHN
x-amz-meta-evergage-sum: eb3d6af0e708440e42ed44d0b51b694984ad742b
last-modified: Thu, 11 Aug 2022 17:43:33 GMT
server: AmazonS3
x-timer: S1660855822.153160,VS0,VE1
date: Thu, 18 Aug 2022 20:50:22 GMT
vary: Accept-Encoding
x-amz-request-id: BA7Z196NBWM9FJMW
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
36ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122484269-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6502
date: Thu, 18 Aug 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 18 Aug 2022 21:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
16 KB 166ms
69ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-861929325&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15380
x-xss-protection: 0
server: cafe
etag: 14955335288317425560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 20:50:22 GMT

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=9e2762fe-a60f-4000-affa-583a031c6af5&ddsuuid=28664114033281145681577195862555278524
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=28664114033281145681577195862555278524&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d28664114033281...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=9e2762fe-a60f-4000-affa-583a031c6af5&ddsuuid=28664114033281145681577195862555278524

42 B
942 B

32ms
31ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=9e2762fe-a60f-4000-affa-583a031c6af5&ddsuuid=28664114033281145681577195862555278524

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-053ca907f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qHjONFbLS8M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Thu, 18 Aug 2022 20:50:23 GMT
Server: MT3 4494 7cf1da7 master nrt-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=9e2762fe-a60f-4000-affa-583a031c6af5&ddsuuid=28664114033281145681577195862555278524
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 18 Aug 2022 20:50:22 GMT

GET
H2 200 accounts.webSdkBootstrap Show response
auth-id.therams.com/ 199 B
1 KB 321ms
129ms XHR
text/javascript 13.32.121.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2F&sdk=js_latest&sdkBuild=13318&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-67.fra60.r.cloudfront.net
Software: /
Resource Hash: 7ae6ec9f61f67f5c59e2f20ef76380cd8b68392182ed7c5dcd80dbc31b267f07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
x-soa: true, Gator
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
content-length: 167
access-control-allow-origin: https://www.therams.com
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-callid: 94a83f3d7ac24490847dc96395f7921e
cache-control: private
x-server: us1d-nomad-g25
access-control-allow-credentials: true
x-robots-tag: none
x-amz-cf-id: n0PiFLRP02xDQj0Rcp0-11BGxssZPbMx0-yo25x9Suh8Yt0H6gnFzg==

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 2A56
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=28664114033281145681577195862555278524
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=28664114033281145681577195862555278524&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
333 B

121ms
6ms

Image
image/gif

2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: AZySIRBLR43/+q0FAA
x-accel-expires: @1661520404
date: Thu, 18 Aug 2022 20:50:22 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: k5ARgGXf2oI
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 372218
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Thu, 18 Aug 2022 20:50:22 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
46ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1038637781&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therams.com%2F&ul=en-us&de=UTF-8&dt=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=1817289426&gjid=15816147&cid=2114773297.1660855822&tid=UA-122484269-1&_gid=186926369.1660855822&_r=1&gtm=2ou8h0&z=958030537

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c230b318-e67a-11ec-b23d-d15a91047884 Show response
api.nfl.com/football/v2/games/ 1 KB
861 B 8ms
7ms Fetch
application/json 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/football/v2/games/c230b318-e67a-11ec-b23d-d15a91047884?withExternalIds=true
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e4ce35be7ec5e2226c1bf1075ea91fa93e1f4aab2349b9763d34a4ed202a436c

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjbGllbnRJZCI6ImU1MzVjN2MwLTgxN2YtNDc3Ni04OTkwLTU2NTU2ZjhiMTkyOCIsImNsaWVudEtleSI6IjRjRlVXNkRtd0pwelQ5TDdMckczcVJBY0FCRzVzMDRnIiwiaXNzIjoiTkZMIiwiZGV2aWNlSWQiOiJjYmFiYmJjYS00NThhLTRmMzgtODE4Yi02MjhiNDJkOGZiY2MiLCJwbGFucyI6W3siZXhwaXJhdGlvbkRhdGUiOiIyMDIzLTA4LTE5IiwicGxhbiI6ImZyZWUiLCJzb3VyY2UiOiJORkwiLCJzdGFydERhdGUiOiIyMDIyLTA4LTE4Iiwic3RhdHVzIjoiQUNUSVZFIiwidHJpYWwiOmZhbHNlfV0sIkRpc3BsYXlOYW1lIjoiV0VCX0RFU0tUT1BfREVTS1RPUCIsIk5vdGVzIjoiIiwiZm9ybUZhY3RvciI6IkRFU0tUT1AiLCJsdXJhQXBwS2V5IjoiU1pzNTdkQkdSeGJMNzI4bFZwN0RZUSIsInBsYXRmb3JtIjoiREVTS1RPUCIsInByb2R1Y3ROYW1lIjoiV0VCIiwiY291bnRyeUNvZGUiOiJERSIsImRtYUNvZGUiOiIyNzYwMDIiLCJobWFUZWFtcyI6W10sImJyb3dzZXIiOiJDaHJvbWUiLCJjZWxsdWxhciI6ZmFsc2UsImVudmlyb25tZW50IjoicHJvZHVjdGlvbiIsImV4cCI6MTY2MDg1OTQyMn0.XqcZobfFH8ieOK-Cpf8aUjccf4OfbKAWVavyP2gANJ8
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 40
origin-site: LA3
x-cache: HIT, HIT
x-envoy-upstream-service-time: 6
content-encoding: gzip
content-length: 729
x-served-by: cache-nf-las9120-NF-LAS, cache-hhn4029-HHN
server: envoy
x-timer: S1660855822.291293,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 3, 1

OPTIONS
H2 200 c230b318-e67a-11ec-b23d-d15a91047884
api.nfl.com/football/v2/games/ Frame 0
0 7ms
6ms Preflight
text/html 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/football/v2/games/c230b318-e67a-11ec-b23d-d15a91047884?withExternalIds=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Thu, 18 Aug 2022 20:50:22 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4029-HHN

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/ 2 KB
2 KB 141ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/?random=1660855822294&cv=9&fst=1660855822294&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&auid=5229022.1660855822&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f003428cc977dba0a4e75bcc07522e60d4dd8d612cb73ec8f915be2d7da60569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 livestreams Show response
api.nfl.com/live/v1/ 421 B
574 B 8ms
7ms Fetch
application/json 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/live/v1/livestreams?contentType=GAME&endTime=2022-08-20T00%3A00%3A00.000Z&gameId=c230b318-e67a-11ec-b23d-d15a91047884&objectowner=23&startTime=2022-08-17T00%3A00%3A00.000Z
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 6e52436f13309d75d44f62ae6509abb938b795abefb314e1be36e2b1fa1d0dab

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjbGllbnRJZCI6ImU1MzVjN2MwLTgxN2YtNDc3Ni04OTkwLTU2NTU2ZjhiMTkyOCIsImNsaWVudEtleSI6IjRjRlVXNkRtd0pwelQ5TDdMckczcVJBY0FCRzVzMDRnIiwiaXNzIjoiTkZMIiwiZGV2aWNlSWQiOiJjYmFiYmJjYS00NThhLTRmMzgtODE4Yi02MjhiNDJkOGZiY2MiLCJwbGFucyI6W3siZXhwaXJhdGlvbkRhdGUiOiIyMDIzLTA4LTE5IiwicGxhbiI6ImZyZWUiLCJzb3VyY2UiOiJORkwiLCJzdGFydERhdGUiOiIyMDIyLTA4LTE4Iiwic3RhdHVzIjoiQUNUSVZFIiwidHJpYWwiOmZhbHNlfV0sIkRpc3BsYXlOYW1lIjoiV0VCX0RFU0tUT1BfREVTS1RPUCIsIk5vdGVzIjoiIiwiZm9ybUZhY3RvciI6IkRFU0tUT1AiLCJsdXJhQXBwS2V5IjoiU1pzNTdkQkdSeGJMNzI4bFZwN0RZUSIsInBsYXRmb3JtIjoiREVTS1RPUCIsInByb2R1Y3ROYW1lIjoiV0VCIiwiY291bnRyeUNvZGUiOiJERSIsImRtYUNvZGUiOiIyNzYwMDIiLCJobWFUZWFtcyI6W10sImJyb3dzZXIiOiJDaHJvbWUiLCJjZWxsdWxhciI6ZmFsc2UsImVudmlyb25tZW50IjoicHJvZHVjdGlvbiIsImV4cCI6MTY2MDg1OTQyMn0.XqcZobfFH8ieOK-Cpf8aUjccf4OfbKAWVavyP2gANJ8
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1
origin-site: LV1
x-cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 129
content-encoding: gzip
content-length: 355
x-served-by: cache-nf-las9120-NF-LAS, cache-lax10641-LGB, cache-hhn4029-HHN
server: envoy
x-timer: S1660855822.312818,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=30
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0, 1

OPTIONS
H2 200 livestreams
api.nfl.com/live/v1/ Frame 0
0 8ms
8ms Preflight
text/html 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/live/v1/livestreams?contentType=GAME&endTime=2022-08-20T00%3A00%3A00.000Z&gameId=c230b318-e67a-11ec-b23d-d15a91047884&objectowner=23&startTime=2022-08-17T00%3A00%3A00.000Z
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Thu, 18 Aug 2022 20:50:22 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4029-HHN

GET
H2 200 config Show response
api.nfl.com/v1/ 716 B
550 B 8ms
7ms Fetch
application/json 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/v1/config?c=%2Fpublic%2Fweb
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 599b04c417a675ed4f688db7f1cd6c45e52c779085123e40c61ca9fbd6131f9d

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

nfl_geo_country: DE
date: Thu, 18 Aug 2022 20:50:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 11
origin-site: LA3
x-cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 2
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
nfl_geo_zip: 32052
content-encoding: gzip
content-length: 339
x-served-by: cache-nf-las9120-NF-LAS, cache-lax10666-LGB, cache-hhn4029-HHN
server: envoy
x-timer: S1660855822.335257,VS0,VE1
vary: Accept-Encoding
x-nfl-app: config
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: NFL_GEO_COUNTRY,NFL_GEO_DMA,NFL_GEO_ZIP
nfl_geo_dma: 276002
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 5, 1, 1

OPTIONS
H2 200 config
api.nfl.com/v1/ Frame 0
0 7ms
6ms Preflight
text/html 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/v1/config?c=%2Fpublic%2Fweb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-expose-headers: NFL_GEO_COUNTRY,NFL_GEO_DMA,NFL_GEO_ZIP
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Thu, 18 Aug 2022 20:50:22 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4029-HHN

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=F4N8PyAC1OoMt85
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=F4N8PyAC1OoMt85

42 B
942 B

32ms
31ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=F4N8PyAC1OoMt85

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-043538ae8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7qnq2yOlTu0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 20:50:21 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0b07b63ab2330e6f2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=F4N8PyAC1OoMt85
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 72ms
18ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122484269-1&cid=2114773297.1660855822&jid=1817289426&gjid=15816147&_gid=186926369.1660855822&_u=YCDACUAABAAAAC~&z=825742779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Aug 2022 20:50:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=6031289576951394711
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6031289576951394711

42 B
942 B

32ms
32ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=6031289576951394711

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-09331a469.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zQtuzUfVQEw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 20:50:22 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0b7f2de5-1c25-4856-b689-d08c050f60cb
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=6031289576951394711
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/861929325/ 42 B
548 B 138ms
53ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/861929325/?random=1660855822294&cv=9&fst=1660852800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=1935975751&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/861929325/ 42 B
548 B 129ms
48ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/861929325/?random=1660855822294&cv=9&fst=1660852800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=1935975751&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 107B 88 KB
31 KB 8ms
7ms Document
text/html 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-97.fra56.r.cloudfront.net

Software

Resource Hash

977f9245f3494a45aeb7e18c9bb989a9764c3b4df8e1714a5e8a88f801352d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1791
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 31627
content-type: text/html; charset=utf-8
date: Thu, 18 Aug 2022 20:20:31 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id: A0AAXjXZWjKEr8UaiWKfnYPLlJB-xJjB1yvXWlu8MUoO7IiYqT5iJQ==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-callid: d8d1e76c6f214f9d9029c35c66cbf046
x-robots-tag: none
x-server: us1d-nomad-g25
x-soa: true, Gator

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame B6B1 88 KB
31 KB 8ms
7ms Document
text/html 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-97.fra56.r.cloudfront.net

Software

Resource Hash

977f9245f3494a45aeb7e18c9bb989a9764c3b4df8e1714a5e8a88f801352d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1791
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 31627
content-type: text/html; charset=utf-8
date: Thu, 18 Aug 2022 20:20:31 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id: mDid1eeVUrGQXczgzQ2qkrfq9IH8M32GDYCpapo2t1biXcDUOoR9lA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-callid: d8d1e76c6f214f9d9029c35c66cbf046
x-robots-tag: none
x-server: us1d-nomad-g25
x-soa: true, Gator

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 111ms
64ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=2114773297.1660855822&jid=1817289426&_u=YCDACUAABAAAAC~&z=1703939240

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 123ms
81ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=2114773297.1660855822&jid=1817289426&_u=YCDACUAABAAAAC~&z=1703939240

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 107B 4 KB
2 KB 8ms
7ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: 1a1bf36808495bf72821a2dbd8e0609b83f936ef83b989ea4fd9a51c4634a341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:36:25 GMT
content-encoding: gzip
x-soa: true, Gator
age: 837
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
content-length: 1694
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-callid: 34850d3a252445498da888007db3b9e2
cache-control: public, s-maxage=900
x-server: us1d-nomad-g15
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: JRHj_RRNZ40eDQjuR9bf0HEX3kGEjBZOpHTw4R1j5LhzKapgdwI4Ng==

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame B6B1 4 KB
2 KB 7ms
7ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: 1a1bf36808495bf72821a2dbd8e0609b83f936ef83b989ea4fd9a51c4634a341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:36:25 GMT
content-encoding: gzip
x-soa: true, Gator
age: 837
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
content-length: 1694
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-callid: 34850d3a252445498da888007db3b9e2
cache-control: public, s-maxage=900
x-server: us1d-nomad-g15
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: waEa9MouZvlGtdvACCqqxQH8haXJ4l-6pwu2uXbpQ0eLjpYxhQKMCA==

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=9037757071320561458
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=9037757071320561458

42 B
942 B

35ms
35ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=9037757071320561458

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-0ee6e918f.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: F2FpC8VRQrY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=9037757071320561458
pragma: no-cache
date: Thu, 18 Aug 2022 20:50:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604658169716205&ev=Microdata&dl=https%3A%2F%2Fwww.therams.com%2F&rl=&if=false&ts=1660855822585&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com%22%2C%22meta%3Adescription%22%3A%22Los%20Angeles%20Rams%20Home%3A%20Official%20team%20site%20with%20news%2C%20videos%2C%20photos%2C%20schedule%2C%20roster%2C%20depth%20charts%2C%20transactions%2C%20statistics%2C%20player%20profiles%20and%20ticket%20info.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Official%20Site%20of%20the%20Los%20Angeles%20Rams%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.therams.com%2F%22%2C%22og%3Alocale%22%3A%22en-US%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660855822080.1608762492&it=1660855821574&coo=false&dpo=&es=automatic&tm=3&rqm=GET

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 18 Aug 2022 20:50:22 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
966 B 172ms
136ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=5191967&rcu=https%3A%2F%2Fwww.therams.com%2F&pu=https%3A%2F%2Fwww.therams.com%2F&t=Los+Angeles+Rams+Home+%7C+Los+Angeles+Rams+-+therams.com&cts=1660855822630&vi=a0ea75ba956f954976afaf60143d0602&nc=true&u=121074455.a0ea75ba956f954976afaf60143d0602.1660855822627.1660855822627.1660855822627.1&b=121074455.1.1660855822628&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2446ea81-befb-4ef4-a7d2-3e55901a45d6
cf-ray: 73cd857baf2abbe9-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xay5s0QMX5gCqWAMKwIDB7a%2FFWZIji9k%2BjHqgUCJTeTLHxqGu2F4k%2F1Zv8dwAcS81MQSiVPgCez6kQFTURsnLbRabn2%2BaanoXi2qjVwkLNqLEevoZbxSjMua0ZRbYKLH%2BUwRG%2FqccGxUj2G8SZ0B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 255 B
1 KB 189ms
156ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5191967&utk=a0ea75ba956f954976afaf60143d0602&__hstc=121074455.a0ea75ba956f954976afaf60143d0602.1660855822627.1660855822627.1660855822627.1&__hssc=121074455.1.1660855822628&currentUrl=https%3A%2F%2Fwww.therams.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e0cc37501811a4b6c8753729966f1c6dcd21bd8b09a268e9cad845de7ec895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cb608efe-2eb0-4496-a5d5-e71539ddbd13
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcrgmYbI%2FAd%2FBxMOHH3ZNnMV%2Bnt3LIBW%2FnjFq30GW%2BFLltB8QzOVootqudspiJQxVnNjGu0D9DniDI%2FBu%2FUUtaf1DUxcMP4QEVBM8UXuCqknySyCJOLo193W7wUqoip0x%2FwVD3bLIOExnvzNp0%2B6"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 73cd857bba3c8fd1-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 8ms
7ms Image
image/svg+xml 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 5659219
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Server-Timing: fastly;dur=116;cpu=0;start=2022-06-14T08:50:03.723Z;desc=miss,rtt;dur=0,cloudinary;dur=112;start=2022-06-14T08:50:03.725Z
Content-Length: 3390
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
X-Served-By: cache-iad-kcgs7200079-IAD, cache-hhn4080-HHN
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1660855823.645121,VS0,VE1
Date: Thu, 18 Aug 2022 20:50:22 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Connection: keep-alive
X-Cache-Hits: 3, 1

GET
H/1.1 200
OK HOU
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 1 KB
2 KB 8ms
8ms Image
image/svg+xml 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/HOU

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9c016c1575b12f1f28f9c1a4da2cc91a7da7d62cbfea4c9a2b70a01d40fed0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 226771
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="HOU"
Server-Timing: fastly;dur=3;cpu=0;start=2022-08-16T05:50:51.822Z;desc=hit,rtt;dur=0
Content-Length: 687
Etag: "d7600e883c694e4f7bc3a91c8132c98c"
X-Served-By: cache-iad-kcgs7200137-IAD, cache-hhn4032-HHN
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:24:00 GMT
Server: Cloudinary
X-Timer: S1660855823.644875,VS0,VE1
Date: Thu, 18 Aug 2022 20:50:22 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Connection: keep-alive
X-Cache-Hits: 4, 1

GET
H/1.1 200
OK ng3owh4n3h9mg9gfcthc
static.clubs.nfl.com/image/private/f_auto/rams/ 17 KB
18 KB 8ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/ng3owh4n3h9mg9gfcthc
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/80b72e5fd07dbb3da686a47a38e178c3/functions/intersectionObserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f84b4447d116e974b6f3646109d552c4a44505026d7417cea3ea251e9af0ee7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:22 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 661472
Edge-Cache-Tag: 352665967413951146933992078677468419321,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 352665967413951146933992078677468419321,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="ng3owh4n3h9mg9gfcthc.webp"
Connection: keep-alive
Content-Length: 17514
X-Served-By: cache-iad-kiad7000051-IAD, cache-iad-kjyo7100039-IAD, cache-hhn4061-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sat, 14 Aug 2021 22:21:10 GMT
Server: cloudinary
X-Timer: S1660855823.645693,VS0,VE0
Etag: "a32d2e76f0e8458b0a6e0d380b85c296"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 2

GET
H2 200 client.js Show response
apis.google.com/js/ 14 KB
6 KB 142ms
44ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aa8d0c1148b74439f6e3532e0e9d414bee2478ead4fff619df3150dd3689e8e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5577
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 18 Aug 2022 20:50:22 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "36a1678799ae347b"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 20:50:22 GMT

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 04BA 88 KB
31 KB 8ms
8ms Document
text/html 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-97.fra56.r.cloudfront.net

Software

Resource Hash

977f9245f3494a45aeb7e18c9bb989a9764c3b4df8e1714a5e8a88f801352d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1791
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 31627
content-type: text/html; charset=utf-8
date: Thu, 18 Aug 2022 20:20:31 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id: DRv4cUXi938wJBd9rTgCp-25QWS4VGKECsaL5pL_bf8a1KyqQnOwsQ==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-callid: d8d1e76c6f214f9d9029c35c66cbf046
x-robots-tag: none
x-server: us1d-nomad-g25
x-soa: true, Gator

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2022081820502300011082999383
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=28664114033281145681577195862555278524&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022081820502300011082999383

42 B
942 B

32ms
32ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022081820502300011082999383

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-0652c8532.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5DTMy9jjR+4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022081820502300011082999383
pragma: no-cache
date: Thu, 18 Aug 2022 20:50:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 18 Aug 2022 20:50:23 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
2 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

213a70f3ad660ed4fd9ed031e8e294b9515242f5cfb73dd784288da917b66905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mUYwEWmIbiAVORtrhkN/sA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: hVNSwbAtwbC4YANJrK7ud4YQjRHxHvGaFYgc4IkSlLjpN82kIeNod3Vz3A0Z+UwBha7n4Rf1dgEGeCMaFGGOyg==
x-fb-content-md5: 5c9da080b0dc93cb80d2e1e46298b628
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 18 Aug 2022 20:50:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "1ed5c74f1d82e8bddcce636007acd1ff"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 18 Aug 2022 20:50:48 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 04BA 4 KB
2 KB 8ms
7ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: 1a1bf36808495bf72821a2dbd8e0609b83f936ef83b989ea4fd9a51c4634a341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:36:25 GMT
content-encoding: gzip
x-soa: true, Gator
age: 837
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
content-length: 1694
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-callid: 34850d3a252445498da888007db3b9e2
cache-control: public, s-maxage=900
x-server: us1d-nomad-g15
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Xi1CILAjFFIkiIl5mjfXJZ_JcBD6z_q309URKIal0H02zcww8ER-uw==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 40ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3fa28f6c46e5da982355a326bef8a2c1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f009fff9fb6ea372e78d105d6a4105c4c31b23fd5769b483cf04d4dfc50c816b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ez/CXugSztYOdNvMDtLcgw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86507
x-fb-rlafr: 0
x-fb-debug: TPOIBSeY2gCpToNQDub8Vg6Ucs+uhwBT64XRU8dNI1NvKCXE14XMBkCzbHzUGoh5s32Lk4VbpxsZpC7LjNMQtQ==
x-fb-content-md5: 9992908c1f67cc393497533842893061
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 18 Aug 2022 20:50:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8b998f26446395a4aaafbc4132f45f60"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Aug 2023 18:26:56 GMT

GET /
adb2waycm-atl.netmng.com/cm/ Frame 2A56 0
0

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 40ms
39ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3fa28f6c46e5da982355a326bef8a2c1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Dw6F+6/zOBybFD0H2ThRAwZDJ+dnMArRppp/SFkEpyIUFaysFpZh15I4r+Z4hSwdV8ZBnzshRVDnVEOmEiO4pw==
fb-s: unknown
date: Thu, 18 Aug 2022 20:50:22 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 309 KB
105 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc876a53dc1550440043da2c9666dc520be2e271365bd64fd0ae440d100dfb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 00:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107095
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 00:13:12 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEMFM8QKNtbYRtD7UEM4cd_Q&google_cver=1
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Mjg2NjQxMTQwMzMyODExNDU2ODE1NzcxOTU4NjI1NTUyNzg1MjQ=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMFM8QKNtbYRtD7UEM4cd_Q&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

31ms
31ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMFM8QKNtbYRtD7UEM4cd_Q&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-0b8676b4d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sP6C8+z/SQM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMFM8QKNtbYRtD7UEM4cd_Q&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 2A56 43 B
355 B 169ms
109ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=28664114033281145681577195862555278524&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 102
date: Thu, 18 Aug 2022 20:50:23 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: fe935f04c6590d894e396cddcb175b2878ffdb9027ee7e7eeea45955ce18e525
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 2A56
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEKIOLb0b5uNGgqnKcB1JTLU&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

32ms
29ms

Image
image/png

54.154.5.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.154.5.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 18 Aug 2022 20:50:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 2A56
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEK...
https://pixel.everesttech.net/1x1

128 B
796 B

29ms
29ms

Image
image/png

54.154.5.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.154.5.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 18 Aug 2022 20:50:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 2A56
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
30ms

Image
image/png

54.154.5.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.154.5.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 18 Aug 2022 20:50:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 2A56
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

54.154.5.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.154.5.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 18 Aug 2022 20:50:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 2A56
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

54.154.5.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.154.5.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 18 Aug 2022 20:50:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2A56 70 B
265 B 102ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

sync
ups.analytics.yahoo.com/ups/28/ Frame 2A56
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true&verify=true

0
17 B

11ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:23 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true&verify=true
date: Thu, 18 Aug 2022 20:50:23 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 2A56
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXY2bURRQUFBRlNQWXdOZQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

54.154.5.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.154.5.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 18 Aug 2022 20:50:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=wpS_pPQ59sci9tL8mXG_HGbhg4StFvv2&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=wpS_pPQ59sci9tL8mXG_HGbhg4StFvv2&gdpr=0&gdpr_consent=

42 B
942 B

32ms
31ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=wpS_pPQ59sci9tL8mXG_HGbhg4StFvv2&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-088c0343d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: x+xRkchmTs4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=wpS_pPQ59sci9tL8mXG_HGbhg4StFvv2&gdpr=0&gdpr_consent=
date: Thu, 18 Aug 2022 20:50:23 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4257
content-length: 227
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=28664114033281145681577195862555278524&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

30ms
30ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-08c61db4b.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: pQR8rknmSg0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Thu, 18 Aug 2022 20:50:24 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=28664114033281145681577195862555278524&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bM5Des5E2pETBUCqVSusnF317NqGojgzoWw-~A

42 B
942 B

32ms
31ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bM5Des5E2pETBUCqVSusnF317NqGojgzoWw-~A

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-0481eca2e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yAzMjKwfS/U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 18 Aug 2022 20:50:24 GMT
via: http/1.1 spdc0104.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bM5Des5E2pETBUCqVSusnF317NqGojgzoWw-~A
content-length: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 2A56 43 B
356 B 69ms
20ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=28664114033281145681577195862555278524&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 2A56
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Yv6mDQAAAFSPYwNe&sigv=1&esig=1~a70cc165e4d61073a752af8c762dd9e6fe98ba78

0
194 B

418ms
20ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Yv6mDQAAAFSPYwNe&sigv=1&esig=1~a70cc165e4d61073a752af8c762dd9e6fe98ba78

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:24 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Yv6mDQAAAFSPYwNe&sigv=1&esig=1~a70cc165e4d61073a752af8c762dd9e6fe98ba78
Date: Thu, 18 Aug 2022 20:50:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXY2bURRQUFBRlNQWXdOZQ==

170 B
188 B

42ms
41ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXY2bURRQUFBRlNQWXdOZQ==

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660855824.418303,VS0,VE0
x-served-by: cache-hhn4060-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXY2bURRQUFBRlNQWXdOZQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2A56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yv6mDQAAAFSPYwNe&expires=90

0
239 B

71ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yv6mDQAAAFSPYwNe&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660855824.481717,VS0,VE0
x-served-by: cache-hhn4060-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yv6mDQAAAFSPYwNe&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2A56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yv6mDQAAAFSPYwNe
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yv6mDQAAAFSPYwNe&C=1

43 B
946 B

53ms
35ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yv6mDQAAAFSPYwNe&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73cd85884e0990d4-FRA
pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6vcSZ7zlQpavMWwnNa3jnCyYc%2Fqv5gGyoCbmp1DF6XsT8YIZaRf%2B4%2Fs9JgV3BFTQv7nObre3W4fKyuEIJXNV5sWuUR54p4o5H%2FNzBvpEzxjsenwK0yu32XwgrgoRSw01MWuB%2F0GsaUozA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54vDl%2FH5aTCZJJwLvLuHkNPj49mdYiLxsfSDFTTnA6bCeCUlQlGaA2ZVlfOPQrpVVrxAJnqTxZiXAgJLQzR0xVl79cQGuKMvnTdXgUlR1SONPoDRJFeKJQ%2FCP2PamFl1bqZXTNmXzC0Tlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=Yv6mDQAAAFSPYwNe&C=1
cache-control: no-cache
cf-ray: 73cd85880cec9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2A56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Yv6mDQAAAFSPYwNe

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Yv6mDQAAAFSPYwNe

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 20:50:24 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ed73e0f6-1327-4411-a708-647365fd55e2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660855825.683722,VS0,VE0
x-served-by: cache-hhn4060-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Yv6mDQAAAFSPYwNe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2A56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yv6mDQAAAFSPYwNe

43 B
273 B

106ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yv6mDQAAAFSPYwNe
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660855825.783701,VS0,VE0
x-served-by: cache-hhn4060-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yv6mDQAAAFSPYwNe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2A56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yv6mDQAAAFSPYwNe

0
225 B

94ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yv6mDQAAAFSPYwNe
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:50:23 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660855825.884819,VS0,VE0
x-served-by: cache-hhn4060-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yv6mDQAAAFSPYwNe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 2A56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yv6mDQAAAFSPYwNe&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yv6mDQAAAFSPYwNe&img=1&__user_check__=1&sync_id=62607bb6-1f37-11ed-9e21-19b4ac340106

43 B
548 B

18ms
18ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yv6mDQAAAFSPYwNe&img=1&__user_check__=1&sync_id=62607bb6-1f37-11ed-9e21-19b4ac340106
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 52
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 18 Aug 2022 20:50:25 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=Yv6mDQAAAFSPYwNe&img=1&__user_check__=1&sync_id=62607bb6-1f37-11ed-9e21-19b4ac340106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 89
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame 2A56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yv6mDQAAAFSPYwNe&t=2592000&o=0

43 B
70 B

34ms
34ms

Image
image/gif

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yv6mDQAAAFSPYwNe&t=2592000&o=0

Protocol

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:50:25 PDT
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: xARRxFiTBUsaDVE4X9cb4CbsZXPNHVRC/L7/L1PJF+usrHDrqsUXoWgrLLzImky5RsxwLlfUv45PNi7F3QpySA==
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Thu, 18 Aug 2022 13:50:25 PDT

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660855825.087007,VS0,VE0
x-served-by: cache-hhn4060-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yv6mDQAAAFSPYwNe&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 2A56 43 B
376 B 47ms
15ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 18 Aug 2022 20:50:25 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660855825.218537,VS0,VE9
x-served-by: cache-hhn4051-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame 2A56
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
960 B

30ms
30ms

Image
image/gif

34.241.142.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-142-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-07455e011.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300,104
X-TID: +cmSgznIQF8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:50:25 GMT
server: istio-envoy
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2A56
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=n8HvmpdZQ2ab4juPoaukUQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28664114033281145681577195862555278524

43 B
556 B

104ms
104ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28664114033281145681577195862555278524

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 20:50:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EHQW6KB8TP84A5X49R2W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v038-04c8fac1a.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: l44q6/5NSaE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28664114033281145681577195862555278524
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK gzn74g0avlrcexiroabh.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 63 KB
64 KB 8ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/gzn74g0avlrcexiroabh.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9a5667b640df386d88cb10b2aa883bdb9896caf05a7d5476aae9d724bd62ee4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 20:50:26 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 16912
Edge-Cache-Tag: 587007747743976018158764194247296414994,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 587007747743976018158764194247296414994,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="gzn74g0avlrcexiroabh.webp"
Connection: keep-alive
Content-Length: 64088
X-Request-Id: a905e6077c03314a9d97edd35d30e98c
X-Served-By: cache-iad-kjyo7100109-IAD, cache-iad-kcgs7200032-IAD, cache-hhn4061-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Thu, 18 Aug 2022 16:08:36 GMT
Server: cloudinary
X-Timer: S1660855827.655031,VS0,VE1
Etag: "787baea6f1f28d0d3029629d370efc39"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 s23460413902987 Show response
smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.4-LCUM/ 7 KB
7 KB 43ms
43ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.4-LCUM/s23460413902987?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=18%2F7%2F2022%2020%3A50%3A26%204%200&d.&nsid=0&jsonv=1&.d&mid=28497763729065705511560684432526360579&aamlh=6&ce=UTF-8&pageName=rams%3Anews%3Aquotes%20%26%20notes%20%3Alanding&g=https%3A%2F%2Fwww.therams.com%2F&cc=USD&ch=news&v2=rams%3Anews%3Aquotes%20%26%20notes%20%3Alanding&v3=news&c8=news&v9=rams%3Anews%3Aquotes%20%26%20notes%20%3Alanding&c22=nflclubsrams&v25=nflclubsrams&v26=c230b318-e67a-11ec-b23d-d15a91047884&c48=o&c49=NFL%20Clubs%20-%20Launch%7Cv20200225%7C2.22.4%7C5.4.0%7C2022-08-12T22%3A12%3A33Z%7CServer%20Side%20ID%7C2.9.0&c50=D%3Dmid&v50=D%3Dmid&c51=D%3Dv49&c52=D%3Dv9&v57=https%3A%2F%2Fwww.therams.com%2F&c72=D%3Dv57&c73=D%3Dv73&v73=www.therams.com&v94=no%20watch%20live%20CTA&v100=PREGAME&pe=lnk_o&pev2=watch%20CTA&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&lrt=48&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

1beefd237ecaae5991dd0444cc75c8a98e1ae35f63c94341387c16d782deb818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-aam-tid: GJfemeGJR1A=
date: Thu, 18 Aug 2022 20:50:26 GMT
x-content-type-options: nosniff
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
vary: *
content-length: 7139
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v038-0972c09bf.edge-irl1.demdex.com 6 ms
pragma: no-cache
last-modified: Fri, 19 Aug 2022 20:50:26 GMT
server: jag
xserver: anedge-69c8d8cc76-7pgkk
etag: 3566660728288870400-4619715904421116247
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 17 Aug 2022 20:50:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therams.com/	1969-12-31 23:59:59	Name: at_check Value: true
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 13363-3-27680910
.demdex.net/	1970-01-20 09:40:07	Name: demdex Value: 28664114033281145681577195862555278524
.therams.com/	1970-01-20 05:20:57	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.therams.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1660855821588%2C%22slts%22:0}
.therams.com/	1970-01-20 14:50:19	Name: _parsely_visitor Value: {%22id%22:%22pid=79692c9bdd4ba6f58e9d345132d73f3a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1660855821588}
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
.therams.com/	1970-01-20 14:56:55	Name: _ga_8Z32CEL1KS Value: GS1.1.1660855821.1.0.1660855821.0.0.0
.everesttech.net/	1970-01-20 14:06:31	Name: everest_g_v2 Value: g_surferid~Yv6mDQAAAFSPYwNe
.dpm.demdex.net/	1970-01-20 09:40:07	Name: dpm Value: 28664114033281145681577195862555278524
.therams.com/	1970-01-20 14:56:55	Name: mbox Value: session#547e5787526d42c88a9806078e20d108#1660857682\|PC#547e5787526d42c88a9806078e20d108.37_0#1724100622
.therams.com/	1970-01-20 07:30:31	Name: _fbp Value: fb.1.1660855822080.1608762492
.therams.com/	1970-01-20 05:20:57	Name: s_pv Value: rams%3Anews%3Aquotes%20%26%20notes%20%3Alanding
.therams.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.therams.com/	1970-01-20 14:56:55	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19223%7CMCMID%7C28497763729065705511560684432526360579%7CMCAAMLH-1661460621%7C6%7CMCAAMB-1661460621%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1660863021s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19230%7CvVersion%7C5.4.0
.therams.com/	1970-01-20 07:30:31	Name: _gcl_au Value: 1.1.5229022.1660855822
.auth-id.nfl.com/	1970-01-20 14:06:31	Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: auth-id.therams.com
.therams.com/	1970-01-20 14:56:55	Name: _ga Value: GA1.2.2114773297.1660855822
.therams.com/	1970-01-20 05:22:22	Name: _gid Value: GA1.2.186926369.1660855822
.therams.com/	1970-01-20 05:20:55	Name: _gat_gtag_UA_122484269_1 Value: 1
.exelator.com/	1970-01-20 08:13:43	Name: EE Value: "42ade3b234367fbc4895e2c1ef593fa7"
.exelator.com/	1970-01-20 08:13:43	Name: ud Value: "eJxrXxzq6XKLQcHEKDEl1TjJyNjE2Mw8LSnZxMLSNNUo2TA1zdTSOC3RfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAZEl%252BUWb6IhfXxUUpaQyLSopPBR%252BMjAEAsnwqQA%253D%253D"
.w55c.net/	1970-01-20 14:51:10	Name: wfivefivec Value: F4N8PyAC1OoMt85
.w55c.net/	1970-01-20 06:04:07	Name: matchdmx Value: 5
.auth-id.therams.com/	1970-01-20 14:06:31	Name: gmid Value: gmid.ver4.AcbH7LZf4A.KXNMtChj658cziDxJQkp28Qr7VVjftmr19UVMmAaZiHVtkhsAt4VJC8e3s2usuVe.lxLjw0RL0xgkWW06QdrB3lUnCr4tuv8Ve-EMfMGxIRZzxn2grY8oJCwveowMv60wlPwLz9Dj6YBDPZtSffUThg.sc3
.auth-id.therams.com/	1970-01-20 14:06:31	Name: ucid Value: VcZG3j2Lszb7qWhXsEuuUA
.auth-id.therams.com/	1970-01-20 09:45:57	Name: hasGmid Value: ver4
.therams.com/	1970-01-20 14:06:31	Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ Value: auth-id_ver4
.adnxs.com/	1970-01-20 07:30:31	Name: uuid2 Value: 6031289576951394711
.auth-id.nfl.com/	1970-01-20 14:06:31	Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: false
.auth-id.nfl.com/	1970-01-20 14:06:31	Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: 13363-3-27680910
www.therams.com/	1970-01-20 09:40:07	Name: __hstc Value: 121074455.a0ea75ba956f954976afaf60143d0602.1660855822627.1660855822627.1660855822627.1
www.therams.com/	1970-01-20 09:40:07	Name: hubspotutk Value: a0ea75ba956f954976afaf60143d0602
www.therams.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.therams.com/	1970-01-20 05:20:57	Name: __hssc Value: 121074455.1.1660855822628
.turn.com/	1970-01-20 09:40:07	Name: uid Value: 9037757071320561458
.hubspot.com/	1970-01-20 05:20:57	Name: __cf_bm Value: jPSulkwi9RM8YkVC1F_UYleJwBCiPAWgsKKoUo8xRfo-1660855822-0-AYORNa6BMxGPcFwlciKy3IefGtcawiFq9UuFJ0p9AGW3OB6jUbZdaBDLhz0ey8iZheK7F34vQ2ZDNGPjw369j9g=
.therams.com/	1969-12-31 23:59:59	Name: s_ptc Value: pt.rdr%240.05%5E%5Ept.apc%240.00%5E%5Ept.dns%240.00%5E%5Ept.tcp%240.03%5E%5Ept.req%240.01%5E%5Ept.rsp%240.01%5E%5Ept.prc%241.68%5E%5Ept.onl%240.02%5E%5Ept.tot%241.80%5E%5Ept.pfi%241
.doubleclick.net/	1970-01-20 14:42:31	Name: IDE Value: AHWqTUl9e-ZFZCRaZ4uEx6HJXKJFZgwhHsOOJdHUlIwHYSlNfuo4M7bRkrBTffB6R8w
.twitter.com/	1970-01-20 14:56:55	Name: personalization_id Value: "v1_JWrv/D5TcjcBYqy8sTMcaA=="
.mathtag.com/	1970-01-20 14:46:51	Name: uuid Value: 9e2762fe-a60f-4000-affa-583a031c6af5
.everesttech.net/	1970-01-20 06:05:34	Name: ev_sync_ax Value: 20220818
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: Yv6mDwAABHxywW2t
.yahoo.com/	1970-01-20 14:06:53	Name: A3 Value: d=AQABBA-m_mICEAhxC9RYjM9CCuCklKi2O8gFEgEBAQH3_2IIYwAAAAAA_eMAAA&S=AQAAAgvgZmyKiEyiUyUtCMLu2IA
.criteo.com/	1970-01-20 14:42:31	Name: uid Value: 2c380546-6032-4f6c-bf61-2a2003672313
.eyeota.net/	1970-01-20 05:20:56	Name: SERVERID Value: 19347~DM
.everesttech.net/	1970-01-20 06:05:34	Name: ev_sync_yh Value: 20220818
.casalemedia.com/	1970-01-20 14:06:31	Name: CMID Value: Yv6mEO.sQ2kE2-CaW9SokQAA
.casalemedia.com/	1970-01-20 07:30:31	Name: CMPS Value: 5148
.casalemedia.com/	1970-01-20 07:30:31	Name: CMPRO Value: 5148
.adnxs.com/	1970-01-20 07:30:31	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GTres3qK!]tbPl1MwL(!R7qUY$+PAkyHoYWJWlI)VxICePsu4Zbks<QG=%9sk?bIRwi:w9Ld1ImrIYTWBCu(lOfM!x%oC*P0vC
.casalemedia.com/	1970-01-20 07:30:31	Name: CMTS Value: 1134
.spotxchange.com/	1970-01-20 06:01:15	Name: audience Value: 62607b6a-1f37-11ed-9e21-19b4ac340106
.demdex.net/	1970-01-20 09:40:07	Name: dextp Value: 269-1-1660855822124\|3-1-1660855822225\|359-1-1660855822326\|358-1-1660855822426\|470-1-1660855822538\|843-1-1660855822663\|640-1-1660855822765\|771-1-1660855822865\|1123-1-1660855822966\|1083-1-1660855823067\|1085-1-1660855823168\|1086-1-1660855823269\|1087-1-1660855823370\|1088-1-1660855823470\|903-1-1660855823571\|6835-1-1660855823672\|19913-1-1660855823772\|28645-1-1660855823873\|30064-1-1660855823974\|30646-1-1660855824075\|30862-1-1660855824175\|83349-1-1660855824276\|144230-1-1660855824377\|144231-1-1660855824478\|144232-1-1660855824578\|144233-1-1660855824679\|144234-1-1660855824780\|144235-1-1660855824881\|144236-1-1660855824981\|144237-1-1660855825082\|147592-1-1660855825183\|152416-1-1660855825284\|139200-1-1660855825385
.amazon-adsystem.com/	1970-01-20 10:46:22	Name: ad-id Value: A_jNED2Xt0iri9DYq3eDMJA
.amazon-adsystem.com/	1970-01-20 14:56:55	Name: ad-privacy Value: 0
.undertone.com/	1970-01-20 14:06:31	Name: UTID Value: f88c268c8b9f4903b590e6f695082cf7
.undertone.com/	1970-01-20 14:06:31	Name: UTID_ENC Value: epq4wofosezcudb1f49a94zcn

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.therams.com/(Line 205) Message: A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/(Line 206) Message: A preload for 'https://www.therams.com/compiledassets/theming/9c1710eb28ecb50f3b9dd9d56e12097a' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://ups.analytics.yahoo.com/ups/28/sync?uid=28664114033281145681577195862555278524&_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.therams.com/ Message: The resource https://www.therams.com/compiledassets/theming/9c1710eb28ecb50f3b9dd9d56e12097a was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.therams.com/ Message: The resource https://www.therams.com/compiledassets/css/base.css?_t=e6df8d993ea56ea9649712da19095f80 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
analytics.twitter.com
api.nfl.com
apis.google.com
assets.adobedtm.com
audit-tcfv2.cmp.quantcast.com
auth-id.nfl.com
auth-id.therams.com
cdn.evgnet.com
cdn.onesignal.com
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cmp.quantcast.com
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
evt.undertone.com
forms.hubspot.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
nflenterprises.tt.omtrdc.net
odr.mookie1.com
onesignal.com
p.nfltags.com
p1.parsely.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
quantcast.mgr.consensu.org
region1.google-analytics.com
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
smetrics.nfl.com
static.clubs.nfl.com
static.www.nfl.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
test.cmp.quantcast.com
therams.com
track.hubspot.com
trc.taboola.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
103.229.205.243
104.18.18.126
104.244.42.195
13.32.121.17
13.32.121.67
142.250.74.194
15.236.176.210
151.101.1.153
151.101.129.152
151.101.129.153
151.101.192.114
151.101.65.153
151.101.66.49
172.217.16.194
172.217.18.2
18.193.0.23
18.193.198.179
18.198.126.47
18.66.17.43
185.64.189.110
185.89.210.153
185.94.180.125
2001:4860:4802:34::36
2001:678:cb4:bbbb::13
212.82.100.182
23.47.209.16
2600:9000:211a:ac00:9:46dc:4700:93a1
2600:9000:223c:ca00:6:44e3:f8c0:93a1
2600:9000:2240:2000:9:46dc:4700:93a1
2600:9000:2304:5a00:3:a4cd:8380:93a1
2606:4700:4400::ac40:9a55
2606:4700::6810:7eaf
2606:4700::6811:44b0
2606:4700::6811:d4cc
2606:4700::6811:e9cc
2606:4700::6812:e234
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1288:80:807::1
2a00:1450:4001:801::200e
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9c
2a02:2638:1::13
2a02:26f0:ea:296::1e80
2a02:6ea0:c700::17
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::300
3.126.56.137
3.127.178.105
3.33.220.150
34.241.142.170
34.247.98.180
34.98.64.218
34.98.67.61
52.17.99.225
52.201.208.245
52.222.236.97
52.46.128.147
54.154.5.146
54.216.133.37
54.93.60.116
69.173.144.138
69.192.160.219
79.125.52.138
99.86.4.115
01221da7571bda9135de704c433d67e3c4908ed930df8894a09fd812eee8b53e
06d429557a21947eeecf89c2f9751970adb608607819574f1f8be1469ca215d3
06f2f8756599914d284c595fbff44205b62c8039be1ebacbc86f3bf45fbcfc8f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b921af962558ef57118c201f0c5b3e8d8667b9d7afc4b81838d8489231425d5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14709a4cdf76028870e32cbf601d5822a6169ad427d7982982db282844a072ee
1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9
1671c3dceb95698fab06ae23604e12c7e0828913828e7a54bb62ba8a45c61f1d
187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915
1a1bf36808495bf72821a2dbd8e0609b83f936ef83b989ea4fd9a51c4634a341
1ac77d2c43254db9f1eac4820fbda88793235474afc8b91a1ae3b4fdf172ab45
1beefd237ecaae5991dd0444cc75c8a98e1ae35f63c94341387c16d782deb818
213a70f3ad660ed4fd9ed031e8e294b9515242f5cfb73dd784288da917b66905
2264b607cde85fe03e323e71b6f5924bebd8404378a442389ccfc6f00f9eb711
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f
24f8d71db24e7953618303f5a1b2a65c3381ccdc9ddec171cb833164de0e076f
2bc1e39bc42a6b22ca0750f79347faf3d5720cccd8a3d611682dc53f715c82dd
2bff1a38061c215d8db48e1da6d3724d1b88c4899feb42dddf26a58b6e73e947
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3a0435d0fda0fcd4089048e5777b708154969ce1bd51b76aadba5f27d6b8bc93
3c6ee2db8f21171f3d93e12093c33e5fedd1f55480c5ea1e75bc6f4c1746ff7b
3d1627f72485993621281a48bd4f0d5251aa69b37b51b643af4c59abdf68ad07
3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5
3f3060ece094097feb40c8b919c5b44a0798362a67bd346d29453debfdcf0b54
44162d91b43b569b82bde0fa6b322917cc29b78b639e6a99813bf738ff691284
45cf78d4bd5fea42c98411bc30d739890c95cbe9c12e93173dda54fc18bee611
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fdcdac7e2d396a2c015dc5e02be134c83b76d9aa8ac26adbd093df83f8e5fdd
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
51c6543f886ad7a6aee0e9c53cf42af71843863d9a792582cb7b4ea32649645e
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3
599b04c417a675ed4f688db7f1cd6c45e52c779085123e40c61ca9fbd6131f9d
5d1f064f884a4594e05424464b5d6d0cd4eed5495042086e4296f242bfc14c4d
61bcc99283fd988c431d00c133b04e6684188870a3879b39c015d6233e7ac06c
61dcf9b1c65c352f85c8619ecb5d868fcaef26dad46b814abd098464234e6e2b
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
62395563f638a3227da0c4cfeefda13f053ee80277d24f3609117a5ad66bacb7
64f2f1f02fc851d4d6bdaab153f5511584d04c8fbe30742a2acedc68f955d547
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6b97959fd23987c7e5888b3625ce5b1ddf317086be85a603318eda3e7463a932
6bb6f27c495e42eac7fdc790ff75d0917228612e4fbc625ee84488df8f20e5f7
6c87b3cec605e3e7dcd433fd91a5a7d65220bac033d7ce64f21e02c20c29e035
6e52436f13309d75d44f62ae6509abb938b795abefb314e1be36e2b1fa1d0dab
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
713e5cd3ee66ef7b32c38e84d115ef43ca441cac4e88c6320a36d5446a4f8814
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
73dea9c78a03940721aa144f24590585de10d589ff4ae903b09ab908433be1ea
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
7ae6ec9f61f67f5c59e2f20ef76380cd8b68392182ed7c5dcd80dbc31b267f07
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e3c075ba97e2919379bb94ded7d9a7fad2b6364d33c0576fca0bc5cd9cf4840
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
804b5aa180e095fff2fa8ad389c57a1640e94e3084a28ff21610d6f85b6c0fe3
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
82515c0f922258f4154443f676019e7a222f85afb23bc81ceb616ac055ac61bc
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8
977f9245f3494a45aeb7e18c9bb989a9764c3b4df8e1714a5e8a88f801352d0e
9a478f8c0fdf19656315058a4c85b70a42cb5aa825e725116983c6e485296c87
9a5667b640df386d88cb10b2aa883bdb9896caf05a7d5476aae9d724bd62ee4d
9aa8d0c1148b74439f6e3532e0e9d414bee2478ead4fff619df3150dd3689e8e
9b139ad5a90d471cd49f8231ef3c33b86672e052017a9efa0c5af2445a1bdf47
9c016c1575b12f1f28f9c1a4da2cc91a7da7d62cbfea4c9a2b70a01d40fed0b4
9c69cfc85fbac9e5d01d191a3cecfb7a940c02fdedfabd94d1e42fbc763da1d4
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d
9fc204b3ab724d6efd26182ceb119e0e3f5b9cb041fa110465613771c19ebb5c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4
a4e0cc37501811a4b6c8753729966f1c6dcd21bd8b09a268e9cad845de7ec895
a5151782af3d024f55f6cc4ad6ce87f6b3ede122e0e3f3a40273e86fdf2d3502
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
a9ecc74dc31f30a2be09e7d13a393bcede54851344f7a12eeeb09b0dcbeef2c5
ab15c82a59fb7fe870a1647e29f4f132fb99492c66f1174fc64bec40a9ca9cf0
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
ac00f3cecc9eef12f3853268387a481506bf85a817fe192130ca72770b97ddd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af34acadfc88bc43b1ccf5f8aeba73e316fa5c3b369602a8630204ea57ea9fe4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a0468ca1d69210db78aefafae46d1fd7efe8b3bfb43ac999b9398384b8dea7
b5dd7532bde5ec8603b649e7097aa28cc4d95e57cdc1e26e767c508098fc1ac9
b9bb44f9eb6bcf4624e64301806cccd190d31b18f811a58a4d7b450a04b03dbc
bc876a53dc1550440043da2c9666dc520be2e271365bd64fd0ae440d100dfb3a
bcd2cdc5985a1cac0f1ee443788c768f2f9a5524aafbe9b2e2b4456575b8f2b0
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c06f3fcb3a93af5c96f6d7eda17c8bf3bb02fc99b8d68e4fea7cfecd1d0fe948
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c6a9563efc298908aaa1fbfe750739d7e2ddc36f5a32b33f66c9a045bc997e97
c70a2051e038daafbd0746e5ca39a19e2701eb07c9ec2564698a5e1def4f6a74
ceefac20b0eb7f371f4fda5df5999508915c5e325433e63235f891a4ec00ff72
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfab52cc7b2b5bf6b7b11949a985cb1d6e62ec9b04fa1fee0b4901164a3331bd
cfde9888ac0d5f1af930f4d3129387484040888d19c9263dedde8be2d3c10920
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868
d87efda72dac76418ccc8e03916c7ca543d94d22f57b71177e6f9f9f7408177c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ce35be7ec5e2226c1bf1075ea91fa93e1f4aab2349b9763d34a4ed202a436c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8598f014db2cb1ee468796657129c4d2319715d818ad6a0ea1049b7873b19fe
e957af792c5cbec1697b2f690606d629460cca8f12f33e116192ae470282114c
e95cd9c39e9cb7db60e67a71faa421a998500e4d32add3b4d807eced5ff478c1
e973beb94df06a2b8cc634db4063e97fc13e6c8cbfee8dc20cee752aa587aea2
e99e90d1a5a6cb07d12b33b2c5ffb55fe2bfae7d437f8725d9a2c8dc804aca93
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc4dde25a5a7430ac92a98e5ea5a91ce49f3c45e8791581c999da75221b1264
f003428cc977dba0a4e75bcc07522e60d4dd8d612cb73ec8f915be2d7da60569
f009fff9fb6ea372e78d105d6a4105c4c31b23fd5769b483cf04d4dfc50c816b
f72c8c65f89a858d7cd253603abec60fa8183fc8e695cd9c8e7b2092a7bec6ac
f84b4447d116e974b6f3646109d552c4a44505026d7417cea3ea251e9af0ee7b
faac8d7d95ca789270ccf5cf794f9a06fe0d5c4a2e0e3fa47df288924ee55a9f
fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9
ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

www.therams.com Open in urlscan Pro 151.101.1.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

82 %HTTPS

42 %IPv6

54 Domains

76 Subdomains

60 IPs

10 Countries

3351 kBTransfer

9785 kBSize

58 Cookies

64 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.therams.com Open in urlscan Pro
151.101.1.153 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

82 %
HTTPS

42 %
IPv6

54
Domains

76
Subdomains

60
IPs

10
Countries

3351 kB
Transfer

9785 kB
Size

58
Cookies

184 HTTP transactions
2 data transactions