URL: https://www.michaelgraham.co.uk/
Submission: On March 16 via api from DE

Summary

This website contacted 45 IPs in 6 countries across 36 domains to perform 115 HTTP transactions. The main IP is 167.99.204.12, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is www.michaelgraham.co.uk.
TLS certificate: Issued by R3 on February 13th 2021. Valid for: 3 months.
This is the only time www.michaelgraham.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 167.99.204.12 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
4 104.46.61.116 8075 (MICROSOFT...)
1 169.50.137.179 36351 (SOFTLAYER)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 178.63.128.65 24940 (HETZNER-AS)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
1 217.10.139.203 6908 (DATAHOP D...)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 216.58.212.130 15169 (GOOGLE)
1 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.200 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.218.42.2 16509 (AMAZON-02)
1 169.50.137.176 36351 (SOFTLAYER)
16 22 169.50.137.190 36351 (SOFTLAYER)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 35.227.248.159 15169 (GOOGLE)
1 1 52.28.42.15 16509 (AMAZON-02)
1 1 52.29.48.214 16509 (AMAZON-02)
2 13.32.21.21 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 2 54.78.254.47 16509 (AMAZON-02)
1 34.205.51.230 14618 (AMAZON-AES)
1 104.108.41.56 16625 (AKAMAI-AS)
1 2 52.48.248.240 16509 (AMAZON-02)
1 2 72.251.249.13 29791 (VOXEL-DOT...)
1 35.244.174.68 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2 185.33.221.90 29990 (ASN-APPNEX)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 34.98.64.218 15169 (GOOGLE)
2 2 172.217.23.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 51.140.87.39 8075 (MICROSOFT...)
115 45
Apex Domain
Subdomains
Transfer
27 michaelgraham.co.uk
www.michaelgraham.co.uk
14 MB
24 simpli.fi
tag.simpli.fi
i.simpli.fi
um.simpli.fi
14 KB
15 giosg.com
service.giosg.com
195 KB
8 giosgusercontent.com
5078.clients.giosgusercontent.com
227 KB
8 googleapis.com
maps.googleapis.com
ajax.googleapis.com
fonts.googleapis.com
254 KB
6 gstatic.com
fonts.gstatic.com
maps.gstatic.com
63 KB
5 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
2 KB
5 azurewebsites.net
bymtrackinglive.azurewebsites.net
bym-virtue-guest-api-live.azurewebsites.net
4 KB
3 google.de
www.google.de
285 B
3 google.com
www.google.com
676 B
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
1 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
2 openx.net
us-u.openx.net
343 B
2 adnxs.com
ib.adnxs.com
2 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 lijit.com
ce.lijit.com
968 B
2 crwdcntrl.net
bcp.crwdcntrl.net
983 B
2 exelator.com
loadm.exelator.com
2 KB
2 pro-market.net
fei.pro-market.net
625 B
2 intentiq.com
sync.intentiq.com
2 agkn.com
aa.agkn.com
d.agkn.com
955 B
2 tapad.com
pixel.tapad.com
726 B
2 facebook.com
www.facebook.com
360 B
2 googleadservices.com
www.googleadservices.com
13 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 facebook.net
connect.facebook.net
92 KB
2 googletagmanager.com
www.googletagmanager.com
77 KB
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 rlcdn.com
idsync.rlcdn.com
42 B
1 bluekai.com
stags.bluekai.com
745 B
1 bfmio.com
sync.bfmio.com
421 B
1 tremorhub.com
simplifi.partners.tremorhub.com
182 B
1 amazonaws.com
giosg-chat-public-eu.s3.amazonaws.com
11 KB
1 licdn.com
snap.licdn.com
2 KB
1 pcapredict.com
micha11152.pcapredict.com
13 KB
1 jquery.com
code.jquery.com
29 KB
115 36
Domain Requested by
27 www.michaelgraham.co.uk www.michaelgraham.co.uk
22 um.simpli.fi 16 redirects
15 service.giosg.com www.michaelgraham.co.uk
service.giosg.com
5078.clients.giosgusercontent.com
8 5078.clients.giosgusercontent.com service.giosg.com
5078.clients.giosgusercontent.com
6 maps.googleapis.com www.michaelgraham.co.uk
maps.googleapis.com
4 fonts.gstatic.com fonts.googleapis.com
4 bymtrackinglive.azurewebsites.net www.michaelgraham.co.uk
bymtrackinglive.azurewebsites.net
3 www.google.de www.michaelgraham.co.uk
3 www.google.com 1 redirects www.michaelgraham.co.uk
2 maps.gstatic.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com
2 pixel.tapad.com 1 redirects
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.facebook.com www.michaelgraham.co.uk
2 px.ads.linkedin.com 1 redirects www.michaelgraham.co.uk
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 platform.twitter.com www.michaelgraham.co.uk
platform.twitter.com
2 connect.facebook.net www.michaelgraham.co.uk
connect.facebook.net
2 www.googletagmanager.com www.michaelgraham.co.uk
www.googletagmanager.com
1 bym-virtue-guest-api-live.azurewebsites.net bymtrackinglive.azurewebsites.net
1 pixel.rubiconproject.com
1 idsync.rlcdn.com
1 stags.bluekai.com
1 sync.bfmio.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 i.simpli.fi tag.simpli.fi
1 giosg-chat-public-eu.s3.amazonaws.com www.michaelgraham.co.uk
1 syndication.twitter.com platform.twitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com ajax.googleapis.com
1 www.linkedin.com 1 redirects
1 ajax.googleapis.com www.michaelgraham.co.uk
1 snap.licdn.com www.michaelgraham.co.uk
1 micha11152.pcapredict.com www.michaelgraham.co.uk
1 code.jquery.com www.michaelgraham.co.uk
1 tag.simpli.fi www.michaelgraham.co.uk
115 47

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
thinkbda.com
service.giosg.com
Subject Issuer Validity Valid
michaelgraham.co.uk
R3
2021-02-13 -
2021-05-14
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01
2020-09-28 -
2021-09-28
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.giosg.com
Starfield Secure Certificate Authority - G2
2019-06-20 -
2021-08-19
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.pcapredict.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-01 -
2021-09-01
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
www.googleadservices.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-01-06 -
2021-07-05
6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.clients.giosgusercontent.com
Starfield Secure Certificate Authority - G2
2019-08-08 -
2021-08-08
2 years crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-01-11 -
2022-02-11
a year crt.sh
*.tremorhub.com
Amazon
2020-07-25 -
2021-08-25
a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2020-10-05 -
2021-11-06
a year crt.sh
*.intentiq.com
Amazon
2020-04-10 -
2021-05-10
a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2
2019-05-17 -
2021-06-25
2 years crt.sh
*.bfmio.com
Amazon
2020-06-14 -
2021-07-14
a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1
2020-10-15 -
2021-04-09
6 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2019-06-13 -
2021-06-28
2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2020-03-11 -
2021-05-10
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2019-03-20 -
2021-04-21
2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.michaelgraham.co.uk/
Frame ID: B3D3FBDF2EEB8800C2930292FEC48811
Requests: 100 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.michaelgraham.co.uk
Frame ID: 378F346AA99575B3AD28E7EE4EE0FAD1
Requests: 2 HTTP requests in this frame

Frame: https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
Frame ID: 07F09B9EAA9596E4091101F360B6AC13
Requests: 8 HTTP requests in this frame

Frame: https://service.giosg.com/credentials/5078/?url=https%3A%2F%2F5078.clients.giosgusercontent.com
Frame ID: 6EB247F1EF1A2F3CFEFB95B3B87944BD
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

115
Requests

100 %
HTTPS

48 %
IPv6

36
Domains

47
Subdomains

45
IPs

6
Countries

15339 kB
Transfer

18268 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113532&time=1615936292361&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D113532%26time%3D1615936292361%26url%3Dhttps%253A%252F%252Fwww.michaelgraham.co.uk%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113532&time=1615936292361&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&liSync=true
Request Chain 77
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=EBADA83381574D65B4AF3C87D71D8B6B
Request Chain 78
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EBADA83381574D65B4AF3C87D71D8B6B HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EBADA83381574D65B4AF3C87D71D8B6B
Request Chain 79
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=EBADA83381574D65B4AF3C87D71D8B6B HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1615936293&ip=82.102.20.235&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165021103727001718828 HTTP 302
  • https://um.simpli.fi/aa_px?sk=165021103727001718828
Request Chain 81
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EBADA83381574D65B4AF3C87D71D8B6B
Request Chain 84
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=EBADA83381574D65B4AF3C87D71D8B6B;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=EBADA83381574D65B4AF3C87D71D8B6B;mimetype=img;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-37771826143215302
Request Chain 85
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EBADA83381574D65B4AF3C87D71D8B6B&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EBADA83381574D65B4AF3C87D71D8B6B&j=0&xl8blockcheck=1
Request Chain 87
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=EBADA83381574D65B4AF3C87D71D8B6B
Request Chain 88
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=EBADA83381574D65B4AF3C87D71D8B6B
Request Chain 89
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EBADA83381574D65B4AF3C87D71D8B6B HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EBADA83381574D65B4AF3C87D71D8B6B
Request Chain 90
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EBADA83381574D65B4AF3C87D71D8B6B HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EBADA83381574D65B4AF3C87D71D8B6B&dnr=1
Request Chain 91
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=EBADA83381574D65B4AF3C87D71D8B6B
Request Chain 92
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1615936293311&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1540943692&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=JTtRYOv3Gc3KgQef65qoBA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1540943692&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JTtRYOv3Gc3KgQef65qoBA&cid=CAQSKQCNIrLM_JTAhtyBx372rv09gyzw7KDM-CXKNL0GCysY--MCY9IGaFP9&random=3187057853 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1540943692&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JTtRYOv3Gc3KgQef65qoBA&cid=CAQSKQCNIrLM_JTAhtyBx372rv09gyzw7KDM-CXKNL0GCysY--MCY9IGaFP9&random=3187057853&ipr=y
Request Chain 93
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBADA83381574D65B4AF3C87D71D8B6B HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBADA83381574D65B4AF3C87D71D8B6B&__user_check__=1&sync_id=f3208e8c-86ac-11eb-8fc4-1ac061c70b06
Request Chain 94
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=EBADA83381574D65B4AF3C87D71D8B6B HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEBADA83381574D65B4AF3C87D71D8B6B
Request Chain 95
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EBADA83381574D65B4AF3C87D71D8B6B&expires=365
Request Chain 96
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EBADA83381574D65B4AF3C87D71D8B6B HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EBADA83381574D65B4AF3C87D71D8B6B
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPU_iw6N9SxBKexWwg_wElw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBADA83381574D65B4AF3C87D71D8B6B HTTP 302
  • https://um.simpli.fi/g_match?id=

115 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.michaelgraham.co.uk/
32 KB
9 KB
Document
General
Full URL
https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
10574de0506c0eb1613e3694629b1f0399f362dd76469416fc6243617637bc31

Request headers

Host
www.michaelgraham.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:31 GMT
Server
Apache/2.4.41 (Ubuntu)
Cache-Control
no-cache, private
Set-Cookie
XSRF-TOKEN=eyJpdiI6ImkyQ0htcUtuSGxlV1RoNFhOcUNjbnc9PSIsInZhbHVlIjoiK3hpOUJKbXB3SXduM1pZdU5HS0pnQ0p0M0dZbklGd3ozbUg3d1M1Q0FcL2o3ZFF5ZEtibHdhODVPQmliN25lenciLCJtYWMiOiJiNmU2NWQ4ZTcxZDM4ZmFmNDBlMTExZGZlZmRkNmU3Yjk5YTIzY2QyN2JlYTAyNTM1ZGY2OWQzOTZlZTQ1OTllIn0%3D; expires=Wed, 17-Mar-2021 03:11:31 GMT; Max-Age=14400; path=/ my_mg_tracker_session=eyJpdiI6InhGMFVhRnpHZjVtSzdJV0ZSVUExZmc9PSIsInZhbHVlIjoiMmFxY21NUGs0TkZpeUtTRTJSdUJ3S0ZIRENxMlhDdDF2TXF2a2VocmoyNGtLcUtNdmh4SERZVU4xdkxNaGJVaCIsIm1hYyI6ImJkMmNmN2VlNGI1ZjIxMjgxNzJkMjgxYzEzMzk1YjUzODMzNjdjNGE0NjA1MDA2ZDAyOGJlZDcwMGU1M2M4NTEifQ%3D%3D; path=/; httponly
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8315
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
main.css
www.michaelgraham.co.uk/css/
665 KB
67 KB
Stylesheet
General
Full URL
https://www.michaelgraham.co.uk/css/main.css
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9cf4248281aeac8cc3375bbdafe755fa96fcf31db5f4d4c3a262b4755abed87b

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Feb 2021 14:23:40 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"a63e1-5bb2461fbe2ce-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-935538326
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11f269fb1980971eeca1f1b5267de1435c92e650402382b35a96a3b2c738c22c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38907
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 22:42:02 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 23:11:31 GMT
/
bymtrackinglive.azurewebsites.net/Script/Track/michaelgrahamrps12.briefyourmarket.com/
5 KB
2 KB
Script
General
Full URL
https://bymtrackinglive.azurewebsites.net/Script/Track/michaelgrahamrps12.briefyourmarket.com/
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.61.116 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aed24389838f2cd94063e63a8db0cf6b421e0b4d2eeac85d852e6eb34d49de1e

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 23:11:31 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
1778
Expires
-1
0e384ff0-8405-0135-dc80-06659b33d47c
tag.simpli.fi/sifitag/
3 KB
4 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/0e384ff0-8405-0135-dc80-06659b33d47c
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e8c69530dc103af9c610f989b376d73ef9c8d3318087efdc0ee9ded2ec3195c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3100
x-request-id
Fmz1fv7_9xD6t7MJfZeB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
mg-logo-alt.svg
www.michaelgraham.co.uk/img/
31 KB
32 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/mg-logo-alt.svg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6fe0de49ce1ce25f05cd955657e99cb55b6980b64b41d6ab713352d23b7bd5cd

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"7d78-5b9f5566b0704"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
32120
vicarage_home.jpg
www.michaelgraham.co.uk/img/
199 KB
200 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/vicarage_home.jpg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
71278df8baa67ac3522d87c49e66d08523c1edf94fbf827b168f093b705c169e

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"31d4c-5b9f556719e94"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
204108
1.png
www.michaelgraham.co.uk/img/covid/
9 KB
9 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/covid/1.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cdafed941664bc2f509672258561ca77694fe21b5d49df3ba0fbb3145bc29d63

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"237d-5b9f5566970c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9085
2.png
www.michaelgraham.co.uk/img/covid/
11 KB
12 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/covid/2.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3c0b954c3fb8b5ca5934e0f21e851f758a0c2044834b3a5c792ba8c1111e7db4

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2d55-5b9f5566970c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
11605
3.png
www.michaelgraham.co.uk/img/covid/
9 KB
9 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/covid/3.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7539f9e7b39a0c3753e273128bd8bcc4b0fb0ec17dcacdb6074cf989c0d4bd22

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"23c7-5b9f5566970c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9159
4.png
www.michaelgraham.co.uk/img/covid/
10 KB
10 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/covid/4.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a3ed163d90ec7b3143e9a2867b7879e4a2347a09f431734cbfb9bb4b77299f5b

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2846-5b9f5566970c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10310
5.png
www.michaelgraham.co.uk/img/covid/
13 KB
13 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/covid/5.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d1a68ab5d339ba8b254ff0505efa684b4e7a7fd2c23b0f0466608bfd6ca23e17

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"348d-5b9f5566970c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
13453
6.png
www.michaelgraham.co.uk/img/covid/
10 KB
10 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/covid/6.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b0ada28698e70e3b59cab67298fec8031fdb4f8f01802971810af34752e6a4c8

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2764-5b9f5566970c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10084
virtual-tour-icon.png
www.michaelgraham.co.uk/img/
2 KB
3 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/virtual-tour-icon.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
51141e322cc9263bbaf1e9def7ba4149072f41ebdc5a088cc8ac641c8fd998b2

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"8f9-5b9f556721b95"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
2297
mg-logo.svg
www.michaelgraham.co.uk/img/
16 KB
16 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/mg-logo.svg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0c6032c5d2f8b5e5f1a2026ee204aea23812ba58d328bcf8c261fa846d31926d

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3ecb-5b9f5566b0704"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
16075
arla.png
www.michaelgraham.co.uk/img/footer-logos/
5 KB
5 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/footer-logos/arla.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d835d25a46fbac34e5c611e83f2c391652ae692aac098db16094dc51206b65b

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"12f8-5b9f556699000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4856
property-ombudsman.png
www.michaelgraham.co.uk/img/footer-logos/
4 KB
4 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/footer-logos/property-ombudsman.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
605115bbb82a507d374ac320e985d5d5e6600f06905293368d0318c92845f01a

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"fda-5b9f556699000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
4058
rics.png
www.michaelgraham.co.uk/img/footer-logos/
3 KB
3 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/footer-logos/rics.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e23b4134493283bdd49135fa47ab5648c0107273462f383b7191bad6f11e298b

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"c5d-5b9f556699000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3165
jquery-2.2.1.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.1.min.js
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2016 19:11:56 GMT
server
nginx
etag
W/"56cb5d7c-14e7e"
vary
Accept-Encoding
x-hw
1615936292.dop224.fr8.t,1615936292.cds244.fr8.hn,1615936292.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29882
js
maps.googleapis.com/maps/api/
132 KB
43 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBbIN60bG6WnU9Ty15gFch3nZCEYONXTlw&libraries=places&region=UK
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
66e69477728a18b198222c6a0393ebf723d84577f358fa157baaba432603afef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=10
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44021
x-xss-protection
0
expires
Tue, 16 Mar 2021 23:41:32 GMT
scripts.js
www.michaelgraham.co.uk/js/
155 KB
43 KB
Script
General
Full URL
https://www.michaelgraham.co.uk/js/scripts.js
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3e861c9cd550818f83d11935384a0eaf27c47f4d865bcd1420c2dea83f9aa189

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Feb 2021 14:23:36 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"26a45-5bb2461bc77dc-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43969
app.js
www.michaelgraham.co.uk/js/
13 KB
4 KB
Script
General
Full URL
https://www.michaelgraham.co.uk/js/app.js
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6948586d47700edee8214b197a043ff37c72f00f91af9a86937100278407c53f

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 12:57:25 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3437-5b9f56ded02f6-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3824
js
www.googletagmanager.com/gtag/
99 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-40633643-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-935538326
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff0ebc4e5dd13abf97fde1bb1fa98e1b9de347d73893419e0919465b6ec09cb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39789
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 22:42:02 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 23:11:32 GMT
/
service.giosg.com/live/
284 KB
88 KB
Script
General
Full URL
https://service.giosg.com/live/
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
1a001e90321ff81e66b2f2b0ae5d26765248ea440c9ca0207c3cd41fabfce7d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 12:41:55 GMT
server
nginx
etag
"604f5613-15fc2"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=86400, public
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
content-length
90050
expires
Wed, 17 Mar 2021 23:11:32 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
maiSzfCcQRk3ZQ/pPAorz+MAIJhnlj+WwECApN7nRD7K563pcc4NPNHSK9qhZo2QmsHCtBFRifzPxC3Ni7yGsg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 16 Mar 2021 23:11:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB3) /
Resource Hash
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
132
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
29026
x-tw-cdn
VZ
Last-Modified
Wed, 03 Mar 2021 19:22:22 GMT
Server
ECS (amb/6BB3)
Etag
"965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
sensor.js
micha11152.pcapredict.com/js/
67 KB
13 KB
Script
General
Full URL
https://micha11152.pcapredict.com/js/sensor.js
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.10.139.203 St Helens, United Kingdom, ASN6908 (DATAHOP Datahop - Six Degrees, GB),
Reverse DNS
services.postcodeanywhere.co.uk
Software
nginx/1.15.7 /
Resource Hash
d8af472866cb0df35f5f3be5457ae2e12a7cc03aaa49189fd99728554704d1b5
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Encoding
gzip
Server
nginx/1.15.7
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
13340
X-XSS-Protection
1
00.jpg
www.michaelgraham.co.uk/storage/properties/rps_mig-NOR190085/
863 KB
863 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/storage/properties/rps_mig-NOR190085/00.jpg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
10fdaaecb86cb0e2261083d3d6d7bddc5c75b151d4b63d3d471c610c51b9b86d

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Tue, 16 Mar 2021 16:30:50 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d7aa8-5bda9e3b4de65"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
883368
01.jpg
www.michaelgraham.co.uk/storage/properties/rps_mig-NOR190085/
663 KB
663 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/storage/properties/rps_mig-NOR190085/01.jpg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7b04c5dc572c511f53647270c9903fb9a938435f8619273c89eed1d734fb3dd4

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Tue, 16 Mar 2021 16:30:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"a5ba9-5bda9e3b7ad2c"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
678825
02.jpg
www.michaelgraham.co.uk/storage/properties/rps_mig-NOR190085/
602 KB
602 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/storage/properties/rps_mig-NOR190085/02.jpg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1349e9456cfe67092a02229d31912dd25ac2c82e8d9acd274e811533da25c0f3

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Tue, 16 Mar 2021 16:30:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"968b8-5bda9e3b9c071"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
616632
2021-banner.png
www.michaelgraham.co.uk/img/
3 MB
3 MB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/2021-banner.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ffe25cccf214253e13de35d9a22bcaa71946e59cefe28786d9cf1a95217a4578

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Fri, 12 Feb 2021 14:23:40 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"32b1d8-5bb2461fc020e"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3322328
promo-bg-locations.jpg
www.michaelgraham.co.uk/img/
90 KB
90 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/promo-bg-locations.jpg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ac69b1645332b2d334e8ac4c7fe6d12faa838ed8413e5626e96640c96e2c94ef

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"167c6-5b9f5566ecfcd"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
92102
interested-box.jpg
www.michaelgraham.co.uk/img/
439 KB
440 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/interested-box.jpg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
04857d333856701cf59b5344d98d18f7982a28e11608047ffc6387c56e903255

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6dd95-5b9f55669ce81"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
449941
page-link-example-2.jpg
www.michaelgraham.co.uk/img/
454 KB
454 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/page-link-example-2.jpg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
49ee5ff36412f30d7c1a72f8bdb0caeebe7cec521078682cdcbc12e6ce0d29e1

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"71869-5b9f5566dc62b"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
465001
virtual-tour-banner.jpg
www.michaelgraham.co.uk/img/
160 KB
160 KB
Image
General
Full URL
https://www.michaelgraham.co.uk/img/virtual-tour-banner.jpg
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
499b4714240b127614d90d114fbd59ee375a2a1954ed16143fc7d5d66e0cfcb2

Request headers

Referer
https://www.michaelgraham.co.uk/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"27ea4-5b9f556721b95"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
163492
mg-icons.woff2
www.michaelgraham.co.uk/fonts/
11 KB
12 KB
Font
General
Full URL
https://www.michaelgraham.co.uk/fonts/mg-icons.woff2?ei5x5u
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5ce6f1fa67d0dd6d205878555cd800a82e7c5aee64915fc970f700dabcec1cd0

Request headers

Origin
https://www.michaelgraham.co.uk
Referer
https://www.michaelgraham.co.uk/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2db0-5b9f556666378"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
11696
vicarage_home.mp4
www.michaelgraham.co.uk/vid/
7 MB
7 MB
Media
General
Full URL
https://www.michaelgraham.co.uk/vid/vicarage_home.mp4
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.204.12 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
michaelgraham.co.uk
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3248737e2a063f1bb8ad0d5fb32887f5a3ad1fa034981b5c7f6eae7b36872734

Request headers

Referer
https://www.michaelgraham.co.uk/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Last-Modified
Thu, 28 Jan 2021 12:50:52 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"70ad9e-5b9f55675f3ff"
Content-Type
video/mp4
Content-Range
bytes 0-7384477/7384478
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
7384478
insight.min.js
snap.licdn.com/li.lms-analytics/
4 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:191::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=60033
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/
13 KB
5 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 09:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50829
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Mar 2022 09:04:23 GMT
1162991387089133
connect.facebook.net/signals/config/
241 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1162991387089133?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f1bdb4c9e0440acd0f24a0e125cdf0ee3d03d0158802789d7d155b678bb8102d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70569
x-fb-rlafr
0
pragma
public
x-fb-debug
JYKZ5K+0Uz1EmFN0dx51/vTkqb5oLD8H2qag61un4MH6kkKi3TRpoWQU0mwK6YctZ4dBi3a4XIBu6K2U7nGtLw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 16 Mar 2021 23:11:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html
platform.twitter.com/widgets/ Frame 378F
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.michaelgraham.co.uk
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9E) /
Resource Hash
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.michaelgraham.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.michaelgraham.co.uk/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
526869
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 16 Mar 2021 23:11:32 GMT
Etag
"e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified
Wed, 03 Mar 2021 19:20:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B9E)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105690
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40633643-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
6187
date
Tue, 16 Mar 2021 21:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 16 Mar 2021 23:28:25 GMT
conversion_async.js
www.googleadservices.com/pagead/
33 KB
13 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-935538326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
f7e080e9ae385a460cde752e7d042550150be9feeeab579e75c0dffba5e347d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13101
x-xss-protection
0
server
cafe
etag
4078013535117804118
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 23:11:32 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113532&time=1615936292361&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D113532%26time%3D1615936292361%26url%3Dhttps%253A%252F%252Fwww.michaelgraham.co.uk...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113532&time=1615936292361&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&liSync=true
0
41 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113532&time=1615936292361&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&liSync=true
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
lYgrL3/1bBbw9RF7oCsAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
content-length
0
x-li-uuid
srU0I3/1bBbQ4kiVISsAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: 0BE5B5CFF4634C138B77E0DB42F34081 Ref B: FRAEDGE0722 Ref C: 2021-03-16T23:11:32Z
date
Tue, 16 Mar 2021 23:11:32 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113532&time=1615936292361&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/
8 KB
825 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 22:00:27 GMT
server
ESF
date
Tue, 16 Mar 2021 23:11:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Mar 2021 23:11:32 GMT
/
www.facebook.com/tr/
44 B
259 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1162991387089133&ev=PageView&dl=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&rl=&if=false&ts=1615936292380&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.2.1615936292377.971190582&it=1615936292276&coo=false&rqm=GET
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 16 Mar 2021 23:11:32 GMT
collect
www.google-analytics.com/j/
2 B
48 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=352359806&t=pageview&_s=1&dl=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&ul=en-us&de=UTF-8&dt=Town%20%26%20Country%20Home%20Estate%20Agents%20%7C%20Michael%20Graham&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=77671910&gjid=580564582&cid=1178912639.1615936292&tid=UA-40633643-1&_gid=1818664992.1615936292&_r=1&gtm=2ou330&z=3358076
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.michaelgraham.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-40633643-1&cid=1178912639.1615936292&jid=77671910&gjid=580564582&_gid=1818664992.1615936292&_u=IEBAAUAAAAAAAC~&z=1419783141
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 16 Mar 2021 23:11:32 GMT
content-type
text/plain
access-control-allow-origin
https://www.michaelgraham.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
service.giosg.com/api/v2/visitor/settings/5078/ Frame
0
0
Preflight
General
Full URL
https://service.giosg.com/api/v2/visitor/settings/5078/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F
Protocol
H2
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-client-origin
Origin
https://www.michaelgraham.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-type
text/html; charset=utf-8
date
Tue, 16 Mar 2021 23:11:32 GMT
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
/
service.giosg.com/api/v2/visitor/settings/5078/
68 KB
21 KB
XHR
General
Full URL
https://service.giosg.com/api/v2/visitor/settings/5078/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
83055384162239a091ab9b3b8a5ad63442418b16d5bc0ead4452da350509b51e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Client-Origin
https://www.michaelgraham.co.uk

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
17
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000
content-type
application/json
content-length
20689
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.michaelgraham.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:24:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
age
514036
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
expires
Fri, 11 Mar 2022 00:24:16 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.michaelgraham.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 12:03:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
age
385664
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
expires
Sat, 12 Mar 2022 12:03:48 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.michaelgraham.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 02:04:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
508043
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 11 Mar 2022 02:04:09 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.michaelgraham.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
104160
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:15:32 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-40633643-1&cid=1178912639.1615936292&jid=77671910&_u=IEBAAUAAAAAAAC~&z=1162110054
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-40633643-1&cid=1178912639.1615936292&jid=77671910&_u=IEBAAUAAAAAAAC~&z=1162110054
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/935538326/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/935538326/?random=1615936292526&cv=9&fst=1615936292526&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&tiba=Town%20%26%20Country%20Home%20Estate%20Agents%20%7C%20Michael%20Graham&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb94923aab84074a5b0ef5fcf57b258a3b4163fdc4c5bea32a7c4ba56533944d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 378F
183 B
239 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=4b1373beaf21cc73c0e15b54641cb029743600c8
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.michaelgraham.co.uk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
106
date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 23:11:32 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
364319fbf1db4d904477b8ebdde8a6c6
strict-transport-security
max-age=631138519
content-length
152
/
www.google.com/pagead/1p-user-list/935538326/
42 B
102 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/935538326/?random=1615936292526&cv=9&fst=1615935600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&tiba=Town%20%26%20Country%20Home%20Estate%20Agents%20%7C%20Michael%20Graham&async=1&fmt=3&is_vtc=1&random=2009449996&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/935538326/
42 B
89 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/935538326/?random=1615936292526&cv=9&fst=1615935600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&tiba=Town%20%26%20Country%20Home%20Estate%20Agents%20%7C%20Michael%20Graham&async=1&fmt=3&is_vtc=1&random=2009449996&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
giosgClient.5c1dfcc655359a886f8a.js
service.giosg.com/static/
212 KB
57 KB
Script
General
Full URL
https://service.giosg.com/static/giosgClient.5c1dfcc655359a886f8a.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
700083918aae3479ce60aaad7e2788071b693b7c3c4b62ae7754f796ee4d200b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 12:41:55 GMT
server
nginx
etag
"604f5613-e3fc"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
application/javascript
content-length
58364
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
service.giosg.com/api/v2/visitor/dialog/8121/ Frame
0
0
Preflight
General
Full URL
https://service.giosg.com/api/v2/visitor/dialog/8121/
Protocol
H2
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-giosg-clientversion
Origin
https://www.michaelgraham.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-type
text/html; charset=utf-8
date
Tue, 16 Mar 2021 23:11:32 GMT
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
/
service.giosg.com/api/v2/visitor/dialog/8121/
41 KB
15 KB
XHR
General
Full URL
https://service.giosg.com/api/v2/visitor/dialog/8121/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
f0f8c93e9d01c4a493f3a26e896c8a6bd800645a11e5e096eacaa507d81318f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.michaelgraham.co.uk/
X-GIOSG-ClientVersion
fa8d830748a85d824bb7b7376234b8e8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
6
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000
content-type
application/json
content-length
14541
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1162991387089133&ev=Microdata&dl=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&rl=&if=false&ts=1615936292883&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Town%20%26%20Country%20Home%20Estate%20Agents%20%7C%20Michael%20Graham%22%2C%22meta%3Adescription%22%3A%22Town%20%26%20Country%20Estate%20Agents%20in%20the%20surrounding%20market%20towns%20and%20villages%20of%20Buckinghamshire%2C%20Bedfordshire%2C%20Hertfordshire%20and%20Northamptonshire.%22%2C%22meta%3Akeywords%22%3A%22estate%20agents%2C%20letting%20agents%2C%20selling%2C%20buying%2C%20letting%2C%20property%2C%20Bedfordshire%2C%20Buckinghamshire%2C%20Cambridgeshire%2C%20Hertfordshire%2C%20Leicestershire%2C%20Northamptonshire%2C%20Oxfordshire%2C%20Warwickshire%2C%20Central%20London%2C%20Michael%20Graham%2C%20buyers%2C%20sellers%2C%20landlords%2C%20tenants%2C%20property%20market%2C%20town%2C%20country%2C%20homes%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Estate%20Agents%20%26%20Letting%20Agents%22%2C%22og%3Adescription%22%3A%22Michael%20Graham%20Estate%20Agents%20%26%20Letting%20Agents%20in%20Milton%20Keynes%20and%20surrounding%20market%20towns%20of%20Buckinghamshire%2C%20Bedfordshire%2C%20Hertfordshire%20and%20Northamptonshire.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.michaelgraham.co.uk%2Fstorage%2Fproperties%2Frps_mig-NOR190085%2F00.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.2.1615936292377.971190582&it=1615936292276&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 16 Mar 2021 23:11:32 GMT
giosgClient.4e298208fa25935a.css
service.giosg.com/static/stylesheets/
25 KB
8 KB
Stylesheet
General
Full URL
https://service.giosg.com/static/stylesheets/giosgClient.4e298208fa25935a.css
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
4cd9300dc2a6c9d7a5596c048d5aee9c447dd5f0746231066191f8131033b9fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:32 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 12:41:55 GMT
server
nginx
etag
"604f5613-2025"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
text/css
content-length
8229
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
5078.clients.giosgusercontent.com/cd/5078/wcaxb/ Frame 07F0
74 KB
22 KB
Document
General
Full URL
https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
65b361a444c97fed930173b4f9bddd1b0a00294919f42efdd8754df7f87ce5d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
5078.clients.giosgusercontent.com
:scheme
https
:path
/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.michaelgraham.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.michaelgraham.co.uk/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
en
content-length
22395
content-type
text/html; charset=utf-8
date
Tue, 16 Mar 2021 23:11:32 GMT
pragma
no-cache
server
nginx
set-cookie
csrftoken=5Ye0spn8jKNnaE9AQ9391tnHqnY7vS4P79Sc8T56GAoRu2TnRI85ak5qUK6pIGDi; expires=Tue, 15 Mar 2022 23:11:32 GMT; Max-Age=31449600; Path=/; SameSite=none; Secure
vary
Cookie, Accept-Language, Accept-Encoding
x-response-duration
34
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
RJj9nht7BkaNfZx3BlDjRiNcnEBO4J.png
giosg-chat-public-eu.s3.amazonaws.com/assets/5078/
10 KB
11 KB
Image
General
Full URL
https://giosg-chat-public-eu.s3.amazonaws.com/assets/5078/RJj9nht7BkaNfZx3BlDjRiNcnEBO4J.png
Requested by
Host: www.michaelgraham.co.uk
URL: https://www.michaelgraham.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.42.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
90bad99b1464900f067dbb409393d11c679efcd2c89e767795cd9a7292d85724

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:34 GMT
Last-Modified
Thu, 31 Jan 2019 10:01:12 GMT
Server
AmazonS3
x-amz-request-id
GMTVW73XPYCCEANC
ETag
"2502d30aa1b7eb97be4dd726b6cb15b7"
x-amz-version-id
null
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
10428
x-amz-id-2
tVck/nz6wQ8z0+7OckhiEtnDXPxibKa1b3bAOrHNpdLjdjQS3saoLt/yV0BcWSykWSNq4rA3k9A=
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a2c68c039860ecb16d04dee83c8088ae0b04b42aead582c52fd092c2081f1d1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
visitor.0de6dd31f776e652.css
5078.clients.giosgusercontent.com/static/stylesheets/ Frame 07F0
40 KB
11 KB
Stylesheet
General
Full URL
https://5078.clients.giosgusercontent.com/static/stylesheets/visitor.0de6dd31f776e652.css
Requested by
Host: 5078.clients.giosgusercontent.com
URL: https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
974824c628da89c89ea3b27d7a4506b91eb76763b1b8a2e3c2a2c1b916157f28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 12:41:55 GMT
server
nginx
etag
"604f5613-28cb"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
text/css
content-length
10443
expires
Thu, 31 Dec 2037 23:55:55 GMT
visitor.0a1ce233636dc36dedc7.js
5078.clients.giosgusercontent.com/static/ Frame 07F0
689 KB
191 KB
Script
General
Full URL
https://5078.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Requested by
Host: 5078.clients.giosgusercontent.com
URL: https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
5b7256d07a5e1903dee7211c4967ff1aa82ddcfcab0ae12bab92153c0d54cc0d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 12:41:55 GMT
server
nginx
etag
"604f5613-2fa85"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
application/javascript
content-length
195205
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
service.giosg.com/credentials/5078/ Frame 6EB2
5 KB
3 KB
Document
General
Full URL
https://service.giosg.com/credentials/5078/?url=https%3A%2F%2F5078.clients.giosgusercontent.com
Requested by
Host: 5078.clients.giosgusercontent.com
URL: https://5078.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
45c6c9a1ebeafa1e4c750965e398d855391ac90abf4da10329c2fc4df7099087
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
service.giosg.com
:scheme
https
:path
/credentials/5078/?url=https%3A%2F%2F5078.clients.giosgusercontent.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5078.clients.giosgusercontent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5078.clients.giosgusercontent.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
en
content-length
2492
content-type
text/html; charset=utf-8
date
Tue, 16 Mar 2021 23:11:33 GMT
pragma
no-cache
server
nginx
set-cookie
gid=krfd7rj4gok6belzliaaf4w66j5inlar5obvoascvqiqagqm; expires=Thu, 16-Mar-2023 23:11:33 GMT; Max-Age=63072000; Path=/; SameSite=None; Secure sgid=pvkbeoak54xujsr3oyaakaacontqeehs3362nbvmchvygvycikwbcaa2bq; expires=Thu, 16-Mar-2023 23:11:33 GMT; Max-Age=63072000; Path=/; SameSite=None; Secure
vary
Accept-Language, Accept-Encoding
x-response-duration
7
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
common.js
maps.googleapis.com/maps-api-v3/api/js/44/5/
76 KB
76 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/5/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBbIN60bG6WnU9Ty15gFch3nZCEYONXTlw&libraries=places&region=UK
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e9ea10fab9bf966e6477cc94ba35687f7c47c7493f05680bc242ffbba7cf080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 02:54:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 21:36:13 GMT
server
sffe
age
72995
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78004
x-xss-protection
0
expires
Wed, 16 Mar 2022 02:54:58 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/44/5/
145 KB
54 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/5/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBbIN60bG6WnU9Ty15gFch3nZCEYONXTlw&libraries=places&region=UK
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9c1053263dda66a3863f1f8c6d7019ae15aafa7e36e8cfc6be4d10b81f5b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 08:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 21:36:13 GMT
server
sffe
age
226644
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55137
x-xss-protection
0
expires
Mon, 14 Mar 2022 08:14:09 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/44/5/
216 KB
58 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/5/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBbIN60bG6WnU9Ty15gFch3nZCEYONXTlw&libraries=places&region=UK
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad55cf4c202c63cd7a53c6e18dcba8f2922a06d864cf0caf47df3c831c36e6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 20:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 21:36:13 GMT
server
sffe
age
529476
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59429
x-xss-protection
0
expires
Thu, 10 Mar 2022 20:06:57 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/44/5/
43 KB
16 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/5/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBbIN60bG6WnU9Ty15gFch3nZCEYONXTlw&libraries=places&region=UK
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bcdc46e512d4b56ae427010cfc4303e2e840761ba4e6d746aca41ac94c597ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 20:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 21:36:13 GMT
server
sffe
age
529469
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16604
x-xss-protection
0
expires
Thu, 10 Mar 2022 20:07:04 GMT
Fingerprint
bymtrackinglive.azurewebsites.net/Script/
57 B
765 B
Script
General
Full URL
https://bymtrackinglive.azurewebsites.net/Script/Fingerprint
Requested by
Host: bymtrackinglive.azurewebsites.net
URL: https://bymtrackinglive.azurewebsites.net/Script/Track/michaelgrahamrps12.briefyourmarket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.61.116 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
75caeee172fb458402fca7ec4022fbf2bc603cfc65e44f3fc03419f575f3b99e

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Encoding
gzip
ETag
BymFingerprint
X-AspNetMvc-Version
5.2
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, max-age=31556926
Content-Length
174
Expires
Mon, 16 Mar 2026 23:11:33 GMT
p
i.simpli.fi/
746 B
1 KB
Script
General
Full URL
https://i.simpli.fi/p?cid=87835&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/0e384ff0-8405-0135-dc80-06659b33d47c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
f7877f709474edc03145ffdbfb2ff6e4ab3204dc50e78f8a4024cf9ad934a041
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 23:11:33 GMT
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
application/javascript; charset=UTF-8
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
/
service.giosg.com/api/v5/public/trace/
17 B
374 B
XHR
General
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
769149180259793ddf0c7797a1e0cbb339424b2c9dcbc52b42bb5ffa57b613af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
vary
Accept, Accept-Language
server
nginx
x-response-duration
134
allow
GET, POST, HEAD, OPTIONS
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=EBADA83381574D65B4AF3C87D71D8B6B
43 B
182 B
Image
General
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=EBADA83381574D65B4AF3C87D71D8B6B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:9e4c:4287:35ff:53db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
server
nginx
location
https://simplifi.partners.tremorhub.com/sync?UISF=EBADA83381574D65B4AF3C87D71D8B6B
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 15 Mar 2021 23:11:33 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EBADA83381574D65B4AF3C87D71D8B6B
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EBADA83381574D65B4AF3C87D71D8B6B
95 B
415 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EBADA83381574D65B4AF3C87D71D8B6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Tue, 16 Mar 2021 23:11:33 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EBADA83381574D65B4AF3C87D71D8B6B
alt-svc
clear
content-length
0
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=EBADA83381574D65B4AF3C87D71D8B6B
  • https://d.agkn.com/pixel/10751/?che=1615936293&ip=82.102.20.235&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165021103727001718828
  • https://um.simpli.fi/aa_px?sk=165021103727001718828
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/aa_px?sk=165021103727001718828
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 15 Mar 2021 23:11:33 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 23:11:32 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://um.simpli.fi/aa_px?sk=165021103727001718828
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
nexage
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/nexage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 15 Mar 2021 23:11:33 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EBADA83381574D65B4AF3C87D71D8B6B
0
0
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EBADA83381574D65B4AF3C87D71D8B6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-21.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EBADA83381574D65B4AF3C87D71D8B6B
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 15 Mar 2021 23:11:33 GMT
pubmatic
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 15 Mar 2021 23:11:33 GMT
freewheel
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 15 Mar 2021 23:11:33 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=EBADA83381574D65B4AF3C87D71D8B6B;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=EBADA83381574D65B4AF3C87D71D8B6B;mimetype=img;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-37771826143215302
0
0
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-37771826143215302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-21.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:32 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-4.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-37771826143215302
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EBADA83381574D65B4AF3C87D71D8B6B&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EBADA83381574D65B4AF3C87D71D8B6B&j=0&xl8blockcheck=1
0
759 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=EBADA83381574D65B4AF3C87D71D8B6B&j=0&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 16 Mar 2021 23:11:33 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=EBADA83381574D65B4AF3C87D71D8B6B&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
yahoo
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 15 Mar 2021 23:11:33 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=EBADA83381574D65B4AF3C87D71D8B6B
0
421 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=141&uid=EBADA83381574D65B4AF3C87D71D8B6B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-51-230.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 16 Mar 2021 23:11:33 GMT

Redirect headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=EBADA83381574D65B4AF3C87D71D8B6B
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 15 Mar 2021 23:11:33 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=EBADA83381574D65B4AF3C87D71D8B6B
62 B
745 B
Image
General
Full URL
https://stags.bluekai.com/site/29931?id=EBADA83381574D65B4AF3C87D71D8B6B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-41-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:33 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
8fe5
Content-Type
image/gif

Redirect headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
server
nginx
location
https://stags.bluekai.com/site/29931?id=EBADA83381574D65B4AF3C87D71D8B6B
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 15 Mar 2021 23:11:33 GMT
tpid=EBADA83381574D65B4AF3C87D71D8B6B
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EBADA83381574D65B4AF3C87D71D8B6B
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EBADA83381574D65B4AF3C87D71D8B6B
49 B
718 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EBADA83381574D65B4AF3C87D71D8B6B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:33 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.26
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:33 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EBADA83381574D65B4AF3C87D71D8B6B
cache-control
no-cache
x-server
10.45.25.166
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=EBADA83381574D65B4AF3C87D71D8B6B
  • https://ce.lijit.com/merge?pid=2&3pid=EBADA83381574D65B4AF3C87D71D8B6B&dnr=1
0
433 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=EBADA83381574D65B4AF3C87D71D8B6B&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 23:11:33 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 23:11:33 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=EBADA83381574D65B4AF3C87D71D8B6B&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=EBADA83381574D65B4AF3C87D71D8B6B
0
42 B
Image
General
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=EBADA83381574D65B4AF3C87D71D8B6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
server
nginx
location
https://idsync.rlcdn.com/419566.gif?partner_uid=EBADA83381574D65B4AF3C87D71D8B6B
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 15 Mar 2021 23:11:33 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1615936293311&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1540943692&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1540943692&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1540943692&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
42 B
89 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=1540943692&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JTtRYOv3Gc3KgQef65qoBA&cid=CAQSKQCNIrLM_JTAhtyBx372rv09gyzw7KDM-CXKNL0GCysY--MCY9IGaFP9&random=3187057853&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=1540943692&cv=7&fst=1615936293311&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JTtRYOv3Gc3KgQef65qoBA&cid=CAQSKQCNIrLM_JTAhtyBx372rv09gyzw7KDM-CXKNL0GCysY--MCY9IGaFP9&random=3187057853&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBADA83381574D65B4AF3C87D71D8B6B
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBADA83381574D65B4AF3C87D71D8B6B&__user_check__=1&sync_id=f3208e8c-86ac-11eb-8fc4-1ac061c70b06
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBADA83381574D65B4AF3C87D71D8B6B&__user_check__=1&sync_id=f3208e8c-86ac-11eb-8fc4-1ac061c70b06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:33 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
48
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 16 Mar 2021 23:11:33 GMT
Server
nginx
Location
/partner?adv_id=7797&uid=EBADA83381574D65B4AF3C87D71D8B6B&__user_check__=1&sync_id=f3208e8c-86ac-11eb-8fc4-1ac061c70b06
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
15
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=EBADA83381574D65B4AF3C87D71D8B6B
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEBADA83381574D65B4AF3C87D71D8B6B
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEBADA83381574D65B4AF3C87D71D8B6B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 23:11:33 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.137:80
AN-X-Request-Uuid
769829ed-997f-43ce-8e61-2b27488ccfb5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 23:11:33 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid
b341683d-270c-4ec1-914f-804cc6fdac2d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEBADA83381574D65B4AF3C87D71D8B6B
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EBADA83381574D65B4AF3C87D71D8B6B&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EBADA83381574D65B4AF3C87D71D8B6B&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EBADA83381574D65B4AF3C87D71D8B6B&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 15 Mar 2021 23:11:33 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EBADA83381574D65B4AF3C87D71D8B6B
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EBADA83381574D65B4AF3C87D71D8B6B
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EBADA83381574D65B4AF3C87D71D8B6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:33 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EBADA83381574D65B4AF3C87D71D8B6B
date
Tue, 16 Mar 2021 23:11:33 GMT
via
1.1 google
server
OXGW/16.202.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPU_iw6N9SxBKexWwg_wElw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBADA83381574D65B4AF3C87D71D8B6B
  • https://um.simpli.fi/g_match?id=
0
320 B
Image
General
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 15 Mar 2021 23:11:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/
2 KB
2 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1616
x-xss-protection
0
expires
Tue, 16 Mar 2021 23:11:33 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/
3 KB
3 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3351
x-xss-protection
0
expires
Tue, 16 Mar 2021 23:11:33 GMT
PageView
bymtrackinglive.azurewebsites.net/api/ Frame
0
0
Preflight
General
Full URL
https://bymtrackinglive.azurewebsites.net/api/PageView
Protocol
HTTP/1.1
Server
104.46.61.116 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.michaelgraham.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Server
Microsoft-IIS/10.0
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Length
0
PageView
bymtrackinglive.azurewebsites.net/api/
0
232 B
XHR
General
Full URL
https://bymtrackinglive.azurewebsites.net/api/PageView
Requested by
Host: bymtrackinglive.azurewebsites.net
URL: https://bymtrackinglive.azurewebsites.net/Script/Track/michaelgrahamrps12.briefyourmarket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.61.116 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 23:11:32 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Expires
-1
4d8f8f1b-b6fd-484e-9571-a284c699504a
bym-virtue-guest-api-live.azurewebsites.net/api/Scripts/Embedded/michaelgrahamrps12.briefyourmarket.com/
35 B
886 B
Script
General
Full URL
https://bym-virtue-guest-api-live.azurewebsites.net/api/Scripts/Embedded/michaelgrahamrps12.briefyourmarket.com/4d8f8f1b-b6fd-484e-9571-a284c699504a
Requested by
Host: bymtrackinglive.azurewebsites.net
URL: https://bymtrackinglive.azurewebsites.net/Script/Track/michaelgrahamrps12.briefyourmarket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.87.39 Bermondsey, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ceb4d4473e03c945e6b4c4114284d00a82919b15262fc69a2f0c070a0cd85aba

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 23:11:32 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Content-Length
149
Vary
Accept-Encoding
Request-Context
appId=cid-v1:83373ee5-b31e-4cdb-8a3e-1a2ef70c95c2
chats
5078.clients.giosgusercontent.com/api/v5/public/visitors/6c168bcec20e8d2330f3b4b7dd1be948/ Frame 07F0
42 B
453 B
XHR
General
Full URL
https://5078.clients.giosgusercontent.com/api/v5/public/visitors/6c168bcec20e8d2330f3b4b7dd1be948/chats?ordering=-created_at
Requested by
Host: 5078.clients.giosgusercontent.com
URL: https://5078.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJmMmRmNzc3Yy04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEiLCJpYXQiOjE2MTU5MzYyOTMuMjE1NTQwMiwiZXhwIjoxNjE1OTY1MDkzLjIxNTE2NTYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvNTA3OC8_dXJsPWh0dHBzJTNBJTJGJTJGNTA3OC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcGkvdjUvcHVibGljIjp7Ii9nbG9iYWxfdmlzaXRvcnMiOnsiL2tyZmQ3cmo0Z29rNmJlbHpsaWFhZjR3NjZqNWlubGFyNW9idm9hc2N2cWlxYWdxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1LCIvZjJkZWYyN2EtODZhYy0xMWViLTgzNTctMDI0MmFjMTEwMDFhLyovcnVsZV9wcmVkaWN0aW9ucyI6MTV9LCIvdmlzaXRvcnMvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiL2NoYXRzIjp7Ii8qIjp7IiI6MTUsIi9tZW1iZXJzaGlwcyI6MTUsIi9tZXNzYWdlcyI6MTUsIi90YWdzIjoxNX0sIiI6MTV9LCIvY2hhdF9tZW1iZXJzaGlwcyI6eyIiOjE1LCIvKiI6MTV9fSwiL3RhcmdldC92aXNpdG9ycy9mMmRlZjI3YS04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTUsIi9vcmdzL2E2MDI1ZmRhLWY5NGQtMTFlOC05MTA5LTAyNDJhYzExMDAxZi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1LCIvY2hhdHMiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvbGt2cmwyNHV1am54MzcydWhtYWFrYWFib3lkcmEzYXdycGhtZWR1bmVteXBobmZ4M3VuNnNzYW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYTYwMjVmZGEtZjk0ZC0xMWU4LTkxMDktMDI0MmFjMTEwMDFmIiwiYXBwX2lkIjpudWxsfQ.vhFDnXzhWFK4QcPU4KXa6tCjM1zEOUCtnomZj1JtYSE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
11
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
strict-transport-security
max-age=63072000
content-type
application/json
content-length
42
expires
Tue, 16 Mar 2021 23:11:33 GMT
rule_predictions
5078.clients.giosgusercontent.com/api/v5/public/global_visitors/f2def27a-86ac-11eb-8357-0242ac11001a/f2df330c-86ac-11eb-8357-0242ac11001a/ Frame 07F0
26 B
436 B
XHR
General
Full URL
https://5078.clients.giosgusercontent.com/api/v5/public/global_visitors/f2def27a-86ac-11eb-8357-0242ac11001a/f2df330c-86ac-11eb-8357-0242ac11001a/rule_predictions
Requested by
Host: 5078.clients.giosgusercontent.com
URL: https://5078.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e58f195afe8b3310327d1a15114908473be4e055ba1af97194a2bf63c95619f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJmMmRmNzc3Yy04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEiLCJpYXQiOjE2MTU5MzYyOTMuMjE1NTQwMiwiZXhwIjoxNjE1OTY1MDkzLjIxNTE2NTYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvNTA3OC8_dXJsPWh0dHBzJTNBJTJGJTJGNTA3OC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcGkvdjUvcHVibGljIjp7Ii9nbG9iYWxfdmlzaXRvcnMiOnsiL2tyZmQ3cmo0Z29rNmJlbHpsaWFhZjR3NjZqNWlubGFyNW9idm9hc2N2cWlxYWdxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1LCIvZjJkZWYyN2EtODZhYy0xMWViLTgzNTctMDI0MmFjMTEwMDFhLyovcnVsZV9wcmVkaWN0aW9ucyI6MTV9LCIvdmlzaXRvcnMvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiL2NoYXRzIjp7Ii8qIjp7IiI6MTUsIi9tZW1iZXJzaGlwcyI6MTUsIi9tZXNzYWdlcyI6MTUsIi90YWdzIjoxNX0sIiI6MTV9LCIvY2hhdF9tZW1iZXJzaGlwcyI6eyIiOjE1LCIvKiI6MTV9fSwiL3RhcmdldC92aXNpdG9ycy9mMmRlZjI3YS04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTUsIi9vcmdzL2E2MDI1ZmRhLWY5NGQtMTFlOC05MTA5LTAyNDJhYzExMDAxZi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1LCIvY2hhdHMiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvbGt2cmwyNHV1am54MzcydWhtYWFrYWFib3lkcmEzYXdycGhtZWR1bmVteXBobmZ4M3VuNnNzYW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYTYwMjVmZGEtZjk0ZC0xMWU4LTkxMDktMDI0MmFjMTEwMDFmIiwiYXBwX2lkIjpudWxsfQ.vhFDnXzhWFK4QcPU4KXa6tCjM1zEOUCtnomZj1JtYSE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
2
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
strict-transport-security
max-age=63072000
content-type
application/json
content-length
26
expires
Tue, 16 Mar 2021 23:11:33 GMT
predictions
5078.clients.giosgusercontent.com/api/v5/public/target/visitors/f2def27a-86ac-11eb-8357-0242ac11001a/sessions/f2df330c-86ac-11eb-8357-0242ac11001a/ Frame 07F0
26 B
436 B
XHR
General
Full URL
https://5078.clients.giosgusercontent.com/api/v5/public/target/visitors/f2def27a-86ac-11eb-8357-0242ac11001a/sessions/f2df330c-86ac-11eb-8357-0242ac11001a/predictions
Requested by
Host: 5078.clients.giosgusercontent.com
URL: https://5078.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e58f195afe8b3310327d1a15114908473be4e055ba1af97194a2bf63c95619f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJmMmRmNzc3Yy04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEiLCJpYXQiOjE2MTU5MzYyOTMuMjE1NTQwMiwiZXhwIjoxNjE1OTY1MDkzLjIxNTE2NTYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvNTA3OC8_dXJsPWh0dHBzJTNBJTJGJTJGNTA3OC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcGkvdjUvcHVibGljIjp7Ii9nbG9iYWxfdmlzaXRvcnMiOnsiL2tyZmQ3cmo0Z29rNmJlbHpsaWFhZjR3NjZqNWlubGFyNW9idm9hc2N2cWlxYWdxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1LCIvZjJkZWYyN2EtODZhYy0xMWViLTgzNTctMDI0MmFjMTEwMDFhLyovcnVsZV9wcmVkaWN0aW9ucyI6MTV9LCIvdmlzaXRvcnMvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiL2NoYXRzIjp7Ii8qIjp7IiI6MTUsIi9tZW1iZXJzaGlwcyI6MTUsIi9tZXNzYWdlcyI6MTUsIi90YWdzIjoxNX0sIiI6MTV9LCIvY2hhdF9tZW1iZXJzaGlwcyI6eyIiOjE1LCIvKiI6MTV9fSwiL3RhcmdldC92aXNpdG9ycy9mMmRlZjI3YS04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTUsIi9vcmdzL2E2MDI1ZmRhLWY5NGQtMTFlOC05MTA5LTAyNDJhYzExMDAxZi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1LCIvY2hhdHMiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvbGt2cmwyNHV1am54MzcydWhtYWFrYWFib3lkcmEzYXdycGhtZWR1bmVteXBobmZ4M3VuNnNzYW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYTYwMjVmZGEtZjk0ZC0xMWU4LTkxMDktMDI0MmFjMTEwMDFmIiwiYXBwX2lkIjpudWxsfQ.vhFDnXzhWFK4QcPU4KXa6tCjM1zEOUCtnomZj1JtYSE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
2
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
strict-transport-security
max-age=63072000
content-type
application/json
content-length
26
expires
Tue, 16 Mar 2021 23:11:33 GMT
/
service.giosg.com/api/visitor-data/qvfezaaya2x6oy4h6eaao3awrphmedunemyphnfx3un6ssam/9252/ Frame
0
0
Preflight
General
Full URL
https://service.giosg.com/api/visitor-data/qvfezaaya2x6oy4h6eaao3awrphmedunemyphnfx3un6ssam/9252/
Protocol
H2
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-giosg-clientversion
Origin
https://www.michaelgraham.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-type
text/html; charset=utf-8
date
Tue, 16 Mar 2021 23:11:33 GMT
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
/
service.giosg.com/api/visitor-data/qvfezaaya2x6oy4h6eaao3awrphmedunemyphnfx3un6ssam/9252/
150 B
515 B
XHR
General
Full URL
https://service.giosg.com/api/visitor-data/qvfezaaya2x6oy4h6eaao3awrphmedunemyphnfx3un6ssam/9252/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
a546365fb2c64e97e95039155da8f6226fbccc537bad7f6c0ed330a05bc21106
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.michaelgraham.co.uk/
X-GIOSG-ClientVersion
fa8d830748a85d824bb7b7376234b8e8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
13
vary
Accept, Accept-Language, Cookie
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000
content-type
application/json
content-length
150
/
service.giosg.com/api/v5/public/trace/
17 B
373 B
XHR
General
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e24fc62cf418adbaaf6b3314c5e50180ceaf3773666c13ea73a1e6545cf90658
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
vary
Accept, Accept-Language
server
nginx
x-response-duration
61
allow
GET, POST, HEAD, OPTIONS
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
online_users
5078.clients.giosgusercontent.com/api/v5/public/orgs/a6025fda-f94d-11e8-9109-0242ac11001f/rooms/a607182c-f94d-11e8-9109-0242ac11001f/ Frame 07F0
42 B
504 B
XHR
General
Full URL
https://5078.clients.giosgusercontent.com/api/v5/public/orgs/a6025fda-f94d-11e8-9109-0242ac11001f/rooms/a607182c-f94d-11e8-9109-0242ac11001f/online_users
Requested by
Host: 5078.clients.giosgusercontent.com
URL: https://5078.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJmMmRmNzc3Yy04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEiLCJpYXQiOjE2MTU5MzYyOTMuMjE1NTQwMiwiZXhwIjoxNjE1OTY1MDkzLjIxNTE2NTYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvNTA3OC8_dXJsPWh0dHBzJTNBJTJGJTJGNTA3OC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcGkvdjUvcHVibGljIjp7Ii9nbG9iYWxfdmlzaXRvcnMiOnsiL2tyZmQ3cmo0Z29rNmJlbHpsaWFhZjR3NjZqNWlubGFyNW9idm9hc2N2cWlxYWdxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1LCIvZjJkZWYyN2EtODZhYy0xMWViLTgzNTctMDI0MmFjMTEwMDFhLyovcnVsZV9wcmVkaWN0aW9ucyI6MTV9LCIvdmlzaXRvcnMvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiL2NoYXRzIjp7Ii8qIjp7IiI6MTUsIi9tZW1iZXJzaGlwcyI6MTUsIi9tZXNzYWdlcyI6MTUsIi90YWdzIjoxNX0sIiI6MTV9LCIvY2hhdF9tZW1iZXJzaGlwcyI6eyIiOjE1LCIvKiI6MTV9fSwiL3RhcmdldC92aXNpdG9ycy9mMmRlZjI3YS04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTUsIi9vcmdzL2E2MDI1ZmRhLWY5NGQtMTFlOC05MTA5LTAyNDJhYzExMDAxZi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1LCIvY2hhdHMiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvbGt2cmwyNHV1am54MzcydWhtYWFrYWFib3lkcmEzYXdycGhtZWR1bmVteXBobmZ4M3VuNnNzYW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYTYwMjVmZGEtZjk0ZC0xMWU4LTkxMDktMDI0MmFjMTEwMDFmIiwiYXBwX2lkIjpudWxsfQ.vhFDnXzhWFK4QcPU4KXa6tCjM1zEOUCtnomZj1JtYSE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
1
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
x-cache
HIT from 5078.clients.giosgusercontent.com
strict-transport-security
max-age=63072000
content-type
application/json
content-length
42
expires
Tue, 16 Mar 2021 23:11:33 GMT
a607182c-f94d-11e8-9109-0242ac11001f
5078.clients.giosgusercontent.com/api/v5/public/orgs/a6025fda-f94d-11e8-9109-0242ac11001f/rooms/ Frame 07F0
718 B
933 B
XHR
General
Full URL
https://5078.clients.giosgusercontent.com/api/v5/public/orgs/a6025fda-f94d-11e8-9109-0242ac11001f/rooms/a607182c-f94d-11e8-9109-0242ac11001f
Requested by
Host: 5078.clients.giosgusercontent.com
URL: https://5078.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
7612d957e85bd874a96f407e336a1cb1d0b4e81590f2ee0d7ad96ff17bc61ad4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://5078.clients.giosgusercontent.com/cd/5078/wcaxb/?url=https%3A%2F%2Fwww.michaelgraham.co.uk%2F&dialog_id=8121
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJmMmRmNzc3Yy04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEiLCJpYXQiOjE2MTU5MzYyOTMuMjE1NTQwMiwiZXhwIjoxNjE1OTY1MDkzLjIxNTE2NTYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvNTA3OC8_dXJsPWh0dHBzJTNBJTJGJTJGNTA3OC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcGkvdjUvcHVibGljIjp7Ii9nbG9iYWxfdmlzaXRvcnMiOnsiL2tyZmQ3cmo0Z29rNmJlbHpsaWFhZjR3NjZqNWlubGFyNW9idm9hc2N2cWlxYWdxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1LCIvZjJkZWYyN2EtODZhYy0xMWViLTgzNTctMDI0MmFjMTEwMDFhLyovcnVsZV9wcmVkaWN0aW9ucyI6MTV9LCIvdmlzaXRvcnMvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiL2NoYXRzIjp7Ii8qIjp7IiI6MTUsIi9tZW1iZXJzaGlwcyI6MTUsIi9tZXNzYWdlcyI6MTUsIi90YWdzIjoxNX0sIiI6MTV9LCIvY2hhdF9tZW1iZXJzaGlwcyI6eyIiOjE1LCIvKiI6MTV9fSwiL3RhcmdldC92aXNpdG9ycy9mMmRlZjI3YS04NmFjLTExZWItODM1Ny0wMjQyYWMxMTAwMWEvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTUsIi9vcmdzL2E2MDI1ZmRhLWY5NGQtMTFlOC05MTA5LTAyNDJhYzExMDAxZi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNmMxNjhiY2VjMjBlOGQyMzMwZjNiNGI3ZGQxYmU5NDgiOnsiIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1LCIvY2hhdHMiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvbGt2cmwyNHV1am54MzcydWhtYWFrYWFib3lkcmEzYXdycGhtZWR1bmVteXBobmZ4M3VuNnNzYW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYTYwMjVmZGEtZjk0ZC0xMWU4LTkxMDktMDI0MmFjMTEwMDFmIiwiYXBwX2lkIjpudWxsfQ.vhFDnXzhWFK4QcPU4KXa6tCjM1zEOUCtnomZj1JtYSE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
1
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
x-cache
HIT from 5078.clients.giosgusercontent.com
strict-transport-security
max-age=63072000
content-type
application/json
content-length
430
expires
Tue, 16 Mar 2021 23:11:33 GMT
1399
service.giosg.com/giosg_api/leadform/ Frame
0
0
Preflight
General
Full URL
https://service.giosg.com/giosg_api/leadform/1399
Protocol
H2
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-giosg-clientversion
Origin
https://www.michaelgraham.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-type
text/html; charset=utf-8
date
Tue, 16 Mar 2021 23:11:33 GMT
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
1399
service.giosg.com/giosg_api/leadform/
2 KB
1018 B
XHR
General
Full URL
https://service.giosg.com/giosg_api/leadform/1399
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
60b48325c0680fb56cd1ff03b3796862a5e1e26f0acd2846ef6db70469e240fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.michaelgraham.co.uk/
X-GIOSG-ClientVersion
fa8d830748a85d824bb7b7376234b8e8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
5
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
632
/
service.giosg.com/api/v5/public/trace/
17 B
373 B
XHR
General
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
c3a9ac90f2c535333d37b63aa74c29e216e009d5a3629b31574f3740f757cafb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 16 Mar 2021 23:11:33 GMT
vary
Accept, Accept-Language
server
nginx
x-response-duration
56
allow
GET, POST, HEAD, OPTIONS
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/
62 B
247 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.michaelgraham.co.uk%2F&4sAIzaSyBbIN60bG6WnU9Ty15gFch3nZCEYONXTlw&callback=_xdc_._md23sq&key=AIzaSyBbIN60bG6WnU9Ty15gFch3nZCEYONXTlw&token=95225
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/5/common.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
11b00075ea13ceb51938fb2a1037fcfa12f34ae72c1797c9405d3fabb43ebaf6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.michaelgraham.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 23:11:37 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=13
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer function| gtag function| _giosg function| fbq function| _fbq object| twttr object| pca function| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| _extends function| _typeof function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| noUiSlider function| Packery function| wNumb function| LazyLoad string| _linkedin_data_partner_id object| WebFontConfig object| laravelCookieConsent function| onLoad function| loadFingerprintScript function| loadVirtueScript function| getFingerprint function| logEvent function| logBymPageView function| logPageView function| getMetaTags object| bym object| sifi_att_42656 object| __twttrll object| __twttr object| google_tag_data string| GoogleAnalyticsObject function| ga function| lintrk boolean| _already_called_lintrk object| WebFont object| gaplugins object| gaGlobal object| gaData object| giosgWebpackJsonp undefined| _ object| giosg function| jGiosg function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO undefined| JSON3 object| GiosgClient object| __e3_ string| fingerprint object| _xdc_

7 Cookies

Domain/Path Name / Value
5078.clients.giosgusercontent.com/ Name: csrftoken
Value: 5Ye0spn8jKNnaE9AQ9391tnHqnY7vS4P79Sc8T56GAoRu2TnRI85ak5qUK6pIGDi
.michaelgraham.co.uk/ Name: _gat_gtag_UA_40633643_1
Value: 1
.michaelgraham.co.uk/ Name: _fbp
Value: fb.2.1615936292377.971190582
.michaelgraham.co.uk/ Name: _ga
Value: GA1.3.1178912639.1615936292
www.michaelgraham.co.uk/ Name: my_mg_tracker_session
Value: eyJpdiI6InhGMFVhRnpHZjVtSzdJV0ZSVUExZmc9PSIsInZhbHVlIjoiMmFxY21NUGs0TkZpeUtTRTJSdUJ3S0ZIRENxMlhDdDF2TXF2a2VocmoyNGtLcUtNdmh4SERZVU4xdkxNaGJVaCIsIm1hYyI6ImJkMmNmN2VlNGI1ZjIxMjgxNzJkMjgxYzEzMzk1YjUzODMzNjdjNGE0NjA1MDA2ZDAyOGJlZDcwMGU1M2M4NTEifQ%3D%3D
.michaelgraham.co.uk/ Name: _gid
Value: GA1.3.1818664992.1615936292
www.michaelgraham.co.uk/ Name: XSRF-TOKEN
Value: eyJpdiI6ImkyQ0htcUtuSGxlV1RoNFhOcUNjbnc9PSIsInZhbHVlIjoiK3hpOUJKbXB3SXduM1pZdU5HS0pnQ0p0M0dZbklGd3ozbUg3d1M1Q0FcL2o3ZFF5ZEtibHdhODVPQmliN25lenciLCJtYWMiOiJiNmU2NWQ4ZTcxZDM4ZmFmNDBlMTExZGZlZmRkNmU3Yjk5YTIzY2QyN2JlYTAyNTM1ZGY2OWQzOTZlZTQ1OTllIn0%3D

1 Console Messages

Source Level URL
Text
console-api log URL: https://service.giosg.com/live/(Line 129)
Message:
JQMIGRATE: Migrate is installed with logging active, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5078.clients.giosgusercontent.com
aa.agkn.com
ajax.googleapis.com
bcp.crwdcntrl.net
bym-virtue-guest-api-live.azurewebsites.net
bymtrackinglive.azurewebsites.net
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.agkn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
giosg-chat-public-eu.s3.amazonaws.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
maps.googleapis.com
maps.gstatic.com
micha11152.pcapredict.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
px.ads.linkedin.com
service.giosg.com
simplifi.partners.tremorhub.com
snap.licdn.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
syndication.twitter.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.michaelgraham.co.uk
104.108.41.56
104.244.42.200
104.46.61.116
13.32.21.21
167.99.204.12
169.50.137.176
169.50.137.179
169.50.137.190
172.217.23.98
178.63.128.65
185.33.221.90
185.94.180.125
2001:4de0:ac18::1:a:1b
216.58.212.130
217.10.139.203
2600:1901:0:8eee::
2600:1f18:612b:4216:9e4c:4287:35ff:53db
2606:2800:234:59:254c:406:2366:268c
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9a
2a02:26f0:7100:191::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.205.51.230
34.98.64.218
35.227.248.159
35.244.174.68
51.140.87.39
52.218.42.2
52.28.42.15
52.29.48.214
52.48.248.240
54.78.254.47
69.173.144.139
72.251.249.13
0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a
04857d333856701cf59b5344d98d18f7982a28e11608047ffc6387c56e903255
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c6032c5d2f8b5e5f1a2026ee204aea23812ba58d328bcf8c261fa846d31926d
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10574de0506c0eb1613e3694629b1f0399f362dd76469416fc6243617637bc31
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fdaaecb86cb0e2261083d3d6d7bddc5c75b151d4b63d3d471c610c51b9b86d
11b00075ea13ceb51938fb2a1037fcfa12f34ae72c1797c9405d3fabb43ebaf6
11f269fb1980971eeca1f1b5267de1435c92e650402382b35a96a3b2c738c22c
1349e9456cfe67092a02229d31912dd25ac2c82e8d9acd274e811533da25c0f3
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799
1a001e90321ff81e66b2f2b0ae5d26765248ea440c9ca0207c3cd41fabfce7d4
1e9ea10fab9bf966e6477cc94ba35687f7c47c7493f05680bc242ffbba7cf080
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3248737e2a063f1bb8ad0d5fb32887f5a3ad1fa034981b5c7f6eae7b36872734
3c0b954c3fb8b5ca5934e0f21e851f758a0c2044834b3a5c792ba8c1111e7db4
3e861c9cd550818f83d11935384a0eaf27c47f4d865bcd1420c2dea83f9aa189
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
45c6c9a1ebeafa1e4c750965e398d855391ac90abf4da10329c2fc4df7099087
499b4714240b127614d90d114fbd59ee375a2a1954ed16143fc7d5d66e0cfcb2
49ee5ff36412f30d7c1a72f8bdb0caeebe7cec521078682cdcbc12e6ce0d29e1
4a9c1053263dda66a3863f1f8c6d7019ae15aafa7e36e8cfc6be4d10b81f5b82
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcdc46e512d4b56ae427010cfc4303e2e840761ba4e6d746aca41ac94c597ae
4cd9300dc2a6c9d7a5596c048d5aee9c447dd5f0746231066191f8131033b9fc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51141e322cc9263bbaf1e9def7ba4149072f41ebdc5a088cc8ac641c8fd998b2
5a2c68c039860ecb16d04dee83c8088ae0b04b42aead582c52fd092c2081f1d1
5b7256d07a5e1903dee7211c4967ff1aa82ddcfcab0ae12bab92153c0d54cc0d
5ce6f1fa67d0dd6d205878555cd800a82e7c5aee64915fc970f700dabcec1cd0
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
605115bbb82a507d374ac320e985d5d5e6600f06905293368d0318c92845f01a
60b48325c0680fb56cd1ff03b3796862a5e1e26f0acd2846ef6db70469e240fb
65b361a444c97fed930173b4f9bddd1b0a00294919f42efdd8754df7f87ce5d6
66e69477728a18b198222c6a0393ebf723d84577f358fa157baaba432603afef
6948586d47700edee8214b197a043ff37c72f00f91af9a86937100278407c53f
6fe0de49ce1ce25f05cd955657e99cb55b6980b64b41d6ab713352d23b7bd5cd
700083918aae3479ce60aaad7e2788071b693b7c3c4b62ae7754f796ee4d200b
71278df8baa67ac3522d87c49e66d08523c1edf94fbf827b168f093b705c169e
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7539f9e7b39a0c3753e273128bd8bcc4b0fb0ec17dcacdb6074cf989c0d4bd22
75caeee172fb458402fca7ec4022fbf2bc603cfc65e44f3fc03419f575f3b99e
7612d957e85bd874a96f407e336a1cb1d0b4e81590f2ee0d7ad96ff17bc61ad4
769149180259793ddf0c7797a1e0cbb339424b2c9dcbc52b42bb5ffa57b613af
7b04c5dc572c511f53647270c9903fb9a938435f8619273c89eed1d734fb3dd4
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
83055384162239a091ab9b3b8a5ad63442418b16d5bc0ead4452da350509b51e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90bad99b1464900f067dbb409393d11c679efcd2c89e767795cd9a7292d85724
974824c628da89c89ea3b27d7a4506b91eb76763b1b8a2e3c2a2c1b916157f28
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cf4248281aeac8cc3375bbdafe755fa96fcf31db5f4d4c3a262b4755abed87b
9d835d25a46fbac34e5c611e83f2c391652ae692aac098db16094dc51206b65b
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3ed163d90ec7b3143e9a2867b7879e4a2347a09f431734cbfb9bb4b77299f5b
a546365fb2c64e97e95039155da8f6226fbccc537bad7f6c0ed330a05bc21106
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
ac69b1645332b2d334e8ac4c7fe6d12faa838ed8413e5626e96640c96e2c94ef
ad55cf4c202c63cd7a53c6e18dcba8f2922a06d864cf0caf47df3c831c36e6e8
aed24389838f2cd94063e63a8db0cf6b421e0b4d2eeac85d852e6eb34d49de1e
b0ada28698e70e3b59cab67298fec8031fdb4f8f01802971810af34752e6a4c8
bb94923aab84074a5b0ef5fcf57b258a3b4163fdc4c5bea32a7c4ba56533944d
c3a9ac90f2c535333d37b63aa74c29e216e009d5a3629b31574f3740f757cafb
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cdafed941664bc2f509672258561ca77694fe21b5d49df3ba0fbb3145bc29d63
ceb4d4473e03c945e6b4c4114284d00a82919b15262fc69a2f0c070a0cd85aba
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1a68ab5d339ba8b254ff0505efa684b4e7a7fd2c23b0f0466608bfd6ca23e17
d8af472866cb0df35f5f3be5457ae2e12a7cc03aaa49189fd99728554704d1b5
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23b4134493283bdd49135fa47ab5648c0107273462f383b7191bad6f11e298b
e24fc62cf418adbaaf6b3314c5e50180ceaf3773666c13ea73a1e6545cf90658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58f195afe8b3310327d1a15114908473be4e055ba1af97194a2bf63c95619f6
e8c69530dc103af9c610f989b376d73ef9c8d3318087efdc0ee9ded2ec3195c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f8c93e9d01c4a493f3a26e896c8a6bd800645a11e5e096eacaa507d81318f5
f1bdb4c9e0440acd0f24a0e125cdf0ee3d03d0158802789d7d155b678bb8102d
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f7877f709474edc03145ffdbfb2ff6e4ab3204dc50e78f8a4024cf9ad934a041
f7e080e9ae385a460cde752e7d042550150be9feeeab579e75c0dffba5e347d4
ff0ebc4e5dd13abf97fde1bb1fa98e1b9de347d73893419e0919465b6ec09cb5
ffe25cccf214253e13de35d9a22bcaa71946e59cefe28786d9cf1a95217a4578