www.therams.com Open in urlscan Pro
151.101.193.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://therams.com/
Effective URL:
https://www.therams.com/
Submission: On September 30 via manual (September 30th 2023, 9:12:34 am UTC) from US — Scanned from DE

Summary HTTP 229 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 39 domains to perform 229 HTTP transactions. The main IP is 151.101.193.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 212519.
TLS certificate: Issued by R3 on September 27th 2023. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	151.101.65.153 151.101.65.153	54113 (FASTLY) (FASTLY)
50	151.101.193.153 151.101.193.153	54113 (FASTLY) (FASTLY)
11	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:983::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.201.252.242 23.201.252.242	16625 (AKAMAI-AS) (AKAMAI-AS)
19	151.101.129.153 151.101.129.153	54113 (FASTLY) (FASTLY)
8	151.101.65.152 151.101.65.152	54113 (FASTLY) (FASTLY)
9	65.9.66.36 65.9.66.36	16509 (AMAZON-02) (AMAZON-02)
2 13	34.241.182.209 34.241.182.209	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	34.247.108.36 34.247.108.36	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.108 63.140.62.108	15224 (OMNITURE) (OMNITURE)
8 8	52.212.121.189 52.212.121.189	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.22 63.140.62.22	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	63.140.62.160 63.140.62.160	16509 (AMAZON-02) (AMAZON-02)
1	108.156.2.44 108.156.2.44	16509 (AMAZON-02) (AMAZON-02)
12	54.76.47.0 54.76.47.0	16509 (AMAZON-02) (AMAZON-02)
1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	52.29.154.74 52.29.154.74	16509 (AMAZON-02) (AMAZON-02)
12	2600:9000:224... 2600:9000:2248:de00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1 1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2600:1f18:1ac... 2600:1f18:1aca:4282:19c4:d57a:bf57:c630	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
7 11	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
6 12	54.77.207.49 54.77.207.49	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
7 7	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1 1	108.138.199.84 108.138.199.84	16509 (AMAZON-02) (AMAZON-02)
1 1	18.66.97.47 18.66.97.47	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
229	45

5 151.101.65.153 (United States) 1 redirects

ASN54113 (FASTLY, US)

therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 151.101.193.153 (United States)

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:983::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.252.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-252-242.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.129.153 (United States)

ASN54113 (FASTLY, US)

p.nfltags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.65.152 (United States)

ASN54113 (FASTLY, US)

api.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.66.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-36.fra56.r.cloudfront.net

auth-id.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.241.182.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c5d43a33ec2e8c38f1e03383ac9ab556.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.108.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-108-36.eu-west-1.compute.amazonaws.com

nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.108 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-108.data.adobedc.net

smetrics.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.212.121.189 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-121-189.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-22.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net

sedge.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-44.mxp63.r.cloudfront.net

auth-id.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.76.47.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.154.74 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-154-74.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2248:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.77.207.49 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-207-49.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.130.49 (United States) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.199.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-199-84.mxp64.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.47 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-47.fra56.r.cloudfront.net

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	therams.com 1 redirects therams.com — Cisco Umbrella Rank: 193200 www.therams.com — Cisco Umbrella Rank: 212519 auth-id.therams.com — Cisco Umbrella Rank: 980918	569 KB
37	nfl.com static.clubs.nfl.com — Cisco Umbrella Rank: 19576 api.nfl.com — Cisco Umbrella Rank: 9208 auth-id.nfl.com — Cisco Umbrella Rank: 10874 smetrics.nfl.com — Cisco Umbrella Rank: 11566 sedge.nfl.com — Cisco Umbrella Rank: 19393 static.www.nfl.com — Cisco Umbrella Rank: 10276	578 KB
36	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 1025 static.adsafeprotected.com — Cisco Umbrella Rank: 851 dt.adsafeprotected.com — Cisco Umbrella Rank: 765	604 KB
27	everesttech.net 21 redirects cm.everesttech.net — Cisco Umbrella Rank: 1990 pixel.everesttech.net — Cisco Umbrella Rank: 7943 sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	10 KB
23	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	185 KB
20	googlesyndication.com c5d43a33ec2e8c38f1e03383ac9ab556.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	397 KB
15	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319 nfl.demdex.net — Cisco Umbrella Rank: 24603 adobedc.demdex.net — Cisco Umbrella Rank: 11293	18 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 635	219 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	343 KB
5	nfltags.com p.nfltags.com — Cisco Umbrella Rank: 17342	910 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 509 cms.analytics.yahoo.com — Cisco Umbrella Rank: 2484 ads.yahoo.com — Cisco Umbrella Rank: 11896	763 B
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 429	2 KB
3	google.com apis.google.com — Cisco Umbrella Rank: 242 www.google.com — Cisco Umbrella Rank: 11	117 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 2754 load77.exelator.com — Cisco Umbrella Rank: 5879	2 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 9420 evt.undertone.com — Cisco Umbrella Rank: 8365	1000 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 640	757 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	289 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	89 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	1 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 907	409 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1547	449 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 863	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 649	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 2038	213 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1620	418 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 2383	331 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	149 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1065	395 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 2843	175 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 2206	402 B
1	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 2250	443 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 958	303 B
1	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 13122	169 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 626	78 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 657	29 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
229	39

	Domain	Requested by
50	www.therams.com	www.therams.com p.nfltags.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
15	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net www.googletagservices.com
14	static.clubs.nfl.com	www.therams.com
13	dpm.demdex.net	2 redirects www.therams.com
12	pixel.everesttech.net	6 redirects
12	dt.adsafeprotected.com	www.therams.com
12	static.adsafeprotected.com	pixel.adsafeprotected.com www.therams.com
12	pixel.adsafeprotected.com	www.therams.com
11	cdn.cookielaw.org	www.therams.com cdn.cookielaw.org
9	auth-id.nfl.com	cdns.us1.gigya.com auth-id.nfl.com
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
8	api.nfl.com	p.nfltags.com
7	sync-tm.everesttech.net	7 redirects
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	p.nfltags.com	www.therams.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	static.www.nfl.com	www.therams.com
3	s.amazon-adsystem.com	2 redirects
3	ib.adnxs.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	gum.criteo.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	cdns.us1.gigya.com connect.facebook.net
2	apis.google.com	cdns.us1.gigya.com apis.google.com
2	pm.w55c.net	2 redirects
2	loadm.exelator.com	2 redirects
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	pixel.advertising.com	1 redirects
1	match.adsrvr.org
1	www.google.com	tpc.googlesyndication.com
1	analytics.twitter.com	www.therams.com
1	x.dlx.addthis.com	1 redirects
1	d.turn.com	1 redirects
1	load77.exelator.com	www.therams.com
1	sync.mathtag.com	www.therams.com
1	auth-id.therams.com	cdns.us1.gigya.com
1	sedge.nfl.com	assets.adobedtm.com
1	adobedc.demdex.net	assets.adobedtm.com
1	smetrics.nfl.com	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	c5d43a33ec2e8c38f1e03383ac9ab556.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdns.us1.gigya.com	www.therams.com
1	assets.adobedtm.com	www.therams.com
1	imasdk.googleapis.com	www.therams.com
1	therams.com	1 redirects
0	sync.search.spotxchange.com Failed
0	adb2waycm-atl.netmng.com Failed	www.therams.com
229	60

This site contains links to these domains. Also see Links.

Domain
ramsnewlook.com
www.ramsfanshop.com
www.pntrac.com
sports.yahoo.com
www.ticketmaster.com
itunes.apple.com
play.google.com
www.ramssuites.com
am.ticketmaster.com
www.facebook.com
www.instagram.com
www.snapchat.com
www.youtube.com
www.tiktok.com
open.spotify.com
www.linkedin.com
rams.formstack.com
twitter.com
www.teamworkonline.com
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.commanders.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com
privacyportal.onetrust.com
www.onetrust.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
cdns.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-07` - `2023-12-07`	a year	crt.sh
ndc-production-san.nfl.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
clubsweb.san1.nfl.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
auth-id.nfl.com Amazon RSA 2048 M02	`2023-09-22` - `2024-10-20`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.nfl.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-30` - `2024-08-29`	a year	crt.sh
adobedc.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sedge.nfl.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-04` - `2024-09-03`	a year	crt.sh
auth-id.therams.com Amazon RSA 2048 M02	`2023-09-18` - `2024-10-17`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
static.www.nfl.com R3	`2023-08-09` - `2023-11-07`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-09` - `2023-10-07`	3 months	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.therams.com/
Frame ID: ACF299232D8BFB4FFBB1D2556F241CB7
Requests: 131 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=15406
Frame ID: C4EE7C57E814295EB916357BA8EB1861
Requests: 2 HTTP requests in this frame

Frame: https://c5d43a33ec2e8c38f1e03383ac9ab556.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3596AC7DF8F21F2A1955E04309B2A0AC
Requests: 1 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: F3BA1D7D5A5E03F489D1AF2A4AFE12CE
Requests: 34 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswyDEOo67YPjYcON0moM5W22BfUHwjWJ6hYXRtGl9OXRv3uUNK5gv1MxIK9Lq7c4CF2XhUTG6gdzHzJepPiqpri5a7sMaa3qZ4cZS1ZUiOCouUSjMT5-npl4Bud5k1_Zg05VX5J1NA-XHrN7pSvMJkw0SjCOr0Fx17IA9e0ITUB07B1llsktT5R4Grf7aPYNTNAkWE5bxx5qCpBxi2RxQMQOmZE8sISgVhNsbMo1R5ALz5NAAHXCs4olGc6Boz7XMPEfAGaPdgvrwboREGzWF7tMkKJz-Y0RWvtT2t2Yn9DbkTsL5LycAxnl9TWyQt2DLfukoa&sai=AMfl-YQYLjJD_dNBRXEuzWjHVMcDGQw6Nm0prMJxF39Rhn7W5m4Z7xEOAgPf-QbptB_t8rOW6kaxGgvRGMHaZ5VDh6-xqvB8NscnMAFXrYV5YqTuAVibJAAXctqV2V-sWVz6zsVtjpD_RoXQAYoUmFA&sig=Cg0ArKJSzJ0Qv6JCUEs0EAE&uach_m=[UACH]&adurl=
Frame ID: E5B1A17D1D0056B1C46A0560E18AE5D4
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSLDBSpBMVPiVOga6TEH4PmU4YrQXy48h2-usw7i8BxEKBxZEwfjy3nDwHYie0fFKEL1MJsPpMnbs2lnXThMIU6mr5L_0Lc2ogakUfZ6krB1_IM9p-AWafwqkoB_jYtbALq6caTvYz5iNxmvAqxKf1kPWZontgKQrOTpVGPLp1REAFsTVAzwPHOByr8GvlnyyJUDZrG0uLb6MO0dKXuUTSmLqK9w-fvw_Jc4jNW8maDaYfQq-ti_nlB_Euc6MkYT1zXakAur_YYUn7RtsZ5kjrkQlcWxwyNRzH3TZ2T_oELobl8cI3y2aSmtE_QomiHwBt9YbY&sai=AMfl-YTsKf6vDhAe-iVo3ZsWJ9vE2SB5OddWvISriIAoYw2OKNe1RrH-UlEm9eq6bbe7kRUC16Akybi4-AZhxW27FZkKTba0P_5JlLwja8G3tvLj1gNkoidWlCY8Nz8zdjiEhkCECT2l_c4IFGQPOFM&sig=Cg0ArKJSzPGFUOawG_1rEAE&uach_m=[UACH]&adurl=
Frame ID: 2C11E0220F38BB6EA286B02086F58BD6
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLjArFbq5MwmG8RgAGl8PwcoGu46oqTwk-yZ1ZlsSK19rUsSsOQBrlsIKT2OpGv6tlndZJA6SeJBd0BI9zSJalIqdxWhJHXuh6iFFy-9vZPxiUEkuOTzsQdGkrr5YJXHvAw3W94M26soIWlN4A8CRxT8iLFiwFK2vu0pCsSQCMGtJgt4-6m3AsDH1WkAUizMLmxF0yMMQzyvj3abWPn85x7H5CUMAU3YS5Q0MKsRiN7GBOpEuuUnQAxHPpmU-6jtvZ4zyeCvYuxWRSzumjIgE74C1m3xprinTJ-XeRE0qqWkjoXkhLsC2lRqWLyC5QkpsNOG9K&sai=AMfl-YQYCCWEWSfpYf6lGaYdq3F9Gv-7Zar05ZXMexHX9QP_itDT5fL_c6_wsJnLZrTie5G7LqXt-XOEzyaYgoximJUeORFbNHCCiAG1rmEwa9JSZqtk7woU_6cuLOnZFUCeNjagNCrkAk6QTpS7HUs&sig=Cg0ArKJSzFQf33z7DZ4LEAE&uach_m=[UACH]&adurl=
Frame ID: FCF6D599D5AEC63FBCF91AE2B6B46EEE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6kNli1f0n6KeNEnGo5A9M-cWUSZF0x3xzuFkMh-PzzHU1TGRpbclIYs7AflFAlDldDv6yis0K8YJP7TfCadvWuknWAf58XIGuAVwLQEvTtKjnbjieg_aq0zrtOlJWHf1iLMdW2rEONaiTJMWURZt3n8BrTQaSisHW4gWEdnAU6r4f8WBjldT1mp71MNJ26LOXmBI-NcAVvIC_NjUfvfDlnGun-8_MNN2aMA_mexHA41lWuhVZRPpkocOM0Vrt3oU5vpISps9NZmVVh9_xwCRcRs3ZpMgeAL12dkSw5zSQEMo8kxNTra685-VUh7fdlZQ_TYMq&sai=AMfl-YTr9Np6dyG4GIyNllVctiz-qIMnb7J7Kg6tb2d4dR0C-9QY_tqVN3DpOGWl8GKkS6fOTTR_a8JQ8pJlGt_-c3gMFJ9NxT6L0xPcLJIMRITo2GW4pixb4bRHyYmEvYFXr3zoLgywK2UNS9hACBA&sig=Cg0ArKJSzMzRvZYVgnHQEAE&uach_m=[UACH]&adurl=
Frame ID: 59BF86847419BB01A4AC6ACC543E7664
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudHPPszPar2LeO0FG2zbt3xIcN3thoZymbbzEpodT185pCVix1NG13u2UEv9m6RkI4ucK5lhCoG2mDKu4zCl60MWUfkzbnWS6zWow7vKFjowOV7Hu-Y5GJY4Xj0ct2D_zIQO7Pq073kM7ZZYaHpCQYJ9UnCwhDyxj5hdXtuez41iqzXvsB-5dK1-xYAdOccpaPLr7cGaDC4MnBoVCuZ2L67RcSdqFqjbGtvbGNdKV7wjAOEQtVUgrPyXsxnagIyfEz5aBZPfFbPxfbUw9xgmGld0vGCytukmjixZF-M44IzKJein_NVzGFgfuKZDnwl7AsZAL3&sai=AMfl-YSRZYKxhASWz6PbXjzdWZXoqzIY6kayNTFLhoEwpPbexxha5g-_LAb2xHTtSzWtW-v1RTedo7KG_rQsKXVwO54CrlOu4znMM2Nw8y_Q556IJP-wGyKO_sVfQXxvwfcU-j0nfgZ1Pmu2YXNXrsQ&sig=Cg0ArKJSzB8V8Kp49BZpEAE&uach_m=[UACH]&adurl=
Frame ID: 060F2EB21049DBA3576E7333C4232CF4
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueM_xDo_OKg42EBoqGZxXRGFDgA2MmRvYcWTavsIsclxFDI1PhYdXd6P0mFGjK2nAmW9WMyeQovnHgc-mNb5NK0PL7R6ZDqM7Z2CXb3-HUr54W2o98PQkPtQYm7EKoQYPtTIQGVYEhdAKtmQz6FZaMY6u68lVkJuPz9BQKj-_AQpyFqaDhk9uhoGODV92aJiIB21iYiS6pqeM8oVNDruNOXRsT-VJIxhZqaShLu6kUtgsI4jMsA0NafWi9PE1d-2OQaCQNfMh6muejDWlnk1k0j8kRAnT-VuVaY-ke7OXvTfBWSk8Ekwzpje887nhIOgloThml&sai=AMfl-YRSOEfNwFtLkQfBcB6mUZ_4_E_1AwH8x73funHP_wROZ50X_obwbaOsjcvXMEYYkiKC0vIVhHgNwyzLOmRuY3FGlUG_mwuyTzjguTJ0rfHNKA0PzoUsleO3DJuld-V0pl1V4qLNDOfeTiNF-LI&sig=Cg0ArKJSzODzQdNZsLthEAE&uach_m=[UACH]&adurl=
Frame ID: A9835F76F1C4BBB7072FFFE03E77C5D8
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5222449639&chanId=21734991026&placementId=6295301662&pubCreative=138432734008&pubOrder=3200570583&cb=376888331&adsafe_par&impId=&custom=centerpiece&custom2=home&custom3=
Frame ID: C43F8957CCA9B268222578496EC7A9EE
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30316653&chanId=21734991026&placementId=6267921791&pubCreative=138438160472&pubOrder=3181028387&cb=412765154&adsafe_par&impId=&custom=bottom&custom2=home&custom3=
Frame ID: 177BCDE7415645AB041EF9A000511E0A
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5224820527&chanId=21734991026&placementId=6361852055&pubCreative=138443252704&pubOrder=3238845508&cb=1220301788&adsafe_par&impId=&custom=content-package&custom2=home&custom3=
Frame ID: 9FD0CE87158C05F44D74512A1E7D5DCA
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30316653&chanId=21734991026&placementId=6362556125&pubCreative=138446555370&pubOrder=3239383336&cb=1705430565&adsafe_par&impId=&custom=inpage_2&custom2=home&custom3=
Frame ID: 2033B8E1B9D497B2F52045BF1BDB82D9
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=21734991026&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=1097946489&adsafe_par&impId=&custom=inpage_1&custom2=home&custom3=
Frame ID: 4A07A15B67BF39FF13F3B2AD597F2EE2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5304933991&chanId=21734991026&placementId=6287544669&pubCreative=138431228892&pubOrder=3195282203&cb=1038068025&adsafe_par&impId=&custom=inpage_3&custom2=home&custom3=
Frame ID: 788BDA1E975BAF04768A82BC330CFB9B
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
Frame ID: 56F02377CC374B9148C6D6FABC49749D
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
Frame ID: 87426B958880CCC11954490E4552F123
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FFCDF8A375F4F0F55935343081BE9503
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 07CD2C7D50D240159B3B19EBD17D3C66
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2D0CD82FCB51C491B9D2FFAB9993C3DC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 21F24CD49DD8C0CB0BAF2B379EFF1616
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F92DE9336F3CCD261DC03C4557EAB899
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 812895B504342A5D85D37EBC82A89228
Requests: 1 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
Frame ID: B49120E24582C43FD7CA952F5989F6B9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 48FA875BE5362683A9204693B076BD95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A58C93BC1863D7B265AFD424D0FE1D5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Los Angeles Rams Home | Los Angeles Rams - therams.comBack ButtonFilter Button

Page URL History Show full URLs

https://therams.com/ HTTP 301
https://www.therams.com/ Page URL

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

229
Requests

86 %
HTTPS

35 %
IPv6

39
Domains

60
Subdomains

45
IPs

6
Countries

4313 kB
Transfer

12914 kB
Size

48
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://ramsnewlook.com/
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://www.pntrac.com/t/2-479175-57835-55814
Title: NFL+

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-philadelphia-eagles-inglewood-california/event/0A005E95A2F1291A?brand=rams&artistid=806024&landing=s&utm_source=therams.com&utm_medium=homepage&utm_source=banner

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8
Title: DOWNLOAD FOR iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams
Title: DOWNLOAD FOR ANDROID

Search URL Search Domain Scan URL

URL: https://www.ramssuites.com/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: ACCOUNT MANAGER

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Rams/
Title: facebook Rams

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rams/
Title: instagram Rams

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/snaptherams
Title: snapchat SnapTheRams

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCyJ6yZdVUkBvt2vl4R03jcA
Title: youtube Los Angeles Rams

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@rams
Title: tiktok Rams

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/5mkt0hgTNL81R8cjngLS1e
Title: spotify Rams Iconic Podcast

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/los-angeles-rams
Title: linkedin Los Angeles Rams

Search URL Search Domain Scan URL

URL: https://rams.formstack.com/forms/preference_ic_final
Title: email Email/SMS

Search URL Search Domain Scan URL

URL: https://twitter.com/ramsnfl
Title: x RamsNFL

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/

Search URL Search Domain Scan URL

URL: https://www.bengals.com/

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/

Search URL Search Domain Scan URL

URL: https://www.steelers.com/

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/

Search URL Search Domain Scan URL

URL: https://www.patriots.com/

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/

Search URL Search Domain Scan URL

URL: https://www.colts.com/

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/

Search URL Search Domain Scan URL

URL: https://www.chargers.com/

Search URL Search Domain Scan URL

URL: https://www.raiders.com/

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/

Search URL Search Domain Scan URL

URL: https://www.packers.com/

Search URL Search Domain Scan URL

URL: https://www.vikings.com/

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/

Search URL Search Domain Scan URL

URL: https://www.giants.com/

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/

Search URL Search Domain Scan URL

URL: https://www.commanders.com/

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/

Search URL Search Domain Scan URL

URL: https://www.panthers.com/

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/

Search URL Search Domain Scan URL

URL: https://www.49ers.com/

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/46acd508-0e8d-40cd-af22-1a8bdfa6da60/224a3598-1b25-497d-9273-be255f55461c
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://therams.com/ HTTP 301
https://www.therams.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1696065145711 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1696065145711

Request Chain 45

https://cm.everesttech.net/cm/dd?d_uuid=41947762530570249581233648636027959293 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRfmegAAAJ28zgNx

Request Chain 102

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=41947762530570249581233648636027959293 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=41947762530570249581233648636027959293&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 115

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=rkVDmugG1QMw1t5

Request Chain 138

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1875858254886144970

Request Chain 153

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8591072196473830496

Request Chain 168

https://x.dlx.addthis.com/e/demdex_sync?na_exid=41947762530570249581233648636027959293&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023093009122700029851144787

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE5NDc3NjI1MzA1NzAyNDk1ODEyMzM2NDg2MzYwMjc5NTkyOTM= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJsuiDALpJbTJvNUIHAB9G8&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 190

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEC1i0JW1Ed0mT0Tw_aE_SPY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 195

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEC1i0JW1Ed0mT0Tw_aE_SPY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 200

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEC1i0JW1Ed0mT0Tw_aE_SPY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 206

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEC1i0JW1Ed0mT0Tw_aE_SPY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 209

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEC1i0JW1Ed0mT0Tw_aE_SPY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 215

https://pixel.advertising.com/ups/28/sync?uid=41947762530570249581233648636027959293&_origin=1&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/28/sync?uid=41947762530570249581233648636027959293&_origin=1&redir=true

Request Chain 216

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEC1i0JW1Ed0mT0Tw_aE_SPY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 218

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PbYyYznuA1Qk4GoZ3o1ZCy9nJKtk9uv4&gdpr=0&gdpr_consent=

Request Chain 219

https://ps.eyeota.net/match?bid=6j5b2cv&uid=41947762530570249581233648636027959293&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 221

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=41947762530570249581233648636027959293&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=41947762530570249581233648636027959293&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-52kPRTVE2pFmaERsQhV47yFlxkAGEABeQg4-~A

Request Chain 223

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZRfmegAAAJ28zgNx&sigv=1&esig=1~46bb8b056e6539b7191cbfb4adf2088bb76eba71

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlJmbWVnQUFBSjI4emdOeA==

Request Chain 225

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZRfmegAAAJ28zgNx&expires=90

Request Chain 226

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRfmegAAAJ28zgNx HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRfmegAAAJ28zgNx&C=1

Request Chain 227

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZRfmegAAAJ28zgNx

Request Chain 228

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZRfmegAAAJ28zgNx

Request Chain 229

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZRfmegAAAJ28zgNx

Request Chain 230

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZRfmegAAAJ28zgNx&img=1

Request Chain 231

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZRfmegAAAJ28zgNx&t=2592000&o=0

Request Chain 233

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 234

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=rGWIAZvUQ5mklZA_zJ5U6Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=41947762530570249581233648636027959293

229 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.therams.com/
Redirect Chain

https://therams.com/
https://www.therams.com/

535 KB
98 KB

247ms
205ms

Document
text/html

151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1ad3f2b11fc352176b0a4987f945e533ae2e85ef909d10149e1afc4a85975a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: public, max-age=5
Connection: keep-alive
Content-Length: 99192
Date: Sat, 30 Sep 2023 09:12:24 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-NFL-Dma: 276003
X-NFL-Geo: country_code=DE
X-Served-By: cache-bur-kbur8200032-BUR, cache-fra-eddf8230116-FRA
X-Timer: S1696065145.642827,VS0,VE197
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
origin-site: LA3
server: envoy
service-worker-allowed: /
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-envoy-upstream-service-time: 687
x-xss-protection: 1; mode=block

Redirect headers

Accept-Ranges: bytes
Cache-Control: private
Connection: close
Content-Length: 0
Date: Sat, 30 Sep 2023 09:12:24 GMT
Location: https://www.therams.com/
Retry-After: 0
Server: Varnish
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-NFL-Dma: 276003
X-NFL-Geo: country_code=DE
X-Served-By: cache-fra-eddf8230059-FRA

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 677 KB
119 KB 168ms
164ms Stylesheet
text/css 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7ccfe990e4f2b9bf11466a5917ba25121a24590667663477e08313f3646a1e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 125
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 120845
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200156-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:01 GMT
server: envoy
X-Timer: S1696065145.857963,VS0,VE156
etag: "1d9f08dc16d5951"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK 61c1c7cf8c39f231371ed53270a6a43f
www.therams.com/compiledassets/theming/ 19 KB
5 KB 23ms
9ms Stylesheet
text/css 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/61c1c7cf8c39f231371ed53270a6a43f

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3fde7c50813e864a8c487614b609992d2e6a312d0230b26df4494e9d7949e3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:24 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 803687
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 6
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4046
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200025-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
server: envoy
X-Timer: S1696065145.870152,VS0,VE1
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 37ms
18ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h6ThlO7ea17v6JNPXbI1zQ==
age: 49366
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6822
x-ms-lease-status: unlocked
last-modified: Thu, 28 Sep 2023 05:11:21 GMT
server: cloudflare
etag: 0x8DBBFE15B00285A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0ed67756-301e-001b-0c44-f20780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80eb58137c68bb8b-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 94ms
71ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0eedcc9bee0db91b81d1abc0600f0ed2b47ab872e3581af7494c4c7f2676f39b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29326
x-xss-protection: 0
server: cafe
etag: 555 / 19630 / 31078332 / config-hash: 9162079683277741110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:12:25 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 80 KB
29 KB 46ms
7ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41df4d40fbba8d824b6c5ddde5cce693715331cb4a3024dedd5d2c623ac51c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29429
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 18:49:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sat, 30 Sep 2023 09:27:23 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 327 KB
78 KB 49ms
11ms Script
application/x-javascript 2a02:26f0:480:983::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:983::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f264775a2b6756a9cf5a9a84720c9f992373a3c6b861a2a0a3a6eda05abfd78f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:25 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 22:36:41 GMT
server: AkamaiNetStorage
etag: "6900c869d088f2f40919494acbfe9562:1695163001.274019"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 79695
expires: Sat, 30 Sep 2023 10:12:25 GMT

GET
H2 200 gigya.js Show response
cdns.us1.gigya.com/js/ 514 KB
169 KB 47ms
9ms Script
text/javascript 23.201.252.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.201.252.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-252-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0f6ab7035ab4feb5ff8470d09ff830be3391d73ebd7509312d90876bb9aa2c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:24 GMT
content-encoding: gzip
x-soa: true, Gator
vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin: *
x-callid: 602476918c1a4911b970b47b72fb7807
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-t12
x-error-code: 0
x-robots-tag: none
content-length: 172973
expires: Sat, 30 Sep 2023 09:27:24 GMT

GET
H/1.1 200
OK NflUmdComponents.NFLToken.js Show response
p.nfltags.com/nfl/ 355 KB
117 KB 70ms
32ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 1015b13d566d3afea0dfe2a5b00079b48cfdfdce1c319f3ebca6dc1070930152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires: Sat, 30 Sep 2023 09:12:55 GMT
Date: Sat, 30 Sep 2023 09:12:24 GMT
Via: 1.1 varnish, 1.1 varnish
Content-Encoding: gzip
Age: 20
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 7
Connection: keep-alive
Content-Length: 118988
X-Served-By: cache-bur-kbur8200079-BUR, cache-fra-eddf8230094-FRA
last-modified: Wed, 23 Aug 2023 21:13:54 GMT
server: envoy
X-Timer: S1696065145.917584,VS0,VE2
etag: "64e67692-58da2"
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 5166381, 1

GET
H/1.1 200
OK j1tkxc6un23k9cqywqty.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/ 7 KB
8 KB 44ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/j1tkxc6un23k9cqywqty.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8178900a84f3230701bd68b79ed67700f136cceb5dfdb0abb7ecab38f21c6b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 795b4b6b943fe3d87b1c7e104dc9034c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 53331
Edge-Cache-Tag: 412959858210533076633916240561535566579,480394454469946857818415004125663383920,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 412959858210533076633916240561535566579,480394454469946857818415004125663383920,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="j1tkxc6un23k9cqywqty.webp"
Connection: keep-alive
Content-Length: 6810
X-Request-Id: 96ec1d357184399ab3d989398016853c
X-Served-By: cache-iad-kjyo7100077-IAD, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Fri, 29 Sep 2023 18:23:35 GMT
Server: cloudinary
Surrogate-Reporting: width=824,height=464,bytes=6810,owidth=1920,oheight=1080,obytes=2460813
X-Timer: S1696065145.255590,VS0,VE1
Etag: "97ff3fc2dfee71386c9f6af310a297da"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 35, 1

GET
H/1.1 200
OK ygsze9kgszznrh8uzpxq.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
3 KB 7ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ygsze9kgszznrh8uzpxq.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8a20ec90fb05e81cadb792a97cb3acf522c7f8e97866c9878b5f03dc5acac78f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 862764
Edge-Cache-Tag: 458308261743139230486379487093955844679,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 458308261743139230486379487093955844679,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="ygsze9kgszznrh8uzpxq.webp"
Connection: keep-alive
Content-Length: 1500
X-Served-By: cache-iad-kiad7000090-IAD, cache-iad-kiad7000090-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Wed, 06 Sep 2023 17:01:15 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,owidth=1920,oheight=1080,obytes=1912152
X-Timer: S1696065145.264854,VS0,VE1
Etag: "8731737dd888656d5041274cd32caf86"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 684, 1

GET
H/1.1 200
OK sdeo57h6uqywgpzuk8px.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 10ms
10ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/sdeo57h6uqywgpzuk8px.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4937f8fc85146d76dc2bc29355d718a7ca872dec0d2dc5459ec242b92260ff9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 301173
Edge-Cache-Tag: 337212943805538730268420957042619520551,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 337212943805538730268420957042619520551,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="sdeo57h6uqywgpzuk8px.webp"
Connection: keep-alive
Content-Length: 1734
X-Request-Id: 4393ffc20e97129cbd9197f99c3c1203
X-Served-By: cache-iad-kcgs7200094-IAD, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Tue, 26 Sep 2023 21:32:52 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,bytes=1734,owidth=1600,oheight=900,obytes=274680
X-Timer: S1696065145.273678,VS0,VE1
Etag: "90df0d6ce236b4509c885f30bcf863c0"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 18, 1

GET
H/1.1 200
OK otb1o96p89ity3qqxzuq.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 9ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/otb1o96p89ity3qqxzuq.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4fc1bb90492e8fada764dc127cb5948f3c558a43c3e515d3177460967020615f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 990611
Edge-Cache-Tag: 340607828337186221532007307102026501561,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 340607828337186221532007307102026501561,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="otb1o96p89ity3qqxzuq.webp"
Connection: keep-alive
Content-Length: 1638
X-Request-Id: a04336fb13f0ed6b3615f1bcc317f1de
X-Served-By: cache-iad-kjyo7100135-IAD, cache-iad-kcgs7200125-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Mon, 18 Sep 2023 22:02:15 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,bytes=1638,owidth=1920,oheight=1080,obytes=416813
X-Timer: S1696065145.286471,VS0,VE1
Etag: "c7ff873a613e17f9e1e19a4776964419"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 282, 1

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 677 KB
119 KB 620ms
597ms Stylesheet
text/css 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7ccfe990e4f2b9bf11466a5917ba25121a24590667663477e08313f3646a1e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 120845
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200156-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:01 GMT
server: envoy
X-Timer: S1696065145.879998,VS0,VE590
etag: "1d9f08dc16d5951"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK 61c1c7cf8c39f231371ed53270a6a43f
www.therams.com/compiledassets/theming/ 19 KB
5 KB 31ms
8ms Stylesheet
text/css 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/61c1c7cf8c39f231371ed53270a6a43f

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3fde7c50813e864a8c487614b609992d2e6a312d0230b26df4494e9d7949e3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:24 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 803687
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 41
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4046
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200025-BUR, cache-fra-eddf8230087-FRA
X-NFL-Dma: 276003
server: envoy
X-Timer: S1696065145.879976,VS0,VE1
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK cg8rbwu9j60yaup8fr1a.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 8ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/cg8rbwu9j60yaup8fr1a.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 30360d771fe987dd0e37639b0d847f25e446131e5fe2191e60835725f639f12d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 7858d9a710c9f9ade149eac1339a9a6c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 52051
Edge-Cache-Tag: 612043190351845933259680551317743771316,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 612043190351845933259680551317743771316,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="cg8rbwu9j60yaup8fr1a.webp"
Connection: keep-alive
Content-Length: 1828
X-Request-Id: 12c5e9bbc799ff1886b8b8a3a6c8cac9
X-Served-By: cache-iad-kcgs7200115-IAD, cache-iad-kcgs7200102-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Fri, 29 Sep 2023 18:44:55 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,bytes=1828,owidth=2500,oheight=1406,obytes=1614939
X-Timer: S1696065145.295909,VS0,VE1
Etag: "9b051b1fc9d6424714ba35bf76b85b9b"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 17, 1

GET
H/1.1 200
OK j3coilvm8gc3onl668ni.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 8ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/j3coilvm8gc3onl668ni.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 32eeaf122238e84c5b7226747defeee1bb18f393046155a0b8954911d656f7f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 18591001335591ffb831001ad8b75762.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 53331
Edge-Cache-Tag: 370262212645258415537780056346686540862,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 370262212645258415537780056346686540862,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="j3coilvm8gc3onl668ni.webp"
Connection: keep-alive
Content-Length: 1878
X-Request-Id: d83177ce71415d5c7f833f2d60bee558
X-Served-By: cache-iad-kjyo7100164-IAD, cache-iad-kcgs7200162-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Fri, 29 Sep 2023 18:23:35 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,bytes=1878,owidth=1920,oheight=1080,obytes=606215
X-Timer: S1696065145.305134,VS0,VE1
Etag: "cee400a8523c35b3f9ef094d62e8aabd"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 25, 1

GET
H/1.1 200
OK shqxqkvcyrqiiq3n7sgo.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 8ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/shqxqkvcyrqiiq3n7sgo.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 09e5573d04ead309231b0ad342bf54ca450a0ff6becd3530ad7d8c415ee46dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 133504
Edge-Cache-Tag: 407699090414474455079347417585517365031,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 407699090414474455079347417585517365031,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="shqxqkvcyrqiiq3n7sgo.webp"
Connection: keep-alive
Content-Length: 2136
X-Request-Id: c51abc4046716d292aa283d23b40e793
X-Served-By: cache-iad-kjyo7100108-IAD, cache-iad-kcgs7200110-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Thu, 28 Sep 2023 20:07:22 GMT
Server: cloudinary
Surrogate-Reporting: width=400,height=225,bytes=2136,owidth=1920,oheight=1080,obytes=487816
X-Timer: S1696065145.313739,VS0,VE1
Etag: "e6fa42e39b54282a5ec36c5c147a6c23"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 12, 1

GET
H/1.1 200
OK xoaqlyrqdqfldcnul3kg.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 9ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/xoaqlyrqdqfldcnul3kg.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 82515c0f922258f4154443f676019e7a222f85afb23bc81ceb616ac055ac61bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1884348
Edge-Cache-Tag: 577822122912920262004273880752820954225,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 577822122912920262004273880752820954225,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
X-Cache: HIT, HIT, HIT
Content-Disposition: inline; filename="xoaqlyrqdqfldcnul3kg.webp"
Connection: keep-alive
Content-Length: 1292
X-Served-By: cache-iad-kiad7000128-IAD, cache-iad-kiad7000128-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Thu, 19 Aug 2021 17:31:28 GMT
Server: cloudinary
X-Timer: S1696065145.322943,VS0,VE1
Etag: "228d1d1d332588f027c1cf6bf8bec59e"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1279, 1

GET
H/1.1 200
OK ap7rnbadho3mj4fvqmvk.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 776 B
2 KB 8ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ap7rnbadho3mj4fvqmvk.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1eb70490bb64ac278964d9d20e972ae265607d57d11f709bcd841ce31b0f58c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1013495
Edge-Cache-Tag: 552934814034902635962660128059687110611,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 552934814034902635962660128059687110611,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: HIT, HIT, HIT
Content-Disposition: inline; filename="ap7rnbadho3mj4fvqmvk.webp"
Connection: keep-alive
Content-Length: 776
X-Request-Id: f3a76f6e7490c68f1a06dc7670e1cd60
X-Served-By: cache-iad-kiad7000130-IAD, cache-iad-kiad7000130-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Thu, 07 Sep 2023 17:38:46 GMT
Server: cloudinary
X-Timer: S1696065145.333071,VS0,VE1
Etag: "86fae26d54a91e93a263c87cbb288d20"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 120, 1

GET
H/1.1 200
OK fxxcam58armxbifeuddo.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 796 B
2 KB 8ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/fxxcam58armxbifeuddo.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ebfebad98feeba8f9a6666d8a12faf62a5623505c12413d1df0f97b3622410d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2657341
Edge-Cache-Tag: 487421783638516312236275295649256187719,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 487421783638516312236275295649256187719,548215506746630382414367004164803750515,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="fxxcam58armxbifeuddo.webp"
Connection: keep-alive
Content-Length: 796
X-Served-By: cache-iad-kiad7000084-IAD, cache-iad-kiad7000083-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Tue, 20 Sep 2022 01:55:51 GMT
Server: cloudinary
X-Timer: S1696065145.342041,VS0,VE1
Etag: "d0d387567a1dde8be3871b924164ab10"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 58, 1

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 162ms
162ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 72
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200030-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:16:31 GMT
server: envoy
X-Timer: S1696065145.356296,VS0,VE155
etag: "1d9f08c6da8f4ca"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

OPTIONS
H2 200 token
api.nfl.com/identity/v3/ Frame 0
0 46ms
7ms Preflight
text/html 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Sat, 30 Sep 2023 09:12:25 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230082-FRA

GET
H2 200 84aeb24d-03a4-4fdc-8d4b-371212102069.json Show response
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/ 5 KB
2 KB 41ms
26ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/84aeb24d-03a4-4fdc-8d4b-371212102069.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

495596c92a23b2322fc5a2bc844e28500f400730440fb4c3c176772cca570af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 44606
content-md5: EaWGxeUpnyODSxYWzFYh+g==
content-length: 1732
x-ms-lease-status: unlocked
last-modified: Tue, 15 Aug 2023 23:22:42 GMT
server: cloudflare
etag: 0x8DB9DE6865DD467
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 96728b87-201e-0091-3080-eb5c31000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80eb5817a81f4d3d-FRA
expires: Sun, 01 Oct 2023 09:12:25 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ 5 KB
3 KB 85ms
7ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 83738c04b8043593a3965039aee4a5fc1464c8746b62f31b7ea28f431848c772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:10:45 GMT
content-encoding: gzip
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 100
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2094
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 4d66ad64fd9240a8814b2a6c53efe6a1
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t10
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: f59QGpusgHM9z_P1B53AU6Oweg_t5bW_vMb_NSBRj8ihXfHFqE1_tw==

HEAD
H/1.1 200
OK /
www.therams.com/ 0
0 7ms
7ms Fetch
text/html 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/

Requested by

Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 687
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 99192
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200032-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
server: envoy
X-Timer: S1696065146.684057,VS0,VE0
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/html
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

HEAD
H/1.1 200
OK /
www.therams.com/ 0
0 8ms
8ms Fetch
text/html 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/

Requested by

Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 687
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 99192
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200032-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
server: envoy
X-Timer: S1696065146.683949,VS0,VE1
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/html
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

POST
H2 200 token Show response
api.nfl.com/identity/v3/ 1 KB
1 KB 578ms
577ms Fetch
application/json 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: be-identity /
Resource Hash: 4c381df235116272b51cc1cae428c3b11707e8f63ba448da16b5216da81b8ee3

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-bur-kbur8200025-BUR, cache-fra-eddf8230082-FRA
date: Sat, 30 Sep 2023 09:12:26 GMT
via: 1.1 varnish, 1.1 varnish
server: be-identity
x-timer: S1696065146.732347,VS0,VE570
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
content-length: 1219
x-cache-hits: 0, 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/ 410 KB
130 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0084510e182b973087940eb0cdae2f87b1165a3082bb87bd6db73a2ee8800ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 18:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52270
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132541
x-xss-protection: 0
server: cafe
etag: 12590920608456914078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 28 Sep 2024 18:41:15 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1696065145711
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1696065145711

7 KB
3 KB

36ms
34ms

XHR
application/json

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1696065145711

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

839c31620626af2453e5d104f38b2d950c8dcb371cbd4803696c578cce5319a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-08f12a28d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: eOf135Y0TtQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2011
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-01d8b9ba0.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VDFBb5EqTNo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1696065145711
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 50ms
27ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 80eb5818fca737fb-FRA
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 163ms
162ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:25 GMT
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19260
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200115-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:16:31 GMT
server: envoy
X-Timer: S1696065146.747334,VS0,VE155
etag: "1d9f08c6da8fabc"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 167ms
166ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:25 GMT
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18232
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200169-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:16:31 GMT
server: envoy
X-Timer: S1696065146.748176,VS0,VE156
etag: "1d9f08c6da8f6b8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 173ms
173ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:25 GMT
Age: 0
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19208
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200020-BUR, cache-fra-eddf8230087-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:16:31 GMT
server: envoy
X-Timer: S1696065146.748192,VS0,VE158
etag: "1d9f08c6da8fa88"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK zu7jn37mbhghu3v14ypt
static.clubs.nfl.com/image/private/f_auto/rams/ 13 KB
14 KB 43ms
43ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/zu7jn37mbhghu3v14ypt
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6de95ed9ac949a7a36c2c60405c79958779b21938ce2b245b9c153c7196bcfa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:25 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2741841
Edge-Cache-Tag: 559253892405784975896444583664749918160,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 559253892405784975896444583664749918160,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="zu7jn37mbhghu3v14ypt.webp"
Connection: keep-alive
Content-Length: 13496
X-Served-By: cache-iad-kjyo7100156-IAD, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Wed, 06 May 2020 12:43:09 GMT
Server: cloudinary
X-Timer: S1696065146.797451,VS0,VE32
Etag: "e8136697b9999e08d7022257ce3885aa"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 6433, 1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/ 400 KB
97 KB 21ms
19ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Sw59qQKTUz8IJh2hCY03KQ==
age: 79531
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98810
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:51 GMT
server: cloudflare
etag: 0x8DB55BF34FA32B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 33d48d17-101e-00ca-25d3-874b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80eb58197a74bb8b-FRA

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 165ms
165ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:26 GMT
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18524
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200141-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:16:31 GMT
server: envoy
X-Timer: S1696065146.843626,VS0,VE157
etag: "1d9f08c6da8f9dc"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 Api.aspx Show response
auth-id.nfl.com/gs/webSdk/ Frame C4EE 123 KB
44 KB 26ms
8ms Document
text/html 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=15406

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-36.fra56.r.cloudfront.net

Software

Resource Hash

ba01c4bf3d0ff2023f21defc40eeb4c82b2d2330080bb672d93b35fdbdf988ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2018
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 43999
content-type: text/html; charset=utf-8
date: Sat, 30 Sep 2023 08:38:47 GMT
edge-cache-tag: siteid_748934946734,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: CeStqYLJHLNDI145VyqAaLKAsu3q_OY5jvWaEG_uWevRVSo3DonaWg==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 9aa6fb80d3bd4b15a187b2bd1923e98f
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t6
x-soa: true, Gator

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 8 KB
3 KB 166ms
166ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=bb3b4235d95ce7bc6746104bc8124684

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3d96e0adb3ab14ec39070077e33869cb717ece435daba9ad7c2a054b82025cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:26 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2129
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200037-BUR, cache-fra-eddf8230079-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065146.876251,VS0,VE159
etag: "1d9f08dcb89d6ff"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 253 KB
25 KB 113ms
112ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3995766567088394&correlator=610876111079515&eid=31078332&output=ldjh&gdfp_req=1&vrg=202309270101&ptt=17&impl=fifs&iu_parts=4595%2Cteam.la%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=100x30%2C100x30%2C300x250%2C300x250%2C728x90%7C970x90%7C970x250%2C728x90%7C970x250%7C970x90%2C728x90%7C970x250%7C970x90%2C728x90%7C970x250%7C970x90%2C728x90%7C970x250%7C970x90%2C1x4%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696065145939&lmt=1696057945&adxs=1376%2C1484%2C1058%2C1058%2C436%2C436%2C436%2C436%2C436%2C800%2C800&adys=159%2C159%2C1171%2C12010%2C263%2C14134%2C11706%2C12515%2C13094%2C14813%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C0%7C2%7C3%7C4%7C5%7C6%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.therams.com%2F&vis=1&psz=248x32%7C248x32%7C300x250%7C384x413%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x14812%7C1600x14812&msz=116x0%7C100x0%7C300x250%7C300x413%7C728x0%7C728x0%7C728x0%7C728x0%7C728x0%7C1600x0%7C1600x0&fws=4%2C4%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C4%2C4&ohw=1600%2C1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C1600&ga_vid=208940742.1696065146&ga_sid=1696065146&ga_hid=2137087998&ga_fc=false&dlt=1696065144847&idt=1031&prev_scp=slot%3Dbrandedspon%7Cslot%3Dbrandedspon1%7Cslot%3Dcenterpiece%7Cslot%3Dcontent-package%7Cslot%3Dtop%26club%3Dla%26s1%3Dhome%7Cslot%3Dbottom%7Cslot%3Dinpage_1%7Cslot%3Dinpage_2%7Cslot%3Dinpage_3%7Cslot%3Dinterstitial%7Cslot%3Doop&cust_params=s1%3Dhome&adks=2155708592%2C1158139504%2C1253651944%2C2507223876%2C4025765163%2C3308397316%2C3390192327%2C3390192326%2C3390192321%2C3044010286%2C1381024017&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a49f65fb26acbd96355731b253fd259f62156fc73de8f28892aa6011c6eb24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26066
x-xss-protection: 0
google-lineitem-id: -2,-2,6295301662,6361852055,-2,6267921791,6287660768,6362556125,6287544669,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138432734008,138443252704,-2,138438160472,138431504884,138446555370,138431228892,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c5d43a33ec2e8c38f1e03383ac9ab556.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3596 6 KB
3 KB 88ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5d43a33ec2e8c38f1e03383ac9ab556.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 09:12:26 GMT
expires: Sun, 29 Sep 2024 09:12:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/262180da-925e-4334-9dc3-38e6090a0fca/ 103 KB
22 KB 28ms
27ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/262180da-925e-4334-9dc3-38e6090a0fca/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1864a7db75696101e3b421fefb456aebea1f43311ac8e837d5a7cb3812423e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 30822
content-md5: NmobFfQyjjzqCzh/2QmeOg==
content-length: 22090
x-ms-lease-status: unlocked
last-modified: Tue, 15 Aug 2023 23:22:47 GMT
server: cloudflare
etag: 0x8DB9DE68918E558
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9bf20f14-801e-0098-04cf-cf19e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80eb581a8aa84d3d-FRA
expires: Sun, 01 Oct 2023 09:12:26 GMT

GET
H/1.1 200
OK dest5.html Show response
nfl.demdex.net/ Frame F3BA 7 KB
3 KB 152ms
35ms Document
text/html 34.247.108.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.108.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-108-36.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v050-080b06e04.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: GfjBoFr/RPQ=
content-encoding: gzip
date: Sat, 30 Sep 2023 09:12:26 GMT
last-modified: Wed, 28 Jun 2023 13:20:51 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.nfl.com/ 48 B
455 B 93ms
21ms XHR
application/x-javascript 63.140.62.108
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&mid=42145773014661690891248963410829413186&ts=1696065146042

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.108 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-108.data.adobedc.net

Software

jag /

Resource Hash

eebf42008595c82033337404394d338f1dcf6f441a28ecb913e45faa176fcaac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.therams.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZRfmegAAAJ28zgNx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=41947762530570249581233648636027959293
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRfmegAAAJ28zgNx

42 B
942 B

37ms
37ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRfmegAAAJ28zgNx

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-074f8aa15.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wNr10Kw2SMs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRfmegAAAJ28zgNx
Date: Sat, 30 Sep 2023 09:12:26 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 731 B
900 B 106ms
38ms Fetch
application/json 63.140.62.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=d06b2111-c846-41e1-a5bc-d1a821277b46&requestId=aba3c0c2-aea4-4ecc-abc9-9270b1ca4932

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

8c3541f7e9e0bbc3cb0808575d9dc42a890a2fb209a545f19b5dcf9e8fdd3460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 09:12:25 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: aba3c0c2-aea4-4ecc-abc9-9270b1ca4932

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame C4EE 5 KB
3 KB 8ms
8ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=15406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 83738c04b8043593a3965039aee4a5fc1464c8746b62f31b7ea28f431848c772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=15406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:10:45 GMT
content-encoding: gzip
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 101
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2094
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 4d66ad64fd9240a8814b2a6c53efe6a1
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t10
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: jFKuog9OgK5G0QNlPU6pLHzJ3E04v5m3Sw3Tlvm7WsFBdaNk-Mq11A==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5B1 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswyDEOo67YPjYcON0moM5W22BfUHwjWJ6hYXRtGl9OXRv3uUNK5gv1MxIK9Lq7c4CF2XhUTG6gdzHzJepPiqpri5a7sMaa3qZ4cZS1ZUiOCouUSjMT5-npl4Bud5k1_Zg05VX5J1NA-XHrN7pSvMJkw0SjCOr0Fx17IA9e0ITUB07B1llsktT5R4Grf7aPYNTNAkWE5bxx5qCpBxi2RxQMQOmZE8sISgVhNsbMo1R5ALz5NAAHXCs4olGc6Boz7XMPEfAGaPdgvrwboREGzWF7tMkKJz-Y0RWvtT2t2Yn9DbkTsL5LycAxnl9TWyQt2DLfukoa&sai=AMfl-YQYLjJD_dNBRXEuzWjHVMcDGQw6Nm0prMJxF39Rhn7W5m4Z7xEOAgPf-QbptB_t8rOW6kaxGgvRGMHaZ5VDh6-xqvB8NscnMAFXrYV5YqTuAVibJAAXctqV2V-sWVz6zsVtjpD_RoXQAYoUmFA&sig=Cg0ArKJSzJ0Qv6JCUEs0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame E5B1 3 KB
2 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5B1 182 KB
58 KB 67ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 394546832393105155
tpc.googlesyndication.com/simgad/ Frame E5B1 99 KB
99 KB 38ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/394546832393105155

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6e9d3723d44cbff030dc5f5ef771f9e664a34c8b045513ecfaa47329238a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 06:27:12 GMT
x-content-type-options: nosniff
age: 182714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101302
x-xss-protection: 0
last-modified: Fri, 05 May 2023 21:47:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Sep 2024 06:27:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C11 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSLDBSpBMVPiVOga6TEH4PmU4YrQXy48h2-usw7i8BxEKBxZEwfjy3nDwHYie0fFKEL1MJsPpMnbs2lnXThMIU6mr5L_0Lc2ogakUfZ6krB1_IM9p-AWafwqkoB_jYtbALq6caTvYz5iNxmvAqxKf1kPWZontgKQrOTpVGPLp1REAFsTVAzwPHOByr8GvlnyyJUDZrG0uLb6MO0dKXuUTSmLqK9w-fvw_Jc4jNW8maDaYfQq-ti_nlB_Euc6MkYT1zXakAur_YYUn7RtsZ5kjrkQlcWxwyNRzH3TZ2T_oELobl8cI3y2aSmtE_QomiHwBt9YbY&sai=AMfl-YTsKf6vDhAe-iVo3ZsWJ9vE2SB5OddWvISriIAoYw2OKNe1RrH-UlEm9eq6bbe7kRUC16Akybi4-AZhxW27FZkKTba0P_5JlLwja8G3tvLj1gNkoidWlCY8Nz8zdjiEhkCECT2l_c4IFGQPOFM&sig=Cg0ArKJSzPGFUOawG_1rEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2C11 3 KB
1 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C11 182 KB
57 KB 60ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 13262773044257804295
tpc.googlesyndication.com/simgad/ Frame 2C11 28 KB
28 KB 48ms
37ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13262773044257804295

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20750cf6d476ee0565967022bccebc4798407dbe4b4573feefb9b17cc20bd58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28800
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 22:27:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Sep 2024 09:12:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FCF6 0
0 65ms
64ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLjArFbq5MwmG8RgAGl8PwcoGu46oqTwk-yZ1ZlsSK19rUsSsOQBrlsIKT2OpGv6tlndZJA6SeJBd0BI9zSJalIqdxWhJHXuh6iFFy-9vZPxiUEkuOTzsQdGkrr5YJXHvAw3W94M26soIWlN4A8CRxT8iLFiwFK2vu0pCsSQCMGtJgt4-6m3AsDH1WkAUizMLmxF0yMMQzyvj3abWPn85x7H5CUMAU3YS5Q0MKsRiN7GBOpEuuUnQAxHPpmU-6jtvZ4zyeCvYuxWRSzumjIgE74C1m3xprinTJ-XeRE0qqWkjoXkhLsC2lRqWLyC5QkpsNOG9K&sai=AMfl-YQYCCWEWSfpYf6lGaYdq3F9Gv-7Zar05ZXMexHX9QP_itDT5fL_c6_wsJnLZrTie5G7LqXt-XOEzyaYgoximJUeORFbNHCCiAG1rmEwa9JSZqtk7woU_6cuLOnZFUCeNjagNCrkAk6QTpS7HUs&sig=Cg0ArKJSzFQf33z7DZ4LEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame FCF6 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCF6 182 KB
57 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 11045316704523850710
tpc.googlesyndication.com/simgad/ Frame FCF6 47 KB
47 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11045316704523850710

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7811ddeb780c8e40e3be7bdd32b5db46418bf293252103661eb40f2c47d981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 04:31:03 GMT
x-content-type-options: nosniff
age: 448883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47994
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 11:18:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Sep 2024 04:31:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 59BF 0
0 52ms
50ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6kNli1f0n6KeNEnGo5A9M-cWUSZF0x3xzuFkMh-PzzHU1TGRpbclIYs7AflFAlDldDv6yis0K8YJP7TfCadvWuknWAf58XIGuAVwLQEvTtKjnbjieg_aq0zrtOlJWHf1iLMdW2rEONaiTJMWURZt3n8BrTQaSisHW4gWEdnAU6r4f8WBjldT1mp71MNJ26LOXmBI-NcAVvIC_NjUfvfDlnGun-8_MNN2aMA_mexHA41lWuhVZRPpkocOM0Vrt3oU5vpISps9NZmVVh9_xwCRcRs3ZpMgeAL12dkSw5zSQEMo8kxNTra685-VUh7fdlZQ_TYMq&sai=AMfl-YTr9Np6dyG4GIyNllVctiz-qIMnb7J7Kg6tb2d4dR0C-9QY_tqVN3DpOGWl8GKkS6fOTTR_a8JQ8pJlGt_-c3gMFJ9NxT6L0xPcLJIMRITo2GW4pixb4bRHyYmEvYFXr3zoLgywK2UNS9hACBA&sig=Cg0ArKJSzMzRvZYVgnHQEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 59BF 3 KB
1 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59BF 182 KB
57 KB 39ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 15074156624295062743
tpc.googlesyndication.com/simgad/ Frame 59BF 72 KB
72 KB 20ms
14ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15074156624295062743

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

834f03082e3c1b45fd4fcd805ec415f07236a6586e08db572985f38c8b735e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 09:55:16 GMT
x-content-type-options: nosniff
age: 170230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73763
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 16:47:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Sep 2024 09:55:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 060F 0
0 73ms
54ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudHPPszPar2LeO0FG2zbt3xIcN3thoZymbbzEpodT185pCVix1NG13u2UEv9m6RkI4ucK5lhCoG2mDKu4zCl60MWUfkzbnWS6zWow7vKFjowOV7Hu-Y5GJY4Xj0ct2D_zIQO7Pq073kM7ZZYaHpCQYJ9UnCwhDyxj5hdXtuez41iqzXvsB-5dK1-xYAdOccpaPLr7cGaDC4MnBoVCuZ2L67RcSdqFqjbGtvbGNdKV7wjAOEQtVUgrPyXsxnagIyfEz5aBZPfFbPxfbUw9xgmGld0vGCytukmjixZF-M44IzKJein_NVzGFgfuKZDnwl7AsZAL3&sai=AMfl-YSRZYKxhASWz6PbXjzdWZXoqzIY6kayNTFLhoEwpPbexxha5g-_LAb2xHTtSzWtW-v1RTedo7KG_rQsKXVwO54CrlOu4znMM2Nw8y_Q556IJP-wGyKO_sVfQXxvwfcU-j0nfgZ1Pmu2YXNXrsQ&sig=Cg0ArKJSzB8V8Kp49BZpEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 060F 3 KB
1 KB 31ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:05:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 060F 182 KB
57 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H3 200 7163697403047770814
tpc.googlesyndication.com/simgad/ Frame 060F 52 KB
52 KB 30ms
14ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7163697403047770814

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3888199779d7551f43af9e40590d13cd21e1667fb9787719e1bd7a845fba6467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 17:08:57 GMT
x-content-type-options: nosniff
age: 57809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53071
x-xss-protection: 0
last-modified: Sun, 17 Sep 2023 20:03:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Sep 2024 17:08:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A983 0
0 64ms
50ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueM_xDo_OKg42EBoqGZxXRGFDgA2MmRvYcWTavsIsclxFDI1PhYdXd6P0mFGjK2nAmW9WMyeQovnHgc-mNb5NK0PL7R6ZDqM7Z2CXb3-HUr54W2o98PQkPtQYm7EKoQYPtTIQGVYEhdAKtmQz6FZaMY6u68lVkJuPz9BQKj-_AQpyFqaDhk9uhoGODV92aJiIB21iYiS6pqeM8oVNDruNOXRsT-VJIxhZqaShLu6kUtgsI4jMsA0NafWi9PE1d-2OQaCQNfMh6muejDWlnk1k0j8kRAnT-VuVaY-ke7OXvTfBWSk8Ekwzpje887nhIOgloThml&sai=AMfl-YRSOEfNwFtLkQfBcB6mUZ_4_E_1AwH8x73funHP_wROZ50X_obwbaOsjcvXMEYYkiKC0vIVhHgNwyzLOmRuY3FGlUG_mwuyTzjguTJ0rfHNKA0PzoUsleO3DJuld-V0pl1V4qLNDOfeTiNF-LI&sig=Cg0ArKJSzODzQdNZsLthEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A983 3 KB
1 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:05:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A983 182 KB
57 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H3 200 70810663285179893
tpc.googlesyndication.com/simgad/ Frame A983 50 KB
50 KB 30ms
16ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/70810663285179893

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81c6e25f9b63681c628540fb7264fc2d4c393f69f16a1d623a000c9197fdb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 12:21:18 GMT
x-content-type-options: nosniff
age: 75068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50840
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 19:11:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Sep 2024 12:21:18 GMT

GET
DATA 200
OK truncated
/ Frame E5B1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16b83965f3d36accd3682943c467b75984a0a4e50d243f1ae20f6be1c7739aaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2C11 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c37c80b6332c930fb4b592777016fde0ff11e705f90b37d25d17fae4654d4c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FCF6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fff0dfb41485cbde534485c3eb085d4c8876e1cc5348ae8ec7708b51b3b43f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 59BF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 808a2ac436c1f33ed70590a0a1b0bb7740a7d06a231af9c9b00f90c87a6bbd9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 060F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecde470b753d024e61b9c03846d6ee65c0f8f64aff47994fd17aad14e8a5a001

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A983 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82d3df568d3f708ef2fc3382e8f2547008c177016975ce134509869dd22ce93b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 13 KB
3 KB 17ms
17ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pRHDWyQMLvXwKY458EnqRw==
age: 10825
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3019
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:45 GMT
server: cloudflare
etag: 0x8DB55BF315FAED9
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3e798391-201e-0028-3e93-f0582b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80eb581ccc8a4d3d-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/ 62 KB
13 KB 19ms
18ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UgqWqpl5qGBlgacC8J2b6A==
age: 55321
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13388
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:48 GMT
server: cloudflare
etag: 0x8DB55BF32DD687C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: af93df67-701e-009e-5147-88a1a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80eb581ccc8c4d3d-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 21 KB
4 KB 23ms
22ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 55321
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 90ab7831-301e-013c-4647-882a68000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80eb581ccc8d4d3d-FRA

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/functions/ 1 KB
1 KB 9ms
9ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:26 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218736
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 558
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200119-BUR, cache-fra-eddf8230079-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065146.409290,VS0,VE1
etag: "1d9f08dcb89cd05"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/functions/ 808 B
1 KB 26ms
25ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:26 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200156-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065146.418323,VS0,VE0
etag: "1d9f08dcb89ca28"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/ 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a603871860226a8f826ee795be58e57c34df3a00a9744de42b982722053b0e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:26 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218736
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1363
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200032-BUR, cache-fra-eddf8230087-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065146.411531,VS0,VE1
etag: "1d9f08dcb89c6ab"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/ 2 KB
2 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:26 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 846
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200080-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065146.412775,VS0,VE0
etag: "1d9f08dcb89ce96"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK liveService.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/services/ 3 KB
2 KB 9ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/services/liveService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3c6ee2db8f21171f3d93e12093c33e5fedd1f55480c5ea1e75bc6f4c1746ff7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:26 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 215554
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1209
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200085-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065146.416323,VS0,VE1
etag: "1d9f08dcb89c365"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK gigyaLoggedInChecker.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/common/ 4 KB
2 KB 10ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/common/gigyaLoggedInChecker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

29976a1bb7c213908cf78db48551e916f09fb8b5f0a5c18cb13e8d38a1a943e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:26 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218736
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1686
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200034-BUR, cache-fra-eddf8230079-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065146.418811,VS0,VE1
etag: "1d9f08dcb89c6d8"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

POST
H2 200 interact Show response
sedge.nfl.com/ee/irl1/v1/ 587 B
725 B 229ms
57ms Fetch
application/json 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sedge.nfl.com/ee/irl1/v1/interact?configId=d06b2111-c846-41e1-a5bc-d1a821277b46&requestId=2b71ff40-8877-4b9f-ac4d-ea101451c120

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

7417a183378bd3caec1bc991164e34fadaf7e6b9646b25ad5ff974e7b6991dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 2b71ff40-8877-4b9f-ac4d-ea101451c120

GET
H2 200 accounts.webSdkBootstrap Show response
auth-id.therams.com/ 199 B
1 KB 672ms
457ms XHR
text/javascript 108.156.2.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2F&sdk=js_latest&sdkBuild=15406&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-44.mxp63.r.cloudfront.net
Software: /
Resource Hash: 9465d85237dd4dbc22873ddfe086c68b63246a2d32c955ecd44d7db07286d773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
via: 1.1 6b552294ba6a60cc56d1bc328f57165e.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: MXP63-P4
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code: 0
content-length: 175
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.therams.com
x-callid: f98ca5850dcd4f7ca19e601bbd74d3cc
cache-control: private
access-control-allow-credentials: true
x-server: us1d-nomad-t7
vary: Origin, Accept-Encoding
x-robots-tag: none
x-amz-cf-id: rGsnMkAZ36E7jyhymUUtSAH4bdTh01TeIlsM-w4wG32WrySqybr7yQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5B1 0
0 60ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLx7Y0qajlsYmzAj6x392kdv-H4fsGgluZLXyVKzb3WJxhpfLgMDwaFbT6Avd5SzQd-5wulJ63xHdaR3pSIGjjVhS_sm2oIjE_0mwEa3Iu6nBoXiQRtwElT0mnNkckI18XS5FmyqE5hv_J2jCvr8zggYEvIC-9NJFsTlqhWf4CFyur0yxXD63mY-eCKOa_qRvVVEiMlsrPpbtLpGQOeqS60XAtQDghgLR9UESHZtTQ4slnQgoOzHstoU9tVd0sBonKw2CSJNfflGnoAx2zc7FJFnazICW1UtmRUUAytY6PSeDltdQSHZnTTLUWHS4Z5Zs0e86fPOg&sai=AMfl-YSBvRo3COWj0p9TD_CsYxj0paTKXue6pAzu9fIDRzl7p6WWw2_H8lWLFzdmFyE8LxbBxV3Ap31RBfWOLCjvK5RNe0ajrz3-unGlo9M9Q5GUpOzYFmxMExuUw_6xrD26B5rWbt5z7FgwErrcZ8k&sig=Cg0ArKJSzDLJWH6C8EocEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame C43F 47 KB
13 KB 129ms
36ms Script
application/javascript 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5222449639&chanId=21734991026&placementId=6295301662&pubCreative=138432734008&pubOrder=3200570583&cb=376888331&adsafe_par&impId=&custom=centerpiece&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bca6e5acddd44ad4ea0b4e13ee6ee1df3145a3224339fbf61d7664c76da5a354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame F3BA 43 B
443 B 83ms
21ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=41947762530570249581233648636027959293&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d41947762530570249581233648636027959293
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:26 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 30 Sep 2023 09:12:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FCF6 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCI17Q54uTGU8N54oLP--wR-RAo8VhmHIyNgRLVt0cJWxK4amoYJpsCW7N6pcZkBD4rIQnzhuY7kzedoTZs7vifTOv9L8Flm86Zr8tHTRQVN1CwxXbA1lnbz3ZNWT6fFnGatgzfkuSC8dhyeVOcxmepm6zeAQYwfWxbJmUADFnM9r8qJLg_0_I2P7_4lnaTzYiR0Fzx3vNngBF2QYJGlLzVRi2tUeMWgWHAppE0VcywYdWB7mNEG_0HN-Jq-Qvu_40VAr2xQvu3-b1FpRxGH39c-3QR9sVXVoD6a6QHGSfoNbdEszKRJEDcESvcPN0RiuKJB_hJjo&sai=AMfl-YS5HuFWNQNsBpB1zYDurMoqcCPP8zLctyB35EoAFzzGHpxQbPZxDnuX1e7q_lYNepHvpzG7wmmfHOeo6pUqbJ8MXvpoAczAh1cX7KcclmpcS-rNNP7F5k1-YnQlCVXt4zGndvGo2xZkccvSHcg&sig=Cg0ArKJSzMbGxiaFMifkEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 177B 47 KB
13 KB 61ms
36ms Script
application/javascript 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30316653&chanId=21734991026&placementId=6267921791&pubCreative=138438160472&pubOrder=3181028387&cb=412765154&adsafe_par&impId=&custom=bottom&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cd6a26887042d86af176f2bf5a335079ed971cea4513e84737818031bbe21c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C11 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZRjBQc3nksQu935wp_33EsZkj8pc524QiZafkzHDhu6Rrl10tVGFPUgbZg8b2JYTgRR8VKGlk47_KoYyprsP0xdIuRQrO5Cf_aFMg22DeqcFNC2s1O_YtbAqcDm4Neb64maSjC0BxlVTbxs4oyqEeL5aWvOAqBSgTYuxIjgohUW2G7FmJXn8I2BzZnJs-61lvQc40kH6HEynsC4-ltEp9DGLLERabn8-UB9j6H9JbgZ4S_NUIoEnbDgsyHW-bByv141qaEl-L7hkt1ERjrDtOnC1IAI-7SQnAxNCmEH-VlhsHC5sxmThGHbMxf8vMGbtsd7Ig2hY&sai=AMfl-YQ_JtT0KfSFa6tptupXur7mCKZJhmdMQdgvnb71_ql1G4BTQgGOfaVXUcvhTZXCFc27pb-Nhp6VVci6DqQF9z0GsCTwj1bSZmq1gLMlX7uwY-YurhzlL6fruDDOqnIxpK2QZPi50F5Blek3fGI&sig=Cg0ArKJSzLpOPGNukpJ0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9FD0 47 KB
13 KB 40ms
38ms Script
application/javascript 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5224820527&chanId=21734991026&placementId=6361852055&pubCreative=138443252704&pubOrder=3238845508&cb=1220301788&adsafe_par&impId=&custom=content-package&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a4ad0c26a8e431269cf4826062b85ca2529b0dd2eb3509c65212f6df21ce0895

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 060F 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-qHdZmcDDmiJ7cFlR7lbQwPM_W7-wY4ggbBn35CQHOCJdAgd8gQes7gfA6gZN5rlF1uFZoDQ8JVX4RulmEZYnYKmU-rQDFCcH74BUqJblPKjQRZr8qwuTjoGYJ4qUxbubVtZKtezISQy05ohXDI6VQvI4VRgpnuvyfh3_LHZ0ffzxHGGT8zzYYZ_mWaxZrxwA7eByzJsiCBG3zk0Ws3pRE5GrJQFFY5BusIVjjxYsTJTqTf6AVBRPlSsb7ggaMDMuC_edEeppG2eaH15uXlzuqj-umytRNtUmmgDbrTe01z3SQUkHMX0bBHfct3s0_6mlnb4OyKc&sai=AMfl-YRGlyb_gLiuzhF4jF_A-ViPCAsQ_wUUdGD3m8kLq1vnqMjpuR_c0GlgOrRlVwCnbtuwW6Q703fzRyYK4LBF3uH_hfZ9eQ-V-Rl-QoIQC-TGjkV79rksOBrMvtJFSE-HZ81-TnrAllY7gTwqCF0&sig=Cg0ArKJSzMj9-7rWCGcDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 2033 47 KB
13 KB 63ms
60ms Script
application/javascript 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30316653&chanId=21734991026&placementId=6362556125&pubCreative=138446555370&pubOrder=3239383336&cb=1705430565&adsafe_par&impId=&custom=inpage_2&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8a9cae55d072fd4d4665b530738826121b45dd426bbe1b0ef7c7c33d1c340fca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 59BF 0
0 55ms
51ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsux9jRRA61uU8lCAndX9HuaLKj4KMA1z3zLHMnu4eUbn08aJDD3VeuxA39caTVYzmX5piSgseRG260NhNefEEmyqFT586Drr4i49RdP2VtS8srptj8pq3ztxxzEtayxHr6Mum4spSMSn4lMs0_EKJIG9becKzKcDR5Ai0bAx1nknk_cSRqXkaKgeW0q5uoLHP74MnSjm4Gi2G_YuqqhYJ97Pw2TzPR0FkoEldvYiDek89XpBZG-IFmswyEBvF5SwmNVLYVTLDhCR19D68tI4dgJ92qCiYVZCWIfweat16Hvd0sR1kuoK-5rMo1piIQngk3jzG2W6Cc&sai=AMfl-YSsR76SmTpvgThY2UyTly6Q5w4Pfi5VNEmeZ6HZ3ehITRBZXyQeo4dY9gdqSeokDBOk_NLtv3JD6LqqXJJYu9603d2-EOcw6i4lmWdihvNQOXLbaG7VL0JBSrl5-hhrFy8xx-28c-lt3SPtePQ&sig=Cg0ArKJSzHe5yLoWmQDIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 4A07 47 KB
13 KB 60ms
33ms Script
application/javascript 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=21734991026&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=1097946489&adsafe_par&impId=&custom=inpage_1&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fb757f1ea0d7f7f9a0d4bbfb1aba2d624985d1ad15c4ec4e96891d3563413136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A983 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEMzVUItTd5JaPeZagQKaTcn2JQqkTTCej-fyzR7xUMFBTqHkc7edzISnY18Hhs8coq34PElFXGBb5lPAqQg-3mj87wnMdH0Tsnfuna7gRuvWRrceYC77V5ti0MSOf2_IHCFuDVZPjCePcMvrCXlYpoJiRZLVA0pYxNl8TpT70uIAhfOL9nTXxxYLNBUl3bZNGdj5dypvFdBwjVJPRl2nJQ1PC0F7qMQ9Acqo8UzWk4dlCpWPU6R-AiiHBxlLGyTA8Ept2BV3zYcy3zqAveinJSaIkbKDxZPyIOfcRr6Z_BvpsS3JnMHVRM9oSU8-wJtqONWjkX2Y&sai=AMfl-YRYyfzC6Tx7vpBBk0WmiaBGeb-mkbRQNRBSlwdiBjybs9UauEMm2H2LJDYiTtfzFiMQfg3IJVLsTM-RcNxvXX-iIARuY1tlxI7By7Mj9BB1prKeZg1cVyfCIi3DEIqpWsV3LTVs7WQJxSG9_2A&sig=Cg0ArKJSzHfkluX1j3gdEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 09:12:26 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 788B 47 KB
13 KB 36ms
35ms Script
application/javascript 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5304933991&chanId=21734991026&placementId=6287544669&pubCreative=138431228892&pubOrder=3195282203&cb=1038068025&adsafe_par&impId=&custom=inpage_3&custom2=home&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d279b273ff297e85b7bf2b04dadc360d2bd5e753218ae618d90a312f034ed0ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2

200

pixel.gif
load77.exelator.com/ Frame F3BA
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=41947762530570249581233648636027959293
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=41947762530570249581233648636027959293&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
380 B

58ms
6ms

Image
image/gif

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 30 Sep 2023 09:12:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 330309
x-accel-date: 1695734838
content-length: 43
x-77-nzt: AZySIYtc1Un/RQoFAA
x-accel-expires: @1696771638
x-77-age: 330309
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: cf8787272d4a918d7be6176515da0215
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Sat, 30 Sep 2023 09:12:27 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 16ms
15ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 12651
x-ms-lease-status: unlocked
last-modified: Thu, 28 Sep 2023 20:16:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b9810213-201e-005a-74a2-f25f64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80eb5820ea3cbb8b-FRA

GET
H/1.1 200
OK All-ProSans--semiBold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
19 KB 169ms
169ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--semiBold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19112
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200053-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:16:31 GMT
server: envoy
X-Timer: S1696065147.027005,VS0,VE149
etag: "1d9f08c6da8fb28"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
516 B 18ms
18ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 1493
x-ms-lease-status: unlocked
last-modified: Thu, 28 Sep 2023 20:16:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9fcdeaf9-601e-0090-6dea-f203ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80eb582118554d3d-FRA

GET
H2 200 National_Football_League_logo.svg.png
cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/ 68 KB
68 KB 19ms
17ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/National_Football_League_logo.svg.png

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Gz5DzPx+xXH6/nhkr1Zhpg==
age: 11088
content-length: 69278
x-ms-lease-status: unlocked
last-modified: Mon, 22 Aug 2022 17:40:20 GMT
server: cloudflare
etag: 0x8DA846562873955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 55d0ada0-101e-00ca-4fe1-5a4b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80eb58216ad2bb8b-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 29ms
28ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 09:12:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 56058
x-ms-lease-status: unlocked
last-modified: Thu, 28 Sep 2023 05:11:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7e4c15bb-601e-0080-1336-f2c685000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80eb58216ad4bb8b-FRA

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/ 93 B
910 B 18ms
13ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200066-BUR, cache-fra-eddf8230079-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.158133,VS0,VE1
etag: "1d9f08dcb89c95d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/addons/services/ 180 B
951 B 26ms
21ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200147-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.158407,VS0,VE2
etag: "1d9f08dcb89c9b4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK deferredService.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/services/ 751 B
1 KB 27ms
22ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/services/deferredService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218736
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 402
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200035-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.166456,VS0,VE1
etag: "1d9f08dcb89cbef"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK googletagHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 2 KB
2 KB 18ms
13ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/googletagHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7e3c075ba97e2919379bb94ded7d9a7fad2b6364d33c0576fca0bc5cd9cf4840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218542
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 754
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200176-BUR, cache-fra-eddf8230087-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.158300,VS0,VE1
etag: "1d9f08dcb89cf89"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK locationHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 1 KB
1 KB 24ms
19ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/locationHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 550
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200103-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.158749,VS0,VE2
etag: "1d9f08dcb89cd5f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK gigyaHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 3 KB
2 KB 21ms
20ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/gigyaHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

962682d0eb886a116b556e0fab6add5065694c0c35ccb373bb63274c4ba8e3d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1083
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200103-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.190643,VS0,VE2
etag: "1d9f08dcb89c390"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK menuDropdownsService.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/services/ 7 KB
3 KB 20ms
19ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/services/menuDropdownsService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

21526c41f30608596fa5a57e2c8f77d8443d33b5f6304c5b5f2f7bd47ef3c04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2117
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200078-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.180920,VS0,VE1
etag: "1d9f08dcb89d5ac"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=rkVDmugG1QMw1t5
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=rkVDmugG1QMw1t5

42 B
942 B

39ms
35ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=rkVDmugG1QMw1t5

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0c77e4b94.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: iItSAlbdR18=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 09:12:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0f37db6ac3f837baf@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=rkVDmugG1QMw1t5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame 177B 207 KB
65 KB 104ms
8ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30316653&chanId=21734991026&placementId=6267921791&pubCreative=138438160472&pubOrder=3181028387&cb=412765154&adsafe_par&impId=&custom=bottom&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 4476571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 3XGhTXtXeO4t2Z8E9LrenpTeQt6Y2Z8Osqx2UVKN77KRXFVbR6g9tw==

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame C43F 207 KB
65 KB 123ms
27ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5222449639&chanId=21734991026&placementId=6295301662&pubCreative=138432734008&pubOrder=3200570583&cb=376888331&adsafe_par&impId=&custom=centerpiece&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 4476571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: z9H1f0ru2NTVzooZsyd4ZFqNNn_B4BcW9g6n8-H6gYrmY591lKU0rw==

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 74ms
10ms Image
image/svg+xml 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 3859426
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=4;cpu=2;start=2023-08-16T17:08:40.499Z;desc=hit,rtt;dur=0,content-info;desc="width=500,height=500"
Content-Length: 3390
X-Served-By: cache-iad-kcgs7200127-IAD, cache-fra-eddf8230024-FRA
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1696065147.241275,VS0,VE0
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 55020, 14

GET
H/1.1 200
OK IND
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 4 KB
3 KB 74ms
9ms Image
image/svg+xml 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/IND

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f5a0ed635a13f2322f9ee2bb109ed37103df0196bb0ff66b1707602b927d13d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 331661
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="IND"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=145;cpu=0;start=2023-09-26T13:04:46.669Z;desc=miss,rtt;dur=0,content-info;desc="width=500,height=500",cloudinary;dur=135;start=2023-09-26T13:04:46.677Z
Content-Length: 1714
X-Served-By: cache-iad-kiad7000036-IAD, cache-fra-eddf8230065-FRA
Last-Modified: Tue, 27 Oct 2020 18:23:30 GMT
Server: Cloudinary
X-Timer: S1696065147.241059,VS0,VE0
Etag: W/"c8821a20fe03b41d19418051c1c745d0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 850, 20

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame 9FD0 207 KB
65 KB 135ms
43ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=300x250&pubId=5224820527&chanId=21734991026&placementId=6361852055&pubCreative=138443252704&pubOrder=3238845508&cb=1220301788&adsafe_par&impId=&custom=content-package&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 4476571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: nMI2UqDbleXZOCzKmy3Hwsfa9M5QXokrzYOc2Xqb2mUsHYR3WvUscQ==

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame 2033 207 KB
65 KB 122ms
50ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=30316653&chanId=21734991026&placementId=6362556125&pubCreative=138446555370&pubOrder=3239383336&cb=1705430565&adsafe_par&impId=&custom=inpage_2&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 4476571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: s0yvPOWcdt8dJTE0WJAjkScILWaif-ng1u75pK7y2XMLbkPyrmNgFA==

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame 4A07 207 KB
65 KB 129ms
57ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=21734991026&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=1097946489&adsafe_par&impId=&custom=inpage_1&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 4476571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: YmkySUmbvSlcg9rpvKm11VsSmRQNHoeapFvi9uuq3odOygOxaUUxsQ==

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame 788B 207 KB
65 KB 135ms
63ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5304933991&chanId=21734991026&placementId=6287544669&pubCreative=138431228892&pubOrder=3195282203&cb=1038068025&adsafe_par&impId=&custom=inpage_3&custom2=home&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 4476571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ZGGl5oGReQErQUox9XTkPL7_uq8zrHiyF3Ha8pGRGr8eyDm1iQ2Igg==

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/ 7 KB
3 KB 25ms
24ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

56369ff57d2e20525b62ef7e4b4d8f55f6de6e15dd3a751a4ba6f06e71bc61d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2504
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200159-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.207991,VS0,VE1
etag: "1d9f08dcb89d568"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/ 2 KB
2 KB 25ms
25ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200138-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.208133,VS0,VE1
etag: "1d9f08dcb89cecf"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK live-game-cta.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/nfl-components/ 440 B
1 KB 11ms
11ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/nfl-components/live-game-cta.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9010d4e7d5b253b20afa4b6dac6be2b84c2a71e6982e90ad418bb963ec8d3f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 55389
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 314
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200039-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.238770,VS0,VE1
etag: "1d9f08dcb89c8b8"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK live-game-yahoo-cta.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/nfl-components/ 414 B
1 KB 13ms
12ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/nfl-components/live-game-yahoo-cta.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cad14b1e753072aa73c668a509dcea788ab118d47038ef266bdb3cd31de605dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 217581
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 294
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200050-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.239951,VS0,VE3
etag: "1d9f08dcb89c89e"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK carousel.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/ 3 KB
2 KB 10ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/carousel.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c1427ebe9e4aea71d8320c0ca7e13d059cbdbaa6d0c5456d29f8d714e2bb076b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218543
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1191
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200079-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.258754,VS0,VE0
etag: "1d9f08dcb89c22d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK tabs.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/ 822 B
1 KB 13ms
11ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/tabs.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 217401
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 471
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200069-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.259059,VS0,VE1
etag: "1d9f08dcb89ca36"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/jquery/ 105 KB
40 KB 12ms
10ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/jquery/jquery-3.6.0.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 14
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 39864
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200137-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.259147,VS0,VE1
etag: "1d9f08dcb886de7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK sha256.min.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/sha256/ 9 KB
5 KB 12ms
10ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/sha256/sha256.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3888
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200152-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.261031,VS0,VE1
etag: "1d9f08dcb89ea39"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK nflTokenHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 3 KB
2 KB 23ms
15ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/nflTokenHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1146
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200092-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.280777,VS0,VE1
etag: "1d9f08dcb89c216"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK md5.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/md5/ 4 KB
2 KB 20ms
12ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/md5/md5.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1714
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200162-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.280763,VS0,VE1
etag: "1d9f08dcb89c626"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 2 KB
2 KB 23ms
17ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200023-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.283288,VS0,VE2
etag: "1d9f08dcb89cf20"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK react.production.min.js Show response
p.nfltags.com/react/ 10 KB
5 KB 15ms
14ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/react/react.production.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires: Sat, 30 Sep 2023 09:12:57 GMT
Date: Sat, 30 Sep 2023 09:12:27 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 7
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
Content-Length: 4255
X-Served-By: cache-bur-kbur8200101-BUR, cache-fra-eddf8230094-FRA
last-modified: Wed, 27 Sep 2023 18:26:56 GMT
server: envoy
X-Timer: S1696065147.283196,VS0,VE1
etag: "651473f0-29f1"
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 651840, 1

GET
H/1.1 200
OK react-dom.production.min.js Show response
p.nfltags.com/react-dom/ 129 KB
43 KB 18ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/react-dom/react-dom.production.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires: Sat, 30 Sep 2023 09:12:57 GMT
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Content-Encoding: gzip
Age: 6
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
Content-Length: 43065
X-Served-By: cache-bur-kbur8200023-BUR, cache-fra-eddf8230094-FRA
last-modified: Wed, 27 Sep 2023 18:26:56 GMT
server: envoy
X-Timer: S1696065147.307457,VS0,VE1
etag: "651473f0-2032a"
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 586314, 1

GET
H/1.1 200
OK livegameHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 692 B
1 KB 26ms
21ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/livegameHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

06d429557a21947eeecf89c2f9751970adb608607819574f1f8be1469ca215d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 55388
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 388
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200097-BUR, cache-fra-eddf8230028-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.318644,VS0,VE1
etag: "1d9f08dcb89cbb4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=1875858254886144970
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1875858254886144970

42 B
942 B

39ms
39ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=1875858254886144970

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0e7d16c40.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /E6ZePyKQbI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
an-x-request-uuid: f9109280-05c8-40fc-b210-9dee7da31829
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=1875858254886144970
x-proxy-origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 56F0 93 KB
33 KB 12ms
11ms Document
text/html 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-36.fra56.r.cloudfront.net

Software

Resource Hash

609613f9710119e660c85d8ca31b3caceb0e56fb88adf0f1939c70625b89800c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1481
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32869
content-type: text/html; charset=utf-8
date: Sat, 30 Sep 2023 08:47:46 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: LvctjWQhcATzyvYZugJEAWkJh0Qb-Z4tIjoecc2ie6b0tdXJhZ5VjA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0dd865a1918d41868d59407163575931
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t5
x-soa: true, Gator

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 8742 93 KB
33 KB 13ms
12ms Document
text/html 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-36.fra56.r.cloudfront.net

Software

Resource Hash

609613f9710119e660c85d8ca31b3caceb0e56fb88adf0f1939c70625b89800c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1481
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32869
content-type: text/html; charset=utf-8
date: Sat, 30 Sep 2023 08:47:46 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: 6YamMnG6W9Ov4RvQ92hbZJKQFhgBUQ5X43aFyQNPaHM1MZWo4SBfrQ==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0dd865a1918d41868d59407163575931
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t5
x-soa: true, Gator

GET
H/1.1 200
OK carouselCore.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/core/ 2 KB
2 KB 10ms
9ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/core/carouselCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

90ada510953d8fdbbf2337a3eecfeed8788fd036fce40714c4b1ec1d47170317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218542
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 766
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200175-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.307706,VS0,VE2
etag: "1d9f08dcb89cf6a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK keyboardNavigationService.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/services/carousel/ 4 KB
2 KB 10ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/services/carousel/keyboardNavigationService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bcd2cdc5985a1cac0f1ee443788c768f2f9a5524aafbe9b2e2b4456575b8f2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218542
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1374
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200027-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.307973,VS0,VE1
etag: "1d9f08dcb89c63d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/ 530 B
1 KB 9ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218543
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200133-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.307935,VS0,VE0
etag: "1d9f08dcb89cb12"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK tabsCore.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/core/ 1 KB
1 KB 12ms
10ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/core/tabsCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218542
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 581
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200112-BUR, cache-fra-eddf8230100-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.320282,VS0,VE1
etag: "1d9f08dcb89cdf3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/js-cookie/ 2 KB
2 KB 10ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200085-BUR, cache-fra-eddf8230116-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.321198,VS0,VE0
etag: "1d9f08dcb89cee6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/jquery/plugins/ 803 B
1 KB 12ms
10ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218736
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200116-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.323239,VS0,VE1
etag: "1d9f08dcb89ca23"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/autocomplete/ 13 KB
6 KB 11ms
9ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218736
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200167-BUR, cache-fra-eddf8230087-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.321619,VS0,VE1
etag: "1d9f08dcb89fb9b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK stringHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 586 B
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/stringHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218736
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 392
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200068-BUR, cache-fra-eddf8230079-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.323471,VS0,VE1
etag: "1d9f08dcb89cb4a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK dateHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 287 B
1004 B 11ms
9ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/dateHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 6
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 202
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200088-BUR, cache-fra-eddf8230087-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.335157,VS0,VE2
etag: "1d9f08dcb89c81f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK objectHelper.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/ 395 B
1 KB 10ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/modules/helpers/objectHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218737
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 262
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200164-BUR, cache-fra-eddf8230107-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065147.335134,VS0,VE1
etag: "1d9f08dcb89c88b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 56F0 5 KB
3 KB 9ms
8ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 6c7d2b58588a4c95f41b2e53b0ddd3f904d61156509f0b35c40bd0d1743f64f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:11:45 GMT
content-encoding: gzip
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 42
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2096
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 8399752f11f746d594de8a07a71be298
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t13
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: aLdTsdmXMp65vcpB2NatbwX_zGXOJKr3tkar863klNYjSDEHDMnzlw==

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 8742 5 KB
3 KB 7ms
6ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 6c7d2b58588a4c95f41b2e53b0ddd3f904d61156509f0b35c40bd0d1743f64f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:11:45 GMT
content-encoding: gzip
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 42
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2096
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 8399752f11f746d594de8a07a71be298
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t13
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: iplKVk7vdUnxPDIIBlmmSqXEaOouaym_U4ORrzG8li2yJSfm0UNzbA==

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=8591072196473830496
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8591072196473830496

42 B
942 B

36ms
36ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=8591072196473830496

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0672f2eac.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xb1OUc92Szg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=8591072196473830496
pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame FFCD 91 KB
23 KB 16ms
15ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 810197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: SMp18nilEbkPtoZkbALc2j0t4Z7k7urTw2irYN003xGYoPtP4TmBuQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 120ms
120ms Image
image/gif 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=300x250&pubId=5224820527&chanId=21734991026&placementId=6361852055&pubCreative=138443252704&pubOrder=3238845508&cb=1220301788&adsafe_par&impId=&custom=content-package&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:d497f426-747f-59d6-ff6b-90d52f8e0ed6,c:pGV9kb,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-797d947f74-lfp6b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1058.12104.300.250,am:i,cc:1058.12104.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:247,mot:0,app:0,maw:0,fm:tRkwvIy+11%7C12%7C13%7C141%7C15*.929781%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c,fm2:tRkwvIy+11%7C12%7C13%7C141%7C15*.929781%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:282,oid:79724939-5f71-11ee-8f5b-7a1d10111f11,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
server: nginx
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 07CD 91 KB
23 KB 16ms
16ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 810197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: -nV7o4iSNjPeAUFZ-gY3QGKM3xWwy4LDTk6r3bk_jbzMGTYP8wPYEw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 47ms
47ms Image
image/gif 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=30316653&chanId=21734991026&placementId=6267921791&pubCreative=138438160472&pubOrder=3181028387&cb=412765154&adsafe_par&impId=&custom=bottom&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:20a7471a-1d55-d482-4401-2a4d0b596588,c:pGV9kG,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-797d947f74-4sjxt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.14407.728.90,am:i,cc:436.14407.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:311,mot:0,app:0,maw:0,fm:tRkwvIq+11%7C12%7C13%7C141%7C151%7C152%7C16*.929781%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:320,oid:796c7cd0-5f71-11ee-a588-72b810372f4a,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2D0C 91 KB
23 KB 15ms
15ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 810197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: FwHF5Q2DtpuZS4NOkMlrQ-Q_NZ7zPziItkCQwyriIGZriCf7VWA3Xw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 46ms
45ms Image
image/gif 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=300x250&pubId=5222449639&chanId=21734991026&placementId=6295301662&pubCreative=138432734008&pubOrder=3200570583&cb=376888331&adsafe_par&impId=&custom=centerpiece&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:e5a93f38-fbef-473f-8e2e-e50a7f0bc035,c:pGV9l1,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-797d947f74-hjjk9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1058.1173.300.250,am:i,cc:1058.1173.300.250,piv:11,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:330,mot:0,app:0,maw:0,fm:tRkwvIt+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152%7C161%7C162%7C171%7C181%7C191%7C1a%7C1b%7C1c,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:338,oid:796ca32b-5f71-11ee-8b50-ba41fbd72283,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK owl.carousel-2.3.4.min.js Show response
www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/owlcarousel2/ 49 KB
15 KB 10ms
10ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/vendor/owlcarousel2/owl.carousel-2.3.4.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 218542
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 14875
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200082-BUR, cache-fra-eddf8230087-FRA
X-NFL-Dma: 276003
last-modified: Tue, 26 Sep 2023 15:26:18 GMT
server: envoy
X-Timer: S1696065148.536942,VS0,VE1
etag: "1d9f08dcb890a49"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK NflUmdComponents.WatchLiveButtonsFallbackPromo.js Show response
p.nfltags.com/nfl/ 915 KB
228 KB 12ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtonsFallbackPromo.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 6fdceacb8b149a46725ac2caedc45c21fb001471356137f2ab89c59d3b0f03c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires: Sat, 30 Sep 2023 09:12:58 GMT
Date: Sat, 30 Sep 2023 09:12:27 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 24
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
Content-Length: 232914
X-Served-By: cache-bur-kbur8200075-BUR, cache-fra-eddf8230094-FRA
last-modified: Thu, 28 Sep 2023 22:08:55 GMT
server: envoy
X-Timer: S1696065148.564905,VS0,VE1
etag: "6515f977-e4bbd"
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 93265, 1

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 21F2 91 KB
23 KB 26ms
17ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 810197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: RE44LU6Djg6Xt6MyqP0ErFgPDgi0CMr5SzzCeeAmBARFpj4uRtxUnw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 58ms
49ms Image
image/gif 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=30316653&chanId=21734991026&placementId=6362556125&pubCreative=138446555370&pubOrder=3239383336&cb=1705430565&adsafe_par&impId=&custom=inpage_2&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:63cc4b7d-4faf-8f95-912e-ca10f08563eb,c:pGV9mE,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-797d947f74-tx6vg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.12609.728.90,am:i,cc:436.12609.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:420,mot:0,app:0,maw:0,fm:tRkwvIB+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C18*.929781%7C181%7C191%7C1a%7C1b%7C1c,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:431,oid:7978b13b-5f71-11ee-bc54-aef2d71ac857,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
server: nginx
x-server-name: app24.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F92D 91 KB
23 KB 24ms
22ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 810197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: al2gA-LivTDTpLZtzqJkVt9YPh2u0h_OvOXUzv4YjPseynmLrk_7yQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 48ms
47ms Image
image/gif 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=5226435748&chanId=21734991026&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=1097946489&adsafe_par&impId=&custom=inpage_1&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:fd3f9c97-8178-fe3f-1e8a-1a0debb35571,c:pGV9nb,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-797d947f74-lfp6b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.11710.728.90,am:i,cc:436.11710.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:441,mot:0,app:0,maw:0,fm:tRkwvII+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17*.929781%7C171%7C181%7C182%7C191%7C1a%7C1b%7C1c,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:458,oid:7982eb28-5f71-11ee-8f5b-7a1d10111f11,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
server: nginx
x-server-name: app21.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8128 91 KB
23 KB 16ms
16ms Script
application/javascript 2600:9000:2248:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 810197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: LzhHrbVgl_bHwrZT3_Jn5Oss9sfdY7jNI2AOyQjML8_RvIVCuVHdtA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 54ms
54ms Image
image/gif 54.76.47.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=5304933991&chanId=21734991026&placementId=6287544669&pubCreative=138431228892&pubOrder=3195282203&cb=1038068025&adsafe_par&impId=&custom=inpage_3&custom2=home&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:eabbbb89-153e-8656-bd63-7421e41b5d92,c:pGV9nT,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-797d947f74-29c48,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.13278.728.90,am:i,cc:436.13278.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:481,mot:0,app:0,maw:0,fm:tRkwvIL+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19*.929781%7C191%7C1a%7C1b%7C1c,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:498,oid:7985830c-5f71-11ee-a7dc-be22ced1a6da,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2023093009122700029851144787
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=41947762530570249581233648636027959293&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023093009122700029851144787

42 B
942 B

37ms
36ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023093009122700029851144787

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-056c40efe.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: SmJ6NyegQWs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023093009122700029851144787
pragma: no-cache
date: Sat, 30 Sep 2023 09:12:27 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 30 Sep 2023 09:12:27 GMT

GET
H/1.1 200
OK NflUmdComponents.WatchLiveButtons.js Show response
p.nfltags.com/nfl/ 2 MB
518 KB 10ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: d13d9e3ff1207fbc8e2d838b42e3793d9c3e0932154fe2f4de083113e22c0d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires: Sat, 30 Sep 2023 09:12:58 GMT
Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish
Content-Encoding: gzip
Age: 49
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
Content-Length: 529424
X-Served-By: cache-bur-kbur8200023-BUR, cache-fra-eddf8230094-FRA
last-modified: Thu, 28 Sep 2023 22:08:55 GMT
server: envoy
X-Timer: S1696065148.772886,VS0,VE3
etag: "6515f977-1ac4d4"
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 100346, 1

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 414ms
155ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=d497f426-747f-59d6-ff6b-90d52f8e0ed6&tv=%7Bc:pGV9pq,pingTime:-2,time:606,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:354,beZ:355,mfA:600,cmA:601,inA:602,inZ:607,prA:607,prZ:625,si:635,poA:636,poZ:654,cmZ:654,mfZ:654,loA:734,loZ:737,ltA:959,ltZ:959,mdA:355,mdZ:498%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:281%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:606,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:280,wc:0.0.1600.1200,ac:1058.12104.300.250,am:i,cc:1058.12104.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B356~0%5D,as:%5B356~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tRkwvIq+11%7C12%7C13%7C14.929781%7C141%7C15*.929781%7C151%7C16.929781%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c,fm2:tRkwvIq+11%7C12%7C13%7C14.929781%7C141%7C15*.929781%7C151%7C16.929781%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:282,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_3,google_ads_iframe_/4595/team.la/home_3__container__,adv_block_e9ebd7fd-159c-4cc0-b263-dd907422279d,main-content%5D,sinceFw:323,readyFired:true%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 491ms
234ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=20a7471a-1d55-d482-4401-2a4d0b596588&tv=%7Bc:pGV9pu,pingTime:-2,time:618,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:400,beZ:402,mfA:711,cmA:711,inA:712,inZ:713,prA:713,prZ:716,si:721,poA:721,poZ:732,cmZ:732,mfZ:732,loA:812,loZ:816,ltA:1018,ltZ:1018,mdA:402,mdZ:534%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:320%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:618,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:320,wc:0.0.1600.1200,ac:436.14407.728.90,am:i,cc:436.14407.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B306~0%5D,as:%5B306~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tRkwvIq+11%7C12%7C13%7C14.929781%7C141%7C15.929781%7C151%7C152%7C16*.929781%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:321,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_5,google_ads_iframe_/4595/team.la/home_5__container__,adv_club,main-content%5D,sinceFw:296,readyFired:true%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 409ms
156ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=e5a93f38-fbef-473f-8e2e-e50a7f0bc035&tv=%7Bc:pGV9pw,pingTime:-2,time:617,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:470,beZ:472,mfA:800,cmA:801,inA:801,inZ:802,prA:802,prZ:806,si:809,poA:809,poZ:819,cmZ:819,mfZ:819,loA:891,loZ:892,ltA:1088,ltZ:1088,mdA:472,mdZ:613%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:11,vs:o,r:l,w:300,h:250,t:338%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:617,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:338,wc:0.0.1600.1200,ac:1058.1173.300.250,am:i,cc:1058.1173.300.250,piv:11,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B286~1%5D,as:%5B286~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tRkwvIq+11%7C12%7C13%7C14*.929781%7C141%7C15.929781%7C151%7C152%7C16.929781%7C161%7C162%7C171%7C181%7C191%7C1a%7C1b%7C1c,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:338,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_2,google_ads_iframe_/4595/team.la/home_2__container__,1f3fa918-9747-4fdd-b238-5e6cfef457d6,main-content%5D,sinceFw:279,readyFired:true%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK bmqqw7tvszzpqwfe50a5.jpg
static.clubs.nfl.com/image/upload/rams/ 228 KB
229 KB 21ms
20ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/rams/bmqqw7tvszzpqwfe50a5.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8e4008ded38b321f1193d033840650fa68516f5a8a3c6a13c06ef0a505f29699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1011944
Edge-Cache-Tag: 462277113710592120565944991904207381389,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 462277113710592120565944991904207381389,c34f21cfe162ce329654d565922e8c70
X-Cache: HIT, HIT, HIT
Connection: keep-alive
Content-Length: 233860
X-Served-By: cache-iad-kjyo7100038-IAD, cache-iad-kjyo7100038-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Sun, 17 Sep 2023 23:08:00 GMT
Server: cloudinary
Surrogate-Reporting: width=3000,height=200,bytes=233860,o=1
X-Timer: S1696065148.836675,VS0,VE2
Etag: "13afbff2d0059e5f5d20ab6dea94f587"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 3223, 1

GET j1tkxc6un23k9cqywqty.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/ 0
0

GET
H/1.1 200
OK j1tkxc6un23k9cqywqty.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 48 KB
49 KB 79ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/j1tkxc6un23k9cqywqty.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 67b4291454256eafcde07997a5e2129108bfd5d8d1c778131aeb5c438629df73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:27 GMT
Via: 1.1 c1cecf43ad8e18f031edf5229ce4289c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 53329
Edge-Cache-Tag: 412959858210533076633916240561535566579,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 412959858210533076633916240561535566579,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="j1tkxc6un23k9cqywqty.webp"
Connection: keep-alive
Content-Length: 48960
X-Request-Id: 0efc2b5aa57fee27b6eb67ece2226474
X-Served-By: cache-iad-kjyo7100159-IAD, cache-iad-kiad7000134-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Fri, 29 Sep 2023 18:23:40 GMT
Server: cloudinary
Surrogate-Reporting: width=824,height=464,bytes=48960,owidth=1920,oheight=1080,obytes=2460813
X-Timer: S1696065148.901481,VS0,VE1
Etag: "d7a39a3b25f7346a5c9f1b6982dc1b67"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 35, 1

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 345ms
158ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=63cc4b7d-4faf-8f95-912e-ca10f08563eb&tv=%7Bc:pGV9qC,pingTime:-2,time:677,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:315,beZ:316,mfA:735,cmA:735,inA:735,inZ:737,prA:737,prZ:743,si:746,poA:746,poZ:760,cmZ:760,mfZ:760,loA:931,loZ:933,ltA:992,ltZ:992,mdA:320,mdZ:463%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:431%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:677,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:431,wc:0.0.1600.1200,ac:436.12609.728.90,am:i,cc:436.12609.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B256~0%5D,as:%5B256~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tRkwvIB+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17.929781%7C171%7C18*.929781%7C181%7C19.929781%7C191%7C1a%7C1b%7C1c,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:431,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_7,google_ads_iframe_/4595/team.la/home_7__container__,adv_inpage_2,main-content%5D,sinceFw:246,readyFired:true%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 413ms
232ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=fd3f9c97-8178-fe3f-1e8a-1a0debb35571&tv=%7Bc:pGV9qF,pingTime:-2,time:673,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:269,beZ:270,mfA:710,cmA:711,inA:711,inZ:712,prA:712,prZ:717,si:727,poA:727,poZ:751,cmZ:751,mfZ:751,loA:885,loZ:887,ltA:942,ltZ:942,mdA:271,mdZ:418%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:457%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:673,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:457,wc:0.0.1600.1200,ac:436.11710.728.90,am:i,cc:436.11710.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B231~0%5D,as:%5B231~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tRkwvIB+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17*.929781%7C171%7C18.929781%7C181%7C182%7C19.929781%7C191%7C1a%7C1b%7C1c,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:458,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_6,google_ads_iframe_/4595/team.la/home_6__container__,adv_inpage_1,main-content%5D,sinceFw:215,readyFired:true%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 300ms
120ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=eabbbb89-153e-8656-bd63-7421e41b5d92&tv=%7Bc:pGV9qH,pingTime:-2,time:672,type:a,im:%7BpBlk:537,sf:0,pom:1,prf:%7BbeA:231,beZ:232,mfA:712,cmA:713,inA:713,inZ:714,prA:714,prZ:720,si:729,poA:729,bl:767,poZ:768,cmZ:768,mfZ:768,loA:858,loZ:859,ltA:903,ltZ:903,mdA:232,mdZ:383%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:498%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:672,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:498,wc:0.0.1600.1200,ac:436.13278.728.90,am:i,cc:436.13278.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B191~0%5D,as:%5B191~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tRkwvIB+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17.929781%7C171%7C172%7C18.929781%7C181%7C182%7C19*.929781%7C191%7C1a%7C1b%7C1c,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:498,slid:%5Bgoogle_ads_iframe_/4595/team.la/home_8,google_ads_iframe_/4595/team.la/home_8__container__,adv_inpage_3,main-content%5D,sinceFw:174,readyFired:true%7D&br=c
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET /
adb2waycm-atl.netmng.com/cm/ Frame F3BA 0
0

GET
H2 200 client.js Show response
apis.google.com/js/ 18 KB
8 KB 107ms
30ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca850baab7bc608fd12b92094c7723945bf2f7eb13b01c3c1e700452aa10eb07

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 09:12:28 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7131
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "91fb1cbe5d4df5b3"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:12:28 GMT

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame B491 93 KB
33 KB 9ms
8ms Document
text/html 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-36.fra56.r.cloudfront.net

Software

Resource Hash

609613f9710119e660c85d8ca31b3caceb0e56fb88adf0f1939c70625b89800c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1482
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32869
content-type: text/html; charset=utf-8
date: Sat, 30 Sep 2023 08:47:46 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: XGNl4aQqpynBVrRGvwvyfF7ze_X7QDjv8pdyy6WI1vCJ32lQ8O9IRw==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-callid: 0dd865a1918d41868d59407163575931
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t5
x-soa: true, Gator

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEJsuiDALpJbTJvNUIHAB9G8&google_cver=1
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE5NDc3NjI1MzA1NzAyNDk1ODEyMzM2NDg2MzYwMjc5NTkyOTM=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJsuiDALpJbTJvNUIHAB9G8&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

36ms
35ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJsuiDALpJbTJvNUIHAB9G8&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-04c10efb4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fah+4jAIRjM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJsuiDALpJbTJvNUIHAB9G8&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
2 KB 43ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b14a9d96a8a2d21f36d8ee27486d1d04d12719745e357e0f5a096c2e08825526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 09:12:28 GMT
content-md5: BXZJD6/2NoRd66wsMHamUQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: UwjFIhwEJLb9Dngglh48HTwL0c4MadoQLlVKHy7bJEs5SXKMKHow7y09XeK6GOlfyyOF1w1wLQOweZ3aYumITQ==
x-fb-content-md5: 6cc4b486fb2c947ff0873fa6b99ab277
cross-origin-opener-policy: same-origin-allow-popups
etag: "febf58db8dd825250972dfa887089d19"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 30 Sep 2023 09:28:51 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame F3BA 43 B
395 B 172ms
121ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=41947762530570249581233648636027959293&p_id=38594

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-response-time: 102
date: Sat, 30 Sep 2023 09:12:28 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2fc2f12a8062154a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 59bd13dfd4790618d73c4b43f50fb6130f1f87a1ad7192702c1dd76bfd2ec92b
content-length: 43

OPTIONS
H2 200 b07d55d8-f053-11ed-b4a7-bab79e4492fa
api.nfl.com/football/v2/games/ Frame 0
0 7ms
6ms Preflight
text/html 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/football/v2/games/b07d55d8-f053-11ed-b4a7-bab79e4492fa?withExternalIds=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Sat, 30 Sep 2023 09:12:28 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230082-FRA

GET
H2 200 b07d55d8-f053-11ed-b4a7-bab79e4492fa Show response
api.nfl.com/football/v2/games/ 2 KB
982 B 9ms
8ms Fetch
application/json 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/football/v2/games/b07d55d8-f053-11ed-b4a7-bab79e4492fa?withExternalIds=true
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 729fb2647274b83136a3c1ca10779156363b9ac554b52c62f04f4237d23d9fd7

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjbGllbnRJZCI6ImU1MzVjN2MwLTgxN2YtNDc3Ni04OTkwLTU2NTU2ZjhiMTkyOCIsImNsaWVudEtleSI6IjRjRlVXNkRtd0pwelQ5TDdMckczcVJBY0FCRzVzMDRnIiwiaXNzIjoiTkZMIiwiZGV2aWNlSWQiOiIxMmIzODVlZi0zOGJhLTQ4M2YtODMxYS1jNzU4ZWI3ZmZiZWIiLCJwbGFucyI6W3sicGxhbiI6ImZyZWUiLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjQtMDktMjkiLCJzb3VyY2UiOiJORkwiLCJzdGFydERhdGUiOiIyMDIzLTA5LTMwIiwic3RhdHVzIjoiQUNUSVZFIiwidHJpYWwiOmZhbHNlfV0sIkRpc3BsYXlOYW1lIjoiV0VCX0RFU0tUT1BfREVTS1RPUCIsIk5vdGVzIjoiIiwiZm9ybUZhY3RvciI6IkRFU0tUT1AiLCJsdXJhQXBwS2V5IjoiU1pzNTdkQkdSeGJMNzI4bFZwN0RZUSIsInBsYXRmb3JtIjoiREVTS1RPUCIsInByb2R1Y3ROYW1lIjoiV0VCIiwiY2l0eSI6ImZyYW5rZnVydCBhbSBtYWluIiwiY291bnRyeUNvZGUiOiJERSIsImRtYUNvZGUiOiIyNzYwMDMiLCJobWFUZWFtcyI6WyIxMDQwMDc1MC0yNTliLTMzYWMtZWVlMy1hMzg1MmU4M2NkMWYiLCIxMDQwMjMxMC1hNDdlLTEwZWEtNzQ0Mi0xNmI2MzM2MzM2MzciLCIxMDQwMzIwMC02OWFiLTllYTYtNWFmNS1lMjQwZmJjMDhiZWEiLCIxMDQwNDkwMC1kNTllLWI0NDktZWY3NS05NjFlMDljYTAyN2UiXSwicmVnaW9uIjoiSEUiLCJicm93c2VyIjoiQ2hyb21lIiwiY2VsbHVsYXIiOmZhbHNlLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJyb2xlcyI6WyJmcmVlIl0sImV4cCI6MTY5NjA2ODc0Nn0.pUE6xCTEHSihcvx8hx7qDAh7oawqwquHlD1CSQ0BhYc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:28 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 30
x-cache: HIT, HIT
content-length: 845
x-served-by: cache-bur-kbur8200055-BUR, cache-fra-eddf8230082-FRA
x-timer: S1696065149.636352,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 2, 1

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame B491 5 KB
3 KB 9ms
9ms Fetch
text/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: /
Resource Hash: 6c7d2b58588a4c95f41b2e53b0ddd3f904d61156509f0b35c40bd0d1743f64f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=15406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:11:45 GMT
content-encoding: gzip
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-C1
age: 43
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2096
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 8399752f11f746d594de8a07a71be298
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t13
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: DAzN95YTbMRt0YZJWxLkJaaiYoavamM3Kuo-7jZYpVNVsULXOaWN0A==

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ 317 KB
109 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cac7b91540d4ac8d48564bfaf6c987754de65ec197b9a3dd536661db6c8ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110698
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 16:33:17 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 125ms
124ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=eabbbb89-153e-8656-bd63-7421e41b5d92&tv=%7Bc:pGV9Fk,pingTime:-10,time:1579,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xMzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696065148766%7C%7C767762ca6ec427f08f5bb57c852ec5bb%7C%7C5bead3a06085d6babcc8a1cb991283be%7C%7C848ec1217f2ed7bcd4ef064f3550373d%7C%7C32eb7593be9a0c80a51e5ecee4247c85%7C%7C40ac851050d31f416e5f38e95ed9eced%7C%7C63c53e497c39cea517ca1dca9a36ef86%7C%7C6481aa757d9c67ef7311d873f3534e6f%7C%7C1663701684,im:%7BpWait:381%7D%7D
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame F3BA
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEC1i0JW1Ed0mT0Tw_aE_SPY&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

34ms
34ms

Image
image/png

54.77.207.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.77.207.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-207-49.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Sat, 30 Sep 2023 09:12:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=d497f426-747f-59d6-ff6b-90d52f8e0ed6&tv=%7Bc:pGV9FA,pingTime:-10,time:1608,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xMzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696065148781%7C%7C189b80d1a06f13a76e321054af70477a%7C%7C5bead3a06085d6babcc8a1cb991283be%7C%7C5e8d574ec0dcbac863aea33d32cf8b2f%7C%7C1cb5f24a8dd95958549f8ffab70ef0fe%7C%7C2d7cecb61a02f6ed9eab04bda34f4414%7C%7C23c12742479fbf61e8cca97721a35b03%7C%7Cd9d671b1956cf3983d304ba3b90eecd3%7C%7C1663701684%7D
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:28 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 28ms
19ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=cf562be23bcec92af0980570a778ded2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a210eb760189b0087849394db2b15608b138e977c42c790326aef7d4e4e70d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 09:12:28 GMT
content-md5: 53Cl6+uKPzdUCbbdKhR4UQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88123
x-fb-debug: rqlQGycMq+W57/R1NFAh/mc8PQUKitkZmLkztZUhJRrwzm8CYqfpkW2OWfcsB384e8yG/Od7hvUZbzVIDIFRjA==
x-fb-content-md5: 4165fc1525acc52386c558616e172275
cross-origin-opener-policy: same-origin-allow-popups
etag: "87f018902e3a5474097972258299e777"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 29 Sep 2024 08:37:44 GMT

OPTIONS
H2 200 livestreams
api.nfl.com/live/v1/ Frame 0
0 7ms
7ms Preflight
text/html 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/live/v1/livestreams?contentType=GAME&endTime=2023-10-01T22%3A00%3A00.000Z&gameId=b07d55d8-f053-11ed-b4a7-bab79e4492fa&objectowner=1&startTime=2023-09-28T22%3A00%3A00.000Z
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Sat, 30 Sep 2023 09:12:28 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230082-FRA

GET
H2 200 livestreams Show response
api.nfl.com/live/v1/ 2 KB
1 KB 579ms
578ms Fetch
application/json 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/live/v1/livestreams?contentType=GAME&endTime=2023-10-01T22%3A00%3A00.000Z&gameId=b07d55d8-f053-11ed-b4a7-bab79e4492fa&objectowner=1&startTime=2023-09-28T22%3A00%3A00.000Z
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: be-content-api /
Resource Hash: 7d7c8509717e19ca0b94ee7feb0d08a049474ca76df03f56bf87889f01d15cb0

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjbGllbnRJZCI6ImU1MzVjN2MwLTgxN2YtNDc3Ni04OTkwLTU2NTU2ZjhiMTkyOCIsImNsaWVudEtleSI6IjRjRlVXNkRtd0pwelQ5TDdMckczcVJBY0FCRzVzMDRnIiwiaXNzIjoiTkZMIiwiZGV2aWNlSWQiOiIxMmIzODVlZi0zOGJhLTQ4M2YtODMxYS1jNzU4ZWI3ZmZiZWIiLCJwbGFucyI6W3sicGxhbiI6ImZyZWUiLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjQtMDktMjkiLCJzb3VyY2UiOiJORkwiLCJzdGFydERhdGUiOiIyMDIzLTA5LTMwIiwic3RhdHVzIjoiQUNUSVZFIiwidHJpYWwiOmZhbHNlfV0sIkRpc3BsYXlOYW1lIjoiV0VCX0RFU0tUT1BfREVTS1RPUCIsIk5vdGVzIjoiIiwiZm9ybUZhY3RvciI6IkRFU0tUT1AiLCJsdXJhQXBwS2V5IjoiU1pzNTdkQkdSeGJMNzI4bFZwN0RZUSIsInBsYXRmb3JtIjoiREVTS1RPUCIsInByb2R1Y3ROYW1lIjoiV0VCIiwiY2l0eSI6ImZyYW5rZnVydCBhbSBtYWluIiwiY291bnRyeUNvZGUiOiJERSIsImRtYUNvZGUiOiIyNzYwMDMiLCJobWFUZWFtcyI6WyIxMDQwMDc1MC0yNTliLTMzYWMtZWVlMy1hMzg1MmU4M2NkMWYiLCIxMDQwMjMxMC1hNDdlLTEwZWEtNzQ0Mi0xNmI2MzM2MzM2MzciLCIxMDQwMzIwMC02OWFiLTllYTYtNWFmNS1lMjQwZmJjMDhiZWEiLCIxMDQwNDkwMC1kNTllLWI0NDktZWY3NS05NjFlMDljYTAyN2UiXSwicmVnaW9uIjoiSEUiLCJicm93c2VyIjoiQ2hyb21lIiwiY2VsbHVsYXIiOmZhbHNlLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJyb2xlcyI6WyJmcmVlIl0sImV4cCI6MTY5NjA2ODc0Nn0.pUE6xCTEHSihcvx8hx7qDAh7oawqwquHlD1CSQ0BhYc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 1286
x-served-by: cache-bur-kbur8200032-BUR, cache-fra-eddf8230082-FRA
server: be-content-api
x-timer: S1696065149.843934,VS0,VE572
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=30
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame F3BA
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEC...
https://pixel.everesttech.net/1x1

128 B
796 B

33ms
33ms

Image
image/png

54.77.207.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.77.207.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-207-49.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Sat, 30 Sep 2023 09:12:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 139ms
106ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=cf562be23bcec92af0980570a778ded2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Sat, 30 Sep 2023 09:12:28 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-fb-debug: F0xxQ09G+An3p0nHyrK6RGLqPJsVfaA74qbTp1hNbIPR8YFnOhYdWaHtjeJyoQpVlBSSwbp7vPaj4bFXLS6ciQ==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 97ms
58ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9672b47e1d2e5ab78b2cb008dee9f01e63560df802d71f2d7b5bcb79fb2a0d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12062
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 09:12:29 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 122ms
122ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=20a7471a-1d55-d482-4401-2a4d0b596588&tv=%7Bc:pGV9JV,pingTime:-10,time:1885,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xMzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696065148766%7C%7C767762ca6ec427f08f5bb57c852ec5bb%7C%7C5bead3a06085d6babcc8a1cb991283be%7C%7C848ec1217f2ed7bcd4ef064f3550373d%7C%7C32eb7593be9a0c80a51e5ecee4247c85%7C%7C40ac851050d31f416e5f38e95ed9eced%7C%7C63c53e497c39cea517ca1dca9a36ef86%7C%7C6481aa757d9c67ef7311d873f3534e6f%7C%7C1663701684,sca:%7Bspg:eabbbb89-153e-8656-bd63-7421e41b5d92%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:29 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame F3BA
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
30ms

Image
image/png

54.77.207.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.77.207.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-207-49.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Sat, 30 Sep 2023 09:12:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 14ms
13ms Image
image/svg+xml 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 30 Sep 2023 09:12:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 3859428
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=4;cpu=2;start=2023-08-16T17:08:40.499Z;desc=hit,rtt;dur=0,content-info;desc="width=500,height=500"
Content-Length: 3390
X-Served-By: cache-iad-kcgs7200127-IAD, cache-fra-eddf8230024-FRA
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1696065149.069205,VS0,VE0
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 55020, 15

GET
H/1.1 200
OK IND
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 4 KB
3 KB 13ms
12ms Image
image/svg+xml 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/IND

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/4ff8caea4f3b28d1fe30110f8d618473/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f5a0ed635a13f2322f9ee2bb109ed37103df0196bb0ff66b1707602b927d13d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 30 Sep 2023 09:12:29 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 331662
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="IND"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=145;cpu=0;start=2023-09-26T13:04:46.669Z;desc=miss,rtt;dur=0,content-info;desc="width=500,height=500",cloudinary;dur=135;start=2023-09-26T13:04:46.677Z
Content-Length: 1714
X-Served-By: cache-iad-kiad7000036-IAD, cache-fra-eddf8230065-FRA
Last-Modified: Tue, 27 Oct 2020 18:23:30 GMT
Server: Cloudinary
X-Timer: S1696065149.069211,VS0,VE0
Etag: W/"c8821a20fe03b41d19418051c1c745d0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 850, 21

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 48FA 13 KB
5 KB 13ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 83995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 09:52:34 GMT
expires: Sat, 28 Sep 2024 09:52:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A58 829 B
1 KB 44ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

66efb2844c009dcae8fa7a076a28ee4ca4bc7d42a2b09dc19b0163a642c20c6c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-afw_C-mT_jzEfj5L-QTO-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-afw_C-mT_jzEfj5L-QTO-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 09:12:29 GMT
expires: Sat, 30 Sep 2023 09:12:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 48FA 37 KB
14 KB 7ms
7ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 10:19:24 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame F3BA
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

34ms
33ms

Image
image/png

54.77.207.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.77.207.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-207-49.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b51f-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Sat, 30 Sep 2023 09:12:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 119ms
118ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=e5a93f38-fbef-473f-8e2e-e50a7f0bc035&tv=%7Bc:pGV9M6,pingTime:-10,time:2017,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xMzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696065148766%7C%7C767762ca6ec427f08f5bb57c852ec5bb%7C%7C5bead3a06085d6babcc8a1cb991283be%7C%7C848ec1217f2ed7bcd4ef064f3550373d%7C%7C32eb7593be9a0c80a51e5ecee4247c85%7C%7C40ac851050d31f416e5f38e95ed9eced%7C%7C63c53e497c39cea517ca1dca9a36ef86%7C%7C6481aa757d9c67ef7311d873f3534e6f%7C%7C1663701684,sca:%7Bspg:eabbbb89-153e-8656-bd63-7421e41b5d92%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:29 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A58 0
0 43ms
42ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309270101&jk=3995766567088394&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame F3BA
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

34ms
33ms

Image
image/png

54.77.207.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.77.207.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-207-49.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Sat, 30 Sep 2023 09:12:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 48FA 0
10 B 11ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_K5rVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F3BA 70 B
149 B 108ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.therams.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:29 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 config Show response
api.nfl.com/v1/ 1 KB
895 B 11ms
11ms Fetch
application/json 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/v1/config?c=%2Fpublic%2Fweb
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: ff54cfd0a5bf9803b8fd19944bd056a1c0cfcf7bcb1db5dada7c9d8f463f843a

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

nfl_geo_country: DE
date: Sat, 30 Sep 2023 09:12:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3
nfl_geo_city: frankfurt am main
origin-site: LV1
x-cache: HIT, HIT
x-envoy-upstream-service-time: 4
nfl_geo_zip: 60323
content-length: 595
x-served-by: cache-bur-kbur8200119-BUR, cache-fra-eddf8230082-FRA
server: envoy
x-timer: S1696065149.438091,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
x-nfl-app: config
access-control-expose-headers: NFL_GEO_COUNTRY,NFL_GEO_DMA,NFL_GEO_ZIP
nfl_geo_dma: 276003
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
nfl_geo_region: HE
x-cache-hits: 27, 1

OPTIONS
H2 200 config
api.nfl.com/v1/ Frame 0
0 11ms
11ms Preflight
text/html 151.101.65.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/v1/config?c=%2Fpublic%2Fweb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-expose-headers: NFL_GEO_COUNTRY,NFL_GEO_DMA,NFL_GEO_ZIP
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Sat, 30 Sep 2023 09:12:29 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230082-FRA

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=fd3f9c97-8178-fe3f-1e8a-1a0debb35571&tv=%7Bc:pGV9PX,pingTime:-10,time:2241,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xMzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696065148766%7C%7C767762ca6ec427f08f5bb57c852ec5bb%7C%7C5bead3a06085d6babcc8a1cb991283be%7C%7C848ec1217f2ed7bcd4ef064f3550373d%7C%7C32eb7593be9a0c80a51e5ecee4247c85%7C%7C40ac851050d31f416e5f38e95ed9eced%7C%7C63c53e497c39cea517ca1dca9a36ef86%7C%7C6481aa757d9c67ef7311d873f3534e6f%7C%7C1663701684,sca:%7Bspg:eabbbb89-153e-8656-bd63-7421e41b5d92%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:29 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

204

sync
ups.analytics.yahoo.com/ups/28/ Frame F3BA
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=41947762530570249581233648636027959293&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/28/sync?uid=41947762530570249581233648636027959293&_origin=1&redir=true

0
87 B

26ms
9ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/28/sync?uid=41947762530570249581233648636027959293&_origin=1&redir=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/28/sync?uid=41947762530570249581233648636027959293&_origin=1&redir=true
date: Sat, 30 Sep 2023 09:12:29 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.75
content-length: 389
content-language: en

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame F3BA
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlJmbWVnQUFBSjI4emdOeA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

34ms
34ms

Image
image/png

54.77.207.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.77.207.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-207-49.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Sat, 30 Sep 2023 09:12:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 120ms
120ms Image
image/gif 2600:1f18:1aca:4282:19c4:d57a:bf57:c630
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=63cc4b7d-4faf-8f95-912e-ca10f08563eb&tv=%7Bc:pGV9TI,pingTime:-10,time:2481,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xMzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696065148766%7C%7C767762ca6ec427f08f5bb57c852ec5bb%7C%7C5bead3a06085d6babcc8a1cb991283be%7C%7C848ec1217f2ed7bcd4ef064f3550373d%7C%7C32eb7593be9a0c80a51e5ecee4247c85%7C%7C40ac851050d31f416e5f38e95ed9eced%7C%7C63c53e497c39cea517ca1dca9a36ef86%7C%7C6481aa757d9c67ef7311d873f3534e6f%7C%7C1663701684,sca:%7Bspg:eabbbb89-153e-8656-bd63-7421e41b5d92%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:19c4:d57a:bf57:c630 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:29 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=PbYyYznuA1Qk4GoZ3o1ZCy9nJKtk9uv4&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PbYyYznuA1Qk4GoZ3o1ZCy9nJKtk9uv4&gdpr=0&gdpr_consent=

42 B
942 B

34ms
34ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PbYyYznuA1Qk4GoZ3o1ZCy9nJKtk9uv4&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-02e2ff31f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wKVzuX4BTHM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PbYyYznuA1Qk4GoZ3o1ZCy9nJKtk9uv4&gdpr=0&gdpr_consent=
date: Sat, 30 Sep 2023 09:12:28 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 847172
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=41947762530570249581233648636027959293&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

33ms
33ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-067d2f009.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FEoOApXMRc0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 303,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Sat, 30 Sep 2023 09:12:29 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309270101&jk=3995766567088394&bg=!NDelN3jNAAYEJRtnJCU7ADQBe5WfOPqPK92L8AloTGGL1pE6HPBjiHXrnmPSzseH9ZGIsZjEsdRcOaTEN0tiKhqTcuTkAgAAAKRSAAAAC2gBBwoAzlHPbr84KhBMvJPaBYYAY6a9PPjQW1EOjw62R_hBgM53TLKaQ0On6k-JI1o07YkHgxIsPyhbpGoSPipr6zZ-A5I3eN4QwFquTJZYhhF8TkeYLOIqVVO1QqBl6ikd8Y5C_egDtUIpIJQxHoL9177GWqSuaLmNug0M2sMAV5qEKKeoxh2yu2P-Taqt3Ep8aXlAZoRNuncLQQAnBVrwTjmEIEddLIoFnrQ-jMW2UFh8ghRxrWAxezMakaFmeRSE8BLiAbiUWcBnXUdEnqwdCVaBmQK0fx6FmrB-rSPrl44oE-HDwg6UR2YU1wT5tTjH4o4IUv51iUHmK2asrgBQ-F7lQ5RSSeXMBEcV4cEEbexK8CiL7Bfn3A5fmixk842TEvkEKydEdgZ_MRmSuIAEi5WtMuh9Q98ZENz_WCQfA-ffhje8n_5aZoByXAIwEe8jZKkhgCPdQEYUmU2-XdaQTIHeGyosV-YKeDV8IIfiZQHLXo53TSXZtf2K8_FLQmitu6mITlBlM9-EVV6uiGUSkvTJUtQTSOUaQUT9Lr8AmfdqTPgJDMxbyZOoPq326gw8K31JuCaHM649wKKDNmAH8CUWTXTGKWUwCeUAFTvJNz-G9JYdYm946lg4xfPjZt3ExNjtUfDoyhNOhe4Ff0gTPodjtsuWosTqMRf_zD5gDgWZ1LIPsBZdsG2tcZ6aSzRTTn38ZgaFUXwfCtwiUSy6qSgQdx0K0qKfjwlwSPMccU5VxdU7bNj1oo-oVzP8m7FNctNNhG5rFd10EQ0tjj76BVMGism7Mwh0XV6qwSQx7nx9ZnT-v-zDEPjOCdkX0g6-PonOst310dvu_Gtg0JlGS8Uuv1WerXsLqqYK1xmQH1Im9S_i01h6UsBq4MCyW9MmHIxOplfJqQuJy2NJM7TqWIhDkiSXYpDFWFt183xzstDUbMHg54I_tPQfa5B43bE3q1VtjqQmRiHNOu_TVlalNLpcQ6JnPcg7Lv0iPtZZLOVRMbWq2k6HQpB4pfXLjOEgSu4MoFxXB6nXXerUgbiSHbGoM-Urs1uPe_HA9qT_iUKzq-32RyW_tE95TFAW5esPdfDeOA8TTLDlb5SEUwZ3RJw_dd5FeAqItzLfyuAj9onPTPv27TlAcmYIpPyJ_eSGR4rtsRespzlGi5uKM2CYMLYloEsqEVn5XvEnbTjMKCLuZ3snYdKDJWM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=41947762530570249581233648636027959293&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=41947762530570249581233648636027959293&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-52kPRTVE2pFmaERsQhV47yFlxkAGEABeQg4-~A

42 B
942 B

35ms
34ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-52kPRTVE2pFmaERsQhV47yFlxkAGEABeQg4-~A

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0b5931b43.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hS2avle3QSk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-52kPRTVE2pFmaERsQhV47yFlxkAGEABeQg4-~A
date: Sat, 30 Sep 2023 09:12:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 v2
odr.mookie1.com/t/ Frame F3BA 42 B
213 B 42ms
17ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=41947762530570249581233648636027959293&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:30 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

v1
ads.yahoo.com/cms/ Frame F3BA
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZRfmegAAAJ28zgNx&sigv=1&esig=1~46bb8b056e6539b7191cbfb4adf2088bb76eba71

0
194 B

201ms
19ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZRfmegAAAJ28zgNx&sigv=1&esig=1~46bb8b056e6539b7191cbfb4adf2088bb76eba71

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:12:30 GMT
strict-transport-security: max-age=31536000
cache-control: no-store
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZRfmegAAAJ28zgNx&sigv=1&esig=1~46bb8b056e6539b7191cbfb4adf2088bb76eba71
Date: Sat, 30 Sep 2023 09:12:30 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlJmbWVnQUFBSjI4emdOeA==

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlJmbWVnQUFBSjI4emdOeA==

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696065150.207704,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlJmbWVnQUFBSjI4emdOeA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZRfmegAAAJ28zgNx&expires=90

0
239 B

45ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZRfmegAAAJ28zgNx&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696065150.275967,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZRfmegAAAJ28zgNx&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRfmegAAAJ28zgNx
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRfmegAAAJ28zgNx&C=1

43 B
335 B

19ms
18ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRfmegAAAJ28zgNx&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgLvmoWcYgIoJO9qmsQAnhvCbMSJUaKnp%2BX9RH1jUjAr9ame5sEz6aULPf9uAuIBxQx1HH14fC0AiWGkQNa%2B3Wp5Aoi43v3MRYlgg8JGnNk8V28WzbFYFqt3KNeRZf47IOSXJxPProFNPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80eb58363e625c4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdTFVd%2F3d6sg7k8eIuVGlazlBkLtRAnCmaZVJ%2Flh0fB7UY5ro0%2FlG7UgX%2F6O5Ugtw0hY4MuphAOwSqDZhB3k4nby5AqgOoO%2FCqknQO00stKyROqdrQlzXibtFIcN5WNeGjq5Bx3BmcLd%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=ZRfmegAAAJ28zgNx&C=1
cache-control: no-cache
cf-ray: 80eb58361e3d5c4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

setuid
ib.adnxs.com/ Frame F3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZRfmegAAAJ28zgNx

43 B
849 B

15ms
14ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZRfmegAAAJ28zgNx

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
an-x-request-uuid: 4aed6a61-055e-4032-a21c-3d7a5387ab0a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696065150.479386,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZRfmegAAAJ28zgNx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZRfmegAAAJ28zgNx

43 B
273 B

66ms
23ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZRfmegAAAJ28zgNx
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696065151.579803,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZRfmegAAAJ28zgNx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZRfmegAAAJ28zgNx

1 B
449 B

45ms
12ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZRfmegAAAJ28zgNx
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 30 Sep 2023 09:12:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696065151.680595,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZRfmegAAAJ28zgNx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET

partner
sync.search.spotxchange.com/ Frame F3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZRfmegAAAJ28zgNx&img=1

0
0

GET
H2

200

b.php
www.facebook.com/fr/ Frame F3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZRfmegAAAJ28zgNx&t=2592000&o=0

43 B
289 B

106ms
105ms

Image
image/gif

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZRfmegAAAJ28zgNx&t=2592000&o=0

Protocol

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 02:12:30 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: public
x-fb-debug: i20CDlrpANlzmeLD1RhaN2NATrl7tYhuzaQMrEdcwKtlmJ7/p2nNq54DFYl6iFnD4ojqF20WRyRi6zEUtK+dQA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 30 Sep 2023 02:12:30 PDT

Redirect headers

x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 09:12:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696065151.882373,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZRfmegAAAJ28zgNx&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame F3BA 43 B
409 B 38ms
15ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sat, 30 Sep 2023 09:12:31 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7395
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230037-FRA
pragma: no-cache
server: nginx
x-timer: S1696065151.005475,VS0,VE9
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame F3BA
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
960 B

33ms
33ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-08a0e97dd.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: AlhHjCt3STw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 09:12:31 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
content-length: 0
x-amz-cf-id: rHi13L-W6e3RMXYRHZo65HLgIArqJRZsYn_qWJSy6x1nxYEd5Gs-wA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F3BA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=rGWIAZvUQ5mklZA_zJ5U6Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=41947762530570249581233648636027959293

43 B
479 B

106ms
106ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=41947762530570249581233648636027959293

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 09:12:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YRGJS5Z3YADGNWC9VWQY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v050-093d863cb.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: KM/oxO0qTsg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=41947762530570249581233648636027959293
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK w9mmjlqz0yufftfzhx3w.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 79 KB
81 KB 8ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/w9mmjlqz0yufftfzhx3w.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1ef8896d1dfab0f666c5c922560ad8e5fa30f46ba88ea3c5e043df77a6ea725c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 09:12:32 GMT
Via: 1.1 3200e279ff99ad1800a0dd3b3c8e2d10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 38568
Edge-Cache-Tag: 602497462951925985914090835982373372859,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 602497462951925985914090835982373372859,502441998064421349563822126978084032714,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: Miss from cloudfront, MISS, HIT, HIT
Content-Disposition: inline; filename="w9mmjlqz0yufftfzhx3w.webp"
Connection: keep-alive
Content-Length: 81208
X-Request-Id: b69586c86b2c802a93bceb102eb264c4
X-Served-By: cache-iad-kiad7000143-IAD, cache-iad-kiad7000129-IAD, cache-fra-eddf8230119-FRA
Last-Modified: Fri, 29 Sep 2023 22:29:45 GMT
Server: cloudinary
Surrogate-Reporting: width=824,height=464,bytes=81208,owidth=1600,oheight=900,obytes=389340
X-Timer: S1696065153.964978,VS0,VE2
Etag: "0d57bcd49aecc70fca0324641ced965d"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 44, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.clubs.nfl.com
URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/j1tkxc6un23k9cqywqty.jpg

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZRfmegAAAJ28zgNx&img=1

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 15406-3-28267725
.demdex.net/	1970-01-20 19:26:57	Name: demdex Value: 41947762530570249581233648636027959293
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
.therams.com/	1970-01-21 00:29:21	Name: __gads Value: ID=3bbe656d9463d228:T=1696065145:RT=1696065145:S=ALNI_MatkWiGxT1Qca5keEFOgyHw_N0oZw
.therams.com/	1970-01-21 00:29:21	Name: __gpi Value: UID=00000c89dd95031a:T=1696065145:RT=1696065145:S=ALNI_MYf4BEoJhV2WAYB5UoGtsMitBpF5w
.everesttech.net/	1970-01-20 23:53:21	Name: everest_g_v2 Value: g_surferid~ZRfmegAAAJ28zgNx
.doubleclick.net/	1970-01-21 00:29:21	Name: IDE Value: AHWqTUkcbVkHiWElbOsSA9vVIl8u24TTZm3DtYMIgmAn-qYhQS4xDjGumGlDToZq59k
.therams.com/	1970-01-21 00:43:45	Name: adobeujs-optin Value: %7B%22aam%22%3Afalse%2C%22adcloud%22%3Afalse%2C%22aa%22%3Afalse%2C%22campaign%22%3Afalse%2C%22ecid%22%3Afalse%2C%22livefyre%22%3Afalse%2C%22target%22%3Afalse%2C%22mediaaa%22%3Afalse%7D
.auth-id.nfl.com/	1970-01-20 23:53:21	Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: auth-id.therams.com
.dpm.demdex.net/	1970-01-20 19:26:57	Name: dpm Value: 41947762530570249581233648636027959293
.therams.com/	1970-01-21 00:36:33	Name: kndctr_F75C3025512D2C1D0A490D44_AdobeOrg_identity Value: CiY0MjE0NTc3MzAxNDY2MTY5MDg5MTI0ODk2MzQxMDgyOTQxMzE4NlIRCJWa8aquMRgBKgRJUkwxMAPwAZWa8aquMQ==
.therams.com/	1970-01-20 15:07:46	Name: kndctr_F75C3025512D2C1D0A490D44_AdobeOrg_cluster Value: irl1
.therams.com/	1970-01-21 00:43:45	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 179643557%7CMCIDTS%7C19631%7CMCMID%7C42145773014661690891248963410829413186%7CMCAAMLH-1696669946%7C6%7CMCAAMB-1696669946%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1696072346s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19638%7CvVersion%7C5.5.0
.therams.com/	1970-01-20 23:53:21	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Sep+30+2023+11%3A12%3A27+GMT%2B0200+(Central+European+Summer+Time)&version=202303.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c02caaa0-f58b-4cf6-ae20-5893c1c9d415&interactionCount=0&landingPath=https%3A%2F%2Fwww.therams.com%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.exelator.com/	1970-01-20 18:00:33	Name: EE Value: "eeaacb4489f84cd537bff65cfdee8b32"
.w55c.net/	1970-01-21 00:37:59	Name: wfivefivec Value: rkVDmugG1QMw1t5
.w55c.net/	1970-01-20 15:50:57	Name: matchdmx Value: 5
.auth-id.therams.com/	1970-01-20 23:54:47	Name: gmid Value: gmid.ver4.AcbHERGcQQ.9UVvy1S47wlXeI7pZdooNsujwe9V7RcZJqZoC45oqKhicBLp8ZKdSeLHcC3NMZ-t.R00FVEy-oIe_r8C5zOP5Sz_61kVL5moJABPOfp5ZhZp6VuK0BFtRS6faz0I7wmI8kEW1iINjTRqTkJ55IVtz-Q.sc3
.auth-id.therams.com/	1970-01-20 23:54:47	Name: ucid Value: VlRstQwoGtdtEQvoSdmtdA
.auth-id.therams.com/	1970-01-20 19:29:49	Name: hasGmid Value: ver4
.therams.com/	1970-01-20 23:53:21	Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ Value: auth-id_ver4
.exelator.com/	1970-01-20 18:00:33	Name: ud Value: "eJxrXxzq6XKLQSE1NTExOcnExMIyzcIkOcXU2DwpLc3MNDktJTXVIsnYaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQfEl%252BUWb6IhfXxUUpaQyLSopPBR8tWgcADTsrrA%253D%253D"
.adnxs.com/	1970-01-20 17:17:21	Name: uuid2 Value: 1875858254886144970
.auth-id.nfl.com/	1970-01-20 23:53:21	Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: false
.auth-id.nfl.com/	1970-01-20 23:53:21	Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: 15406-3-28267725
.turn.com/	1970-01-20 19:26:57	Name: uid Value: 8591072196473830496
.google.com/	1970-01-20 19:31:16	Name: NID Value: 511=a8H9owYeyj7T59ps6GynYgqLtTnDNRXxIoAZh_QR5oagrJQLSIRLAM4qaj93vk6_HDb967N5SeDauy9715t9iCKrGqzNGaOXZ9jBz_I_x94ffv4_KYDN_kIiAduvxTaVdlsE4_Imrc5JXnXruJpgBug7v4NYxBwdjfSQxPr4UsE
.twitter.com/	1970-01-21 00:43:45	Name: personalization_id Value: "v1_CZeGNWKSgs+fTU6MeGtmSQ=="
.everesttech.net/	1970-01-20 15:52:23	Name: ev_sync_ax Value: 20230930
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: ZRfmfQAAARGqWHze
.advertising.com/	1970-01-20 23:53:42	Name: A3 Value: d=AQABBH3mF2UCEJSgQ1d3zsLH-v2vke2qacMFEgEBAQE3GWUhZeANyiMA_eMAAA&S=AQAAAjU64R2vPHXxvDRT81VR6sY
.criteo.com/	1970-01-21 00:29:21	Name: uid Value: 784ec5ae-cc38-4ab6-9e8a-e6714e6c51eb
.eyeota.net/	1970-01-20 15:07:45	Name: SERVERID Value: 17849~DM
.yahoo.com/	1970-01-20 23:53:42	Name: A3 Value: d=AQABBH3mF2UCEEeo_TmC9oVPFfSsMX-_ccAFEgEBAQE3GWUhZeANyiMA_eMAAA&S=AQAAAuYFsROGd_itL18FMUNf2EA
.analytics.yahoo.com/	1970-01-20 23:53:21	Name: IDSYNC Value: 19cu~2e7l
.everesttech.net/	1970-01-20 15:52:23	Name: ev_sync_yh Value: 20230930
.casalemedia.com/	1970-01-20 23:53:21	Name: CMID Value: ZRfmfkqHeKJKFZp5m4N9TgAA
.casalemedia.com/	1970-01-20 17:17:21	Name: CMPS Value: 3279
.casalemedia.com/	1970-01-20 17:17:21	Name: CMPRO Value: 3279
.adnxs.com/	1970-01-20 17:17:21	Name: anj Value: dTM7k!M4.FErk#WF']wIg2Ildp8P=%!]tbPl1MwL(!R7qUY#QLB(N+iYWJXRS`[=bCaU?44a]yX<QG=%9sk?bIRwi:w9Ld1ItLVF17Mco/y@Yw#ttP?+*BSh
.pubmatic.com/	1970-01-20 17:17:21	Name: KRTBCOOKIE_218 Value: 4056-ZRfmegAAAJ28zgNx&KRTB&22978-ZRfmegAAAJ28zgNx&KRTB&23194-ZRfmegAAAJ28zgNx&KRTB&23209-ZRfmegAAAJ28zgNx
.pubmatic.com/	1970-01-20 15:50:57	Name: PugT Value: 1696065150
.demdex.net/	1970-01-20 19:26:57	Name: dextp Value: 269-1-1696065146715\|3-1-1696065146981\|359-1-1696065147153\|358-1-1696065147261\|470-1-1696065147407\|843-1-1696065147725\|640-1-1696065147865\|771-1-1696065148143\|1123-1-1696065148604\|1083-1-1696065148769\|1085-1-1696065148870\|1086-1-1696065149052\|1087-1-1696065149157\|1088-1-1696065149260\|903-1-1696065149361\|6835-1-1696065149462\|19913-1-1696065149563\|28645-1-1696065149663\|30064-1-1696065149764\|30646-1-1696065149865\|30862-1-1696065149968\|83349-1-1696065150071\|144230-1-1696065150172\|144231-1-1696065150273\|144232-1-1696065150375\|144233-1-1696065150476\|144234-1-1696065150577\|144235-1-1696065150677\|144236-1-1696065150778\|144237-1-1696065150879\|147592-1-1696065150980\|152416-1-1696065151080\|139200-1-1696065151181
.undertone.com/	1970-01-20 23:53:21	Name: UTID Value: 417c201756b54bf18ce2ce4fbd20dd71
.undertone.com/	1970-01-20 23:53:21	Name: UTID_ENC Value: 3vkew8ud4zar5g12fbuzix08h
.amazon-adsystem.com/	1970-01-20 19:32:42	Name: ad-id Value: A6xp_vKKVUOeuz4-0hvTq0g
.amazon-adsystem.com/	1970-01-21 00:43:45	Name: ad-privacy Value: 0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.therams.com/(Line 42) Message: A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/(Line 43) Message: A preload for 'https://www.therams.com/compiledassets/theming/61c1c7cf8c39f231371ed53270a6a43f' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/(Line 2480) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZRfmegAAAJ28zgNx&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://www.therams.com/ Message: The resource https://www.therams.com/compiledassets/css/base.css?_t=54fa552a276d302888ad52387387f473 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.therams.com/ Message: The resource https://www.therams.com/compiledassets/theming/61c1c7cf8c39f231371ed53270a6a43f was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adb2waycm-atl.netmng.com
adobedc.demdex.net
ads.undertone.com
ads.yahoo.com
analytics.twitter.com
api.nfl.com
apis.google.com
assets.adobedtm.com
auth-id.nfl.com
auth-id.therams.com
c5d43a33ec2e8c38f1e03383ac9ab556.safeframe.googlesyndication.com
cdn.cookielaw.org
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
evt.undertone.com
geolocation.onetrust.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
odr.mookie1.com
p.nfltags.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
s.amazon-adsystem.com
securepubads.g.doubleclick.net
sedge.nfl.com
smetrics.nfl.com
static.adsafeprotected.com
static.clubs.nfl.com
static.www.nfl.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
therams.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google.com
www.googletagservices.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
static.clubs.nfl.com
sync.search.spotxchange.com
104.18.26.193
104.244.42.131
108.138.199.84
108.156.2.44
142.250.185.194
151.101.129.153
151.101.130.49
151.101.193.153
151.101.65.152
151.101.65.153
18.184.216.10
18.66.97.47
185.29.132.241
185.89.210.46
198.47.127.205
2.23.197.190
23.201.252.242
2600:1f18:1aca:4282:19c4:d57a:bf57:c630
2600:9000:2248:de00:8:48e:53c0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:83ec
2a00:1288:80:807::1
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a02:2638:d::d
2a02:26f0:480:983::1e80
2a02:6ea0:c700::18
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::300
3.75.62.37
34.160.236.64
34.241.182.209
34.247.108.36
34.98.64.218
46.228.164.13
52.212.121.189
52.223.40.198
52.29.154.74
52.46.151.131
54.76.47.0
54.77.207.49
54.78.254.47
63.140.62.108
63.140.62.160
63.140.62.22
65.9.66.36
69.173.144.138
0084510e182b973087940eb0cdae2f87b1165a3082bb87bd6db73a2ee8800ad3
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
06d429557a21947eeecf89c2f9751970adb608607819574f1f8be1469ca215d3
09e5573d04ead309231b0ad342bf54ca450a0ff6becd3530ad7d8c415ee46dea
0a49f65fb26acbd96355731b253fd259f62156fc73de8f28892aa6011c6eb24f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46
0eedcc9bee0db91b81d1abc0600f0ed2b47ab872e3581af7494c4c7f2676f39b
1015b13d566d3afea0dfe2a5b00079b48cfdfdce1c319f3ebca6dc1070930152
1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9
1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de
16b83965f3d36accd3682943c467b75984a0a4e50d243f1ae20f6be1c7739aaa
1864a7db75696101e3b421fefb456aebea1f43311ac8e837d5a7cb3812423e18
1ad3f2b11fc352176b0a4987f945e533ae2e85ef909d10149e1afc4a85975a8f
1eb70490bb64ac278964d9d20e972ae265607d57d11f709bcd841ce31b0f58c7
1ef8896d1dfab0f666c5c922560ad8e5fa30f46ba88ea3c5e043df77a6ea725c
20750cf6d476ee0565967022bccebc4798407dbe4b4573feefb9b17cc20bd58d
21526c41f30608596fa5a57e2c8f77d8443d33b5f6304c5b5f2f7bd47ef3c04a
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2
29976a1bb7c213908cf78db48551e916f09fb8b5f0a5c18cb13e8d38a1a943e3
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fff0dfb41485cbde534485c3eb085d4c8876e1cc5348ae8ec7708b51b3b43f9
30360d771fe987dd0e37639b0d847f25e446131e5fe2191e60835725f639f12d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
32eeaf122238e84c5b7226747defeee1bb18f393046155a0b8954911d656f7f1
3888199779d7551f43af9e40590d13cd21e1667fb9787719e1bd7a845fba6467
3c6ee2db8f21171f3d93e12093c33e5fedd1f55480c5ea1e75bc6f4c1746ff7b
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
3d96e0adb3ab14ec39070077e33869cb717ece435daba9ad7c2a054b82025cc4
3fde7c50813e864a8c487614b609992d2e6a312d0230b26df4494e9d7949e3ef
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
4937f8fc85146d76dc2bc29355d718a7ca872dec0d2dc5459ec242b92260ff9c
495596c92a23b2322fc5a2bc844e28500f400730440fb4c3c176772cca570af4
49cac7b91540d4ac8d48564bfaf6c987754de65ec197b9a3dd536661db6c8ca0
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c381df235116272b51cc1cae428c3b11707e8f63ba448da16b5216da81b8ee3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc1bb90492e8fada764dc127cb5948f3c558a43c3e515d3177460967020615f
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56369ff57d2e20525b62ef7e4b4d8f55f6de6e15dd3a751a4ba6f06e71bc61d9
56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
609613f9710119e660c85d8ca31b3caceb0e56fb88adf0f1939c70625b89800c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
66efb2844c009dcae8fa7a076a28ee4ca4bc7d42a2b09dc19b0163a642c20c6c
67b4291454256eafcde07997a5e2129108bfd5d8d1c778131aeb5c438629df73
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6c37c80b6332c930fb4b592777016fde0ff11e705f90b37d25d17fae4654d4c1
6c7d2b58588a4c95f41b2e53b0ddd3f904d61156509f0b35c40bd0d1743f64f2
6de95ed9ac949a7a36c2c60405c79958779b21938ce2b245b9c153c7196bcfa4
6fdceacb8b149a46725ac2caedc45c21fb001471356137f2ab89c59d3b0f03c0
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
729fb2647274b83136a3c1ca10779156363b9ac554b52c62f04f4237d23d9fd7
7417a183378bd3caec1bc991164e34fadaf7e6b9646b25ad5ff974e7b6991dff
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ccfe990e4f2b9bf11466a5917ba25121a24590667663477e08313f3646a1e18
7d7c8509717e19ca0b94ee7feb0d08a049474ca76df03f56bf87889f01d15cb0
7e3c075ba97e2919379bb94ded7d9a7fad2b6364d33c0576fca0bc5cd9cf4840
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
808a2ac436c1f33ed70590a0a1b0bb7740a7d06a231af9c9b00f90c87a6bbd9c
8178900a84f3230701bd68b79ed67700f136cceb5dfdb0abb7ecab38f21c6b55
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
81c6e25f9b63681c628540fb7264fc2d4c393f69f16a1d623a000c9197fdb748
82515c0f922258f4154443f676019e7a222f85afb23bc81ceb616ac055ac61bc
82d3df568d3f708ef2fc3382e8f2547008c177016975ce134509869dd22ce93b
834f03082e3c1b45fd4fcd805ec415f07236a6586e08db572985f38c8b735e31
83738c04b8043593a3965039aee4a5fc1464c8746b62f31b7ea28f431848c772
839c31620626af2453e5d104f38b2d950c8dcb371cbd4803696c578cce5319a7
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
8a20ec90fb05e81cadb792a97cb3acf522c7f8e97866c9878b5f03dc5acac78f
8a9cae55d072fd4d4665b530738826121b45dd426bbe1b0ef7c7c33d1c340fca
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8c3541f7e9e0bbc3cb0808575d9dc42a890a2fb209a545f19b5dcf9e8fdd3460
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4008ded38b321f1193d033840650fa68516f5a8a3c6a13c06ef0a505f29699
9010d4e7d5b253b20afa4b6dac6be2b84c2a71e6982e90ad418bb963ec8d3f2d
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90ada510953d8fdbbf2337a3eecfeed8788fd036fce40714c4b1ec1d47170317
9465d85237dd4dbc22873ddfe086c68b63246a2d32c955ecd44d7db07286d773
962682d0eb886a116b556e0fab6add5065694c0c35ccb373bb63274c4ba8e3d5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a210eb760189b0087849394db2b15608b138e977c42c790326aef7d4e4e70d0
9c6e9d3723d44cbff030dc5f5ef771f9e664a34c8b045513ecfaa47329238a57
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4
a4ad0c26a8e431269cf4826062b85ca2529b0dd2eb3509c65212f6df21ce0895
a603871860226a8f826ee795be58e57c34df3a00a9744de42b982722053b0e18
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0f6ab7035ab4feb5ff8470d09ff830be3391d73ebd7509312d90876bb9aa2c1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14a9d96a8a2d21f36d8ee27486d1d04d12719745e357e0f5a096c2e08825526
ba01c4bf3d0ff2023f21defc40eeb4c82b2d2330080bb672d93b35fdbdf988ce
bca6e5acddd44ad4ea0b4e13ee6ee1df3145a3224339fbf61d7664c76da5a354
bcd2cdc5985a1cac0f1ee443788c768f2f9a5524aafbe9b2e2b4456575b8f2b0
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c1427ebe9e4aea71d8320c0ca7e13d059cbdbaa6d0c5456d29f8d714e2bb076b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525
c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb
c9672b47e1d2e5ab78b2cb008dee9f01e63560df802d71f2d7b5bcb79fb2a0d9
ca850baab7bc608fd12b92094c7723945bf2f7eb13b01c3c1e700452aa10eb07
cad14b1e753072aa73c668a509dcea788ab118d47038ef266bdb3cd31de605dc
cd6a26887042d86af176f2bf5a335079ed971cea4513e84737818031bbe21c34
ce7811ddeb780c8e40e3be7bdd32b5db46418bf293252103661eb40f2c47d981
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d13d9e3ff1207fbc8e2d838b42e3793d9c3e0932154fe2f4de083113e22c0d1b
d279b273ff297e85b7bf2b04dadc360d2bd5e753218ae618d90a312f034ed0ac
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41df4d40fbba8d824b6c5ddde5cce693715331cb4a3024dedd5d2c623ac51c5
ebfebad98feeba8f9a6666d8a12faf62a5623505c12413d1df0f97b3622410d3
ecde470b753d024e61b9c03846d6ee65c0f8f64aff47994fd17aad14e8a5a001
eebf42008595c82033337404394d338f1dcf6f441a28ecb913e45faa176fcaac
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f264775a2b6756a9cf5a9a84720c9f992373a3c6b861a2a0a3a6eda05abfd78f
f5a0ed635a13f2322f9ee2bb109ed37103df0196bb0ff66b1707602b927d13d9
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9
fb757f1ea0d7f7f9a0d4bbfb1aba2d624985d1ad15c4ec4e96891d3563413136
ff54cfd0a5bf9803b8fd19944bd056a1c0cfcf7bcb1db5dada7c9d8f463f843a

www.therams.com Open in urlscan Pro 151.101.193.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

229 Requests

86 %HTTPS

35 %IPv6

39 Domains

60 Subdomains

45 IPs

6 Countries

4313 kBTransfer

12914 kBSize

48 Cookies

61 Outgoing links

Page URL History

Redirected requests

229 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.therams.com Open in urlscan Pro
151.101.193.153 Public Scan

Screenshot
Live screenshot

Full Image

229
Requests

86 %
HTTPS

35 %
IPv6

39
Domains

60
Subdomains

45
IPs

6
Countries

4313 kB
Transfer

12914 kB
Size

48
Cookies

229 HTTP transactions
8 data transactions