Submitted URL: http://www.grahamleader.com/
Effective URL: https://www.grahamleader.com/
Submission: On December 20 via manual from US — Scanned from DE

Summary

This website contacted 87 IPs in 8 countries across 80 domains to perform 285 HTTP transactions. The main IP is 8.34.215.179, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.grahamleader.com.
TLS certificate: Issued by R3 on November 14th 2022. Valid for: 3 months.
This is the only time www.grahamleader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 68 8.34.215.179 396982 (GOOGLE-CL...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 108.138.189.122 16509 (AMAZON-02)
1 108.138.17.115 16509 (AMAZON-02)
16 151.139.128.10 20446 (STACKPATH...)
1 20.150.38.36 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.64.151.162 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
13 99.84.160.111 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 52.54.111.192 14618 (AMAZON-AES)
5 108.138.4.10 16509 (AMAZON-02)
1 2a00:1450:402... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
6 15.197.193.217 16509 (AMAZON-02)
1 54.162.152.214 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 18.66.97.88 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 130.211.10.17 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 141.95.98.64 16276 (OVH)
2 172.64.154.237 13335 (CLOUDFLAR...)
4 44.206.165.148 14618 (AMAZON-AES)
1 18.66.147.2 16509 (AMAZON-02)
1 104.18.13.242 13335 (CLOUDFLAR...)
3 34.246.104.18 16509 (AMAZON-02)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
1 104.103.79.50 16625 (AKAMAI-AS)
1 185.94.180.124 35220 (SPOTX-AMS)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 3 37.252.171.52 29990 (ASN-APPNEX)
1 18.195.37.151 16509 (AMAZON-02)
1 54.93.182.184 16509 (AMAZON-02)
1 18.66.23.210 16509 (AMAZON-02)
3 178.250.0.157 44788 (ASN-CRITE...)
1 35.244.159.8 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.37 16509 (AMAZON-02)
3 2.18.36.193 16625 (AKAMAI-AS)
9 54.194.226.232 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:20d... 16509 (AMAZON-02)
2 130.211.115.4 396982 (GOOGLE-CL...)
2 104.96.145.246 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 2600:1901:0:8... 15169 (GOOGLE)
2 54.73.211.146 16509 (AMAZON-02)
13 194.146.38.23 41436 (CLOUDWEBM...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.58.62 396982 (GOOGLE-CL...)
2 2600:9000:206... 16509 (AMAZON-02)
2 52.28.203.152 16509 (AMAZON-02)
2 3 23.216.77.50 20940 (AKAMAI-ASN1)
1 1 3.69.181.173 16509 (AMAZON-02)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 185.29.134.244 ()
17 185.64.190.80 ()
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.169 ()
1 2 67.220.224.150 ()
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
5 5 52.213.165.172 ()
4 4 142.250.184.194 15169 (GOOGLE)
1 1 185.86.137.131 ()
1 1 198.148.27.139 ()
1 1 52.86.222.203 ()
2 2 151.101.2.49 ()
1 1 35.214.223.115 ()
1 2 2606:4700::68... ()
2 2 213.19.147.44 ()
1 195.5.165.20 ()
1 173.231.181.122 ()
1 5.161.54.172 ()
1 1 141.94.242.206 ()
1 1 141.94.170.64 ()
1 2606:4700:10:... ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
1 35.204.158.49 ()
2 2 37.157.6.248 ()
3 3 54.93.177.113 16509 (AMAZON-02)
2 2 3.123.145.89 ()
1 2a05:d018:d29... ()
2 2 3.126.56.137 ()
1 198.47.127.20 ()
1 2a02:fa8:8806... ()
1 98.98.134.243 ()
1 1 159.65.194.197 ()
1 1 2001:678:cb4:... ()
1 1 34.102.253.54 ()
1 1 37.252.171.84 ()
285 87
Apex Domain
Subdomains
Transfer
68 grahamleader.com
www.grahamleader.com
4 MB
25 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
96 KB
21 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 6098
trends.revcontent.com — Cisco Umbrella Rank: 1723
yeet.revcontent.com — Cisco Umbrella Rank: 6944
img.revcontent.com — Cisco Umbrella Rank: 10067
cdn.revcontent.com — Cisco Umbrella Rank: 7907
images.revcontent.com — Cisco Umbrella Rank: 7224
143 KB
16 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 11945
embedcdn.sendtonews.com — Cisco Umbrella Rank: 13661
s2l.sendtonews.com — Cisco Umbrella Rank: 12707
timber.sendtonews.com — Cisco Umbrella Rank: 12943
player.sendtonews.com — Cisco Umbrella Rank: 14022
196 KB
15 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2398
video.primis.tech — Cisco Umbrella Rank: 6021
695 KB
13 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2 MB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
pubads.g.doubleclick.net — Cisco Umbrella Rank: 404
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
171 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
dis.criteo.com — Cisco Umbrella Rank: 658
9 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
aax-eu.amazon-adsystem.com
98 KB
8 googlesyndication.com
2f98c381b06dabd5ad9d34d833b6f7f2.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
42 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1230
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
11 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 405
349 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
1 KB
5 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 5811
data.ad-score.com — Cisco Umbrella Rank: 5456
139 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 894
eus.rubiconproject.com — Cisco Umbrella Rank: 529
token.rubiconproject.com — Cisco Umbrella Rank: 563
12 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com
4 KB
4 willyweather.com
cdnres.willyweather.com — Cisco Umbrella Rank: 58641
73 KB
4 gstatic.com
fonts.gstatic.com
173 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
1 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
740 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 595
2 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2630
google-bidout-d.openx.net — Cisco Umbrella Rank: 2574
581 B
3 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 68
35 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
18 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
40 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 adform.net
c1.adform.net
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
747 B
2 de17a.com
d5p.de17a.com
562 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383
91 KB
2 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1488
htlb.casalemedia.com — Cisco Umbrella Rank: 482
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
94 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
914 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
89 KB
2 appspot.com
japfg-trending-content.appspot.com — Cisco Umbrella Rank: 60907
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
55 KB
1 playground.xyz
ads.playground.xyz
465 B
1 turn.com
ad.turn.com
518 B
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 simpli.fi
um.simpli.fi
611 B
1 zeotap.com
mwzeom.zeotap.com
382 B
1 onaudience.com
pixel-eu.onaudience.com
734 B
1 erne.co
green.erne.co
367 B
1 truffle.bid
matching.truffle.bid
1 adgrx.com
cm.adgrx.com
283 B
1 iprom.net
core.iprom.net
279 B
1 loopme.me
csync.loopme.me
225 B
1 stackadapt.com
sync.srv.stackadapt.com
613 B
1 contextweb.com
bh.contextweb.com
553 B
1 smartadserver.com
rtb-csync.smartadserver.com
790 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
587 B
1 mathtag.com
sync.mathtag.com
725 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2993
541 B
1 americanhometownmedia.com
www.americanhometownmedia.com — Cisco Umbrella Rank: 73368
103 KB
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2050
254 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
263 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510
511 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 490
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1200
17 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 8393
96 B
1 justapinch.com
www.justapinch.com — Cisco Umbrella Rank: 57083
22 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
17 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2467
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2875
8 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4413
171 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 802
364 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
13 KB
1 windows.net
etypeproductionstorage1.blob.core.windows.net — Cisco Umbrella Rank: 352710
215 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 857
12 KB
285 80
Domain Requested by
68 www.grahamleader.com 1 redirects www.grahamleader.com
13 live.primis.tech www.grahamleader.com
live.primis.tech
13 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
www.grahamleader.com
12 simage2.pubmatic.com ads.pubmatic.com
7 s2l.sendtonews.com embed.sendtonews.com
6 images.revcontent.com
6 yeet.revcontent.com assets.revcontent.com
6 match.adsrvr.org js-sec.indexww.com
ads.pubmatic.com
live.primis.tech
5 match.prod.bidr.io 5 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
live.primis.tech
5 securepubads.g.doubleclick.net www.grahamleader.com
www.googletagservices.com
securepubads.g.doubleclick.net
4 cm.g.doubleclick.net 4 redirects
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 gum.criteo.com 2 redirects static.criteo.net
4 timber.sendtonews.com embed.sendtonews.com
4 cdnres.willyweather.com www.grahamleader.com
cdnres.willyweather.com
4 fonts.gstatic.com fonts.googleapis.com
4 assets.revcontent.com www.grahamleader.com
assets.revcontent.com
4 fonts.googleapis.com www.grahamleader.com
embed.sendtonews.com
live.primis.tech
3 x.bidswitch.net 3 redirects
3 ads.stickyadstv.com 2 redirects live.primis.tech
3 js.ad-score.com assets.revcontent.com
js.ad-score.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 trends.revcontent.com assets.revcontent.com
3 ads.pubmatic.com assets.revcontent.com
live.primis.tech
ads.pubmatic.com
3 mug.criteo.com www.grahamleader.com
3 ib.adnxs.com 2 redirects d29xw9s9x32j3w.cloudfront.net
3 lh3.googleusercontent.com www.grahamleader.com
3 www.google-analytics.com www.grahamleader.com
www.google-analytics.com
cdnres.willyweather.com
3 embed.sendtonews.com 1 redirects www.grahamleader.com
embed.sendtonews.com
2 ups.analytics.yahoo.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 c2shb.pubgw.yahoo.com live.primis.tech
2 video.primis.tech
2 cdn.confiant-integrations.net www.googletagmanager.com
cdn.confiant-integrations.net
2 id.crwdcntrl.net ads.pubmatic.com
live.primis.tech
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 data.ad-score.com js.ad-score.com
2 pubads.g.doubleclick.net embed.sendtonews.com
imasdk.googleapis.com
2 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
live.primis.tech
2 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
2 oajs.openx.net 1 redirects www.grahamleader.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
live.primis.tech
2 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
2 cdnjs.cloudflare.com embed.sendtonews.com
2 www.googletagmanager.com www.grahamleader.com
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
2 connect.facebook.net www.grahamleader.com
connect.facebook.net
2 japfg-trending-content.appspot.com www.grahamleader.com
2 www.googletagservices.com www.grahamleader.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 ad.turn.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 www.americanhometownmedia.com www.grahamleader.com
1 lexicon.33across.com ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 cdn.revcontent.com
1 img.revcontent.com
1 www.google.com tpc.googlesyndication.com
1 sb.scorecardresearch.com www.grahamleader.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 htlb.casalemedia.com d29xw9s9x32j3w.cloudfront.net
1 secure.cdn.fastclick.net www.grahamleader.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 www.justapinch.com www.grahamleader.com
1 s0.2mdn.net imasdk.googleapis.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
ads.pubmatic.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js-sec.indexww.com embed.sendtonews.com
1 2f98c381b06dabd5ad9d34d833b6f7f2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 etypeproductionstorage1.blob.core.windows.net www.grahamleader.com
1 embedcdn.sendtonews.com www.grahamleader.com
1 use.fontawesome.com www.grahamleader.com
285 120
Subject Issuer Validity Valid
grahamleader.etypegoogle4.com
R3
2022-11-14 -
2023-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
assets.revcontent.com
R3
2022-11-13 -
2023-02-11
3 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 06
2022-11-20 -
2023-11-15
a year crt.sh
*.appspot.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-29 -
2022-12-28
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
sendtonews.com
Amazon RSA 2048 M02
2022-11-21 -
2023-12-20
a year crt.sh
cdnres.willyweather.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.sendtonews.com
Amazon
2022-05-18 -
2023-06-16
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
securedvisit.com
Amazon
2022-10-29 -
2023-11-26
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2022-12-02 -
2023-03-02
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-08 -
2023-02-04
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
cdn.prod.uidapi.com
R3
2022-11-29 -
2023-02-27
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2
2022-05-03 -
2023-05-08
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2022-12-02 -
2023-12-02
a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2022-03-11 -
2023-03-29
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
revcontent.com
Amazon
2022-06-16 -
2023-07-16
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2
2022-09-02 -
2023-10-04
a year crt.sh
img.revcontent.com
R3
2022-11-13 -
2023-02-11
3 months crt.sh
cdn.revcontent.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
images.revcontent.com
R3
2022-11-06 -
2023-02-04
3 months crt.sh
lexicon.33across.com
GTS CA 1D4
2022-10-24 -
2023-01-22
3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2
2022-06-18 -
2023-07-20
a year crt.sh
*.confiant-integrations.net
E1
2022-11-24 -
2023-02-22
3 months crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2
2022-05-12 -
2023-06-13
a year crt.sh
*.primis.tech
Amazon RSA 2048 M01
2022-10-24 -
2023-11-22
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-14 -
2023-06-16
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.iprom.net
R3
2022-12-05 -
2023-03-05
3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
truffle.bid
R3
2022-10-03 -
2023-01-01
3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh

This page contains 30 frames:

Primary Page: https://www.grahamleader.com/
Frame ID: 55AC65270848EDA91732EFCAAC97A504
Requests: 188 HTTP requests in this frame

Frame: https://2f98c381b06dabd5ad9d34d833b6f7f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D29E399CBF2A218CFF752CD2F48BDB2
Requests: 1 HTTP requests in this frame

Frame: https://cdnres.willyweather.com/widget/loadView.html?id=96864
Frame ID: 8C56D26604330C2BA4E8B9618D9F623A
Requests: 5 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: B14EADA1C8D79C841CBAD01EDB93781E
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 39B835E9BCF38F1070406C8BDF5231B5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.grahamleader.com
Frame ID: AFF29E0A55805BBCC90E5B5EF77D2635
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 86F1E190228A69FAB2E30D7BEC2E689B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB5F29507E08968A1CE804CF57B9AA83
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3BCCA31C75BB8672D8F5F806AFC6F9F
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000177
Frame ID: 32DE2981D6A203B321A770A2DCAEC896
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 97BD2AE9E92833E9245E96A1A2F5B22B
Requests: 3 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1671555920&pubUrlAuto=https%3A%2F%2Fwww.grahamleader.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 17607D96FCB6EFEB452B5270F7B04083
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Frame ID: B805838C8DB39218D4D99E44FEA7F5BA
Requests: 19 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:864263a1-eb53-4000-9556-4eeeae1aea65&gdpr=0&gdpr_consent=
Frame ID: 0C3BA6BC5FE8FCC4A445598F3EF1A299
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: FEA9EAE8653E6B42E2403AB4AABEDD7B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2263923535633904067
Frame ID: 0639E3B7C11BD2806F888C083EC9094B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 32A90E14A21BDDDDF7C38EA8B0D8CAE5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3312878613711376392&gdpr=0&gdpr_consent=
Frame ID: 363538A8FF0C5A3AB20C8C4D2AE9AF8C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf
Frame ID: A80E5F2E9217A956D888FDAAD9955BDB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179278018453895318&gdpr=0&gdpr_consent=
Frame ID: 5BE76DB319FD9549987BD2F579204387
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAPJ6U7HQ9cAAB-TqLS2EA&gdpr=0&gdpr_consent=
Frame ID: EFDDC922CE8F6523373F583A04C3CD15
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bzDed26TSZNLE1ZMYCu9c9ly2hs
Frame ID: D6A0807BA04D3B9EA549ECA8B6A887EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6HrUgAFfQ-eHAAp&gdpr=0&gdpr_consent=&_test=Y6HrUgAFfQ-eHAAp
Frame ID: 419E65F3DC60468EE936B73360B4A48B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A9AA446F30A4FA230F4FF4859A988B34
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3B71B8C4B9797DDB91481BCA91D38469
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=233640809
Frame ID: B9BF2AE5C890E5A618BF1EC1F54F07F7
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7917B795B6EDFFEC7D1A5D0B9A8E03FD
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 821A18753D4639A87F374CD989958280
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 95822E9A279798EB540D6AD913775006
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d75ac233fe4e29fb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QTVgjXYYMnWnXRMh
Frame ID: BB6E76AD3C9FADA6082823B5B93A6E69
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Graham Leader |

Page URL History Show full URLs

  1. http://www.grahamleader.com/ HTTP 301
    https://www.grahamleader.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

285
Requests

93 %
HTTPS

32 %
IPv6

80
Domains

120
Subdomains

87
IPs

8
Countries

9111 kB
Transfer

14701 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.grahamleader.com/ HTTP 301
    https://www.grahamleader.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://embed.sendtonews.com/player3/embedcode.js?fk=6TRdLu0n&cid=12154&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.12.1/embed.js
Request Chain 114
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grahamleader.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grahamleader.com%2F&rid=esp&cc=1
Request Chain 137
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=grahamleader.com&sn=ChromeSyncframe&so=0&topUrl=www.grahamleader.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=VeC_jHxDTW1pNUlGY3pybHNjOTVlZW5oUW1HVU9kWmp5SUg3NUM1VFdDUEMvVE9OVzVCczJNUGMva1lCVVA5VThTVDJJYlFxZ0F3ZTNxWGExV3FEMGROSENLQ2JRK3ZQK2JsajhDM1V5Nnd1TmNiWWl0cWk4bngzRWNHV3IxcXNBR2NUd1NXeDhFZFVTeHU1OWVmWTNJdzdjTFZNQVBqMm96WGVWYmYxeVdPQXJFc29TWmI4Nkd2VUtxbWxaWmxJQUdMWWNkL2MwcWthTGZSRVpVNkJGU1NubnU1TWJVcXVkbjdHSkhXQnNHUUIybmZjUDN2YlVHNjZGenJNelM0QkkvN3VQcENkdDBFZ1R5NkdoeVhydG9obGRJYTdvN0dhWmJPT2VMZENkMDEvYU11TT18&cppv=2
Request Chain 204
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.grahamleader.com%2F&domain=www.grahamleader.com&bundle=qgVocV8lMkYzeXNSY3ZPa0FXQ0ZhZFlPVWZHODZDdzdCRFZwUUtGQllsQjNvVW1yanhXQzd3RnVzeWY1Z2ZvZ2dtJTJCMEFTWU96RGhGZUFWamduMGR1VkM2UnBFWUNNZyUyRkxGY2tZWFV1NkthUGo0SUpOcjVZbllNdWFmckQlMkJFQXM0bk9oempGQmFJUHlOamR0eGlicnJjMWZpJTJCMFR6ckJOMHJzeWJHUUZiZWpnVDRPRmVrJTNE&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=YpP8iXwyU1NoUkE4bk8wTDRHN0tqMVphVzJKdVdwVHMzcVJEY2tRZjE1ZVJaNWI3RW9hUm9ROG1jTHdVamMyNk8yZTJJVHd4ZTNiejBZekN0WU5ING83MzZGd3NPcWlaWUJRaitGWWlTeFQzWmh0a2t6UFFNYVhybTFoQ0RaMVh3M2Qwc3VxcERnTERCTEFSZFMwSDY5eUloMFVoMjdJNFpCSG5VZ2R2b2J6R1pSeVlob1VFRURZZmx2alVWZmNTSzNXdnhrOG0xYlJUejFQb3hqaUtuQ2hsb2JmdFJIZy85RlQ1WHhQREFidUxOR0crWlRJQy9ETDg2OVlKVjR4UmYvdzFjTFNaUUE2OWt5VEU0MHdxUlprbTNXUzEvV2RhUkJXOVVsWUs4bzhZZjBiTW1JcWpVbG1wY2pULzhhbDJZT3Fac3w&cppv=2
Request Chain 248
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=3590c071f19b1825b850ab9774a9817&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dundefined&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v1dfa_7179278018425725572&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:864263a1-eb53-4000-9556-4eeeae1aea65&gdpr=0&gdpr_consent=
Request Chain 252
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 253
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2263923535633904067
Request Chain 254
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 255
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3312878613711376392&gdpr=0&gdpr_consent=
Request Chain 256
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf
Request Chain 257
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179278018453895318&gdpr=0&gdpr_consent=
Request Chain 258
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFQSjZVN0hROWNBQUItVHFMUzJFQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAPJ6U7HQ9cAAB-TqLS2EA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7549343533603586520&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAPJ6U7HQ9cAAB-TqLS2EA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7549343533603586520%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7549343533603586520&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAPJ6U7HQ9cAAB-TqLS2EA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAPJ6U7HQ9cAAB-TqLS2EA&gdpr=0&gdpr_consent=
Request Chain 259
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bzDed26TSZNLE1ZMYCu9c9ly2hs
Request Chain 260
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y6HrUgAFfQ-eHAAp HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6HrUgAFfQ-eHAAp&gdpr=0&gdpr_consent=&_test=Y6HrUgAFfQ-eHAAp
Request Chain 261
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 262
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 263
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671555922804 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=233640809
Request Chain 267
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d75ac233fe4e29fb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QTVgjXYYMnWnXRMh
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2P95azv8S0G6xi_g17ewFQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 271
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1634979679 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDhGRjc5NkItM0JGQy00QjQxLUJBQzYtMkZFMEQ3QjdCMDE1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELvXlqny3-grMM90Xuq-m1Q&google_cver=1
Request Chain 275
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5710060861223055757
Request Chain 277
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=182b908e-6449-4321-b04c-80c37bfddd58&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1a943cd6-88b0-4310-93e7-7e22a3cd5906&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-11w4nNRE2uXz1.67NVkcKzV8ZP_mFpA-~A&gdpr=0&gdpr_consent=
Request Chain 282
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2367f0bc-5abf-4cc8-89b4-a39f4fa24554&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 283
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2844603283690550710&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 284
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3312878613711376392

285 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.grahamleader.com/
Redirect Chain
  • http://www.grahamleader.com/
  • https://www.grahamleader.com/
71 KB
13 KB
Document
General
Full URL
https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
797913478e7efc4b27319904b14e315bb6fe48ecae99744ec7a00f9e22b43ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Dec 2022 17:05:13 GMT
Etag
"1671555761-1"
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified
Tue, 20 Dec 2022 17:02:41 GMT
Link
<https://www.grahamleader.com/>; rel="canonical",<https://www.grahamleader.com/>; rel="shortlink"
Permissions-Policy
interest-cohort=()
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Cookie Accept-Encoding
X-Content-Type-Options
nosniff
X-Drupal-Cache
HIT
X-Frame-Options
SAMEORIGIN
X-Generator
Drupal 7 (https://www.drupal.org)

Redirect headers

Connection
keep-alive
Content-Length
194
Content-Type
text/html
Date
Tue, 20 Dec 2022 17:05:13 GMT
Location
https://www.grahamleader.com/
Server
nginx/1.14.0 (Ubuntu)
all.css
use.fontawesome.com/releases/v5.5.0/css/
50 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://www.grahamleader.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8X4DC81N3BQG9JYQ
age
397707
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
mABY2era6wwPoi84Sm025GrTDoIF75Yspw0Myu7nBd3IaQCH76UelB9rbJ2WYqvzwqVD5OMlwIg=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87WIhCQwXSWtplUh7sEdmMEqPX2E5Cpqulc0mX5CvL4YQ0g1VgV2YLTUBSVdNjg%2FQjv5nMMlEmiHoIOxj17%2FVMLPmRhH8kh6mmdOKi%2FHMparJjVaCalFr5AsrVSiv8bHCqO3XMusC8fuMuOzmqqZRDEX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
77c9f62fc8d86910-FRA
css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
www.grahamleader.com/sites/grahamleader.com/files/css/
7 KB
3 KB
Stylesheet
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e5fe8-1da3"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css_vZ_wrMQ9Og-YPPxa1q4us3N7DsZMJa-14jShHgRoRNo.css
www.grahamleader.com/sites/grahamleader.com/files/css/
141 B
473 B
Stylesheet
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_vZ_wrMQ9Og-YPPxa1q4us3N7DsZMJa-14jShHgRoRNo.css
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bd9ff0acc43d3a0f983cfc5ad6ae2eb3737b0ec64c25afb5e234a11e046844da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e600a-8d"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css_ThntEcS7q3UfYDvf7q1dWRq7hZFFqDWmblmBWWBhYFg.css
www.grahamleader.com/sites/grahamleader.com/files/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_ThntEcS7q3UfYDvf7q1dWRq7hZFFqDWmblmBWWBhYFg.css
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4e19ed11c4bbab751f603bdfeead5d591abb859145a835a66e59815960616058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e5fe8-5cea"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css_-HwfIp5tPsQsmhXN-y6k7wLsdvwWBoyDy_ltO1Jba8I.css
www.grahamleader.com/sites/grahamleader.com/files/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_-HwfIp5tPsQsmhXN-y6k7wLsdvwWBoyDy_ltO1Jba8I.css
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f87c1f229e6d3ec42c9a15cdfb2ea4ef02ec76fc16068c83cbf96d3b525b6bc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e600a-36d3"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
www.grahamleader.com/sites/grahamleader.com/files/css/
75 KB
12 KB
Stylesheet
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
57fa9a0c1b540cb0d14a58b0d2efa79436d208482ec1d673ef25d9f2872e16c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e5fe8-12a85"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
menu_break_767.css
www.grahamleader.com/sites/all/themes/cni/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.grahamleader.com/sites/all/themes/cni/css/menu_break_767.css?rn6jnw
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c520d461604f9c508177dc7a7a66775e5c0a1d0438281b45b9517f6b9141ff1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Dec 2018 23:30:25 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5c26b211-6bb"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
www.grahamleader.com/sites/grahamleader.com/files/js/
110 KB
39 KB
Script
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4a4f940188189c9e818f1fc8c2d2fd56e7e16bb4995a091e10ba03669590e048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e5fe8-1b816"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1426 / 664 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Dec 2022 17:05:14 GMT
js_qF2DFJCyg-1K2y0_dmMtNVJEXZ_juLDYVMkTg5Z_IrA.js
www.grahamleader.com/sites/grahamleader.com/files/js/
20 KB
7 KB
Script
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/js/js_qF2DFJCyg-1K2y0_dmMtNVJEXZ_juLDYVMkTg5Z_IrA.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a85d831490b283ed4adb2d3f76632d3552445d9fe3b8b0d854c91383967f22b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e5fe8-5085"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_lboD8mxHbiFYKzdGkJi9JvFQWJGyCslzWjcNjvVR3X0.js
www.grahamleader.com/sites/grahamleader.com/files/js/
20 KB
3 KB
Script
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/js/js_lboD8mxHbiFYKzdGkJi9JvFQWJGyCslzWjcNjvVR3X0.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
95ba03f26c476e21582b37469098bd26f1505891b20ac9735a370d8ef551dd7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e600a-50fb"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_c9S7L28GiD9hlQGPOAZ-TmAjXzauQOFTS3F37BGHtCQ.js
www.grahamleader.com/sites/grahamleader.com/files/js/
8 KB
2 KB
Script
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/js/js_c9S7L28GiD9hlQGPOAZ-TmAjXzauQOFTS3F37BGHtCQ.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
73d4bb2f6f06883f6195018f38067e4e60235f36ae40e1534b7177ec1187b424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e5fe8-1e6f"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_VcBC7P0HZ9gu_PQcawt4oWXA16g1MkhtzOAIaUPXZwo.js
www.grahamleader.com/sites/grahamleader.com/files/js/
123 KB
32 KB
Script
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/js/js_VcBC7P0HZ9gu_PQcawt4oWXA16g1MkhtzOAIaUPXZwo.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
55c042ecfd0767d82efcf41c6b0b78a165c0d7a83532486dcce0086943d7670a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e600a-1ebf4"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_hYTVyaMdIAVK1kH943C5HYh2PLlmb7heyXkf3xPUy4Q.js
www.grahamleader.com/sites/grahamleader.com/files/js/
11 KB
4 KB
Script
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/js/js_hYTVyaMdIAVK1kH943C5HYh2PLlmb7heyXkf3xPUy4Q.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8584d5c9a31d20054ad641fde370b91d88763cb9666fb85ec9791fdf13d4cb84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e5fe8-2c8a"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_3vdV5FC_uB-RMT86eGm2JiobkoBRQQ3tQrUItd5wXNw.js
www.grahamleader.com/sites/grahamleader.com/files/js/
9 KB
3 KB
Script
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/js/js_3vdV5FC_uB-RMT86eGm2JiobkoBRQQ3tQrUItd5wXNw.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
def755e450bfb81f91313f3a7869b6262a1b928051410ded42b508b5de705cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 18:01:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"637e5fe8-23ac"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato|Anton|Roboto
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
778c3fe7098b3f796e619f8e5eb09e637d1d0773dc6e7c279b3aeb4f62e4134a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 17:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 17:05:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 17:05:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1426 / 850 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Dec 2022 17:05:15 GMT
banner_0.jpg
www.grahamleader.com/sites/grahamleader.com/files/
63 KB
63 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/banner_0.jpg
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
19100716ab6be0b2a39e4c1e2c33ae44f4b82b52f39cc2ae189b753e68c01f2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Tue, 05 Apr 2016 00:59:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"57030de0-fb34"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64308
Expires
Thu, 31 Dec 2037 23:55:55 GMT
covidtests.jpeg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/
11 KB
11 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/covidtests.jpeg?itok=B6qedFmY
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
98a00cfcb80369c0f1f80c124396b9aaa565edb39828792d29fdedafe9655869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 22:50:40 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cf640-2a5c"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10844
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sheriff_car.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/
32 KB
32 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/sheriff_car.jpg?itok=fg8kMGsM
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2e585886425c8d387a87d51630feca0d32d8c7f5e8e8913c17eba955a9d77b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 21:34:40 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639ce470-7e4d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32333
Expires
Thu, 31 Dec 2037 23:55:55 GMT
county_judge_0.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/
32 KB
33 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/county_judge_0.jpg?itok=cQl0MVr0
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd83104524c44b5d5a14c4120c0083cfb466eef2cdf59614cf65e3fc50e448a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 21:09:09 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cde75-8155"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33109
Expires
Thu, 31 Dec 2037 23:55:55 GMT
edwards.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/
62 KB
63 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/edwards.jpg?itok=mgSi6QP1
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
53f8ace5f0afa3294ba9c0211df21a5e9311cf175f1ee551df1f6050811ddddd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 21:09:08 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cde74-f9b6"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63926
Expires
Thu, 31 Dec 2037 23:55:55 GMT
img_2068_c.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/
48 KB
49 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/img_2068_c.jpg?itok=3kTjUf8Q
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
332f62f407e42c747bb49c045e5684c07ac6c7e90212c861e33c78afc2e0ff06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 21:09:09 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cde75-c13d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49469
Expires
Thu, 31 Dec 2037 23:55:55 GMT
img_0984.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/
46 KB
47 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_update/public/field/image/img_0984.jpg?itok=xFVGZhQC
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1b6bddca48a2f5c9314c729443b5e32959dba22d2bed4fd20a11faa99ff721fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 21:09:09 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cde75-b903"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47363
Expires
Thu, 31 Dec 2037 23:55:55 GMT
covidtests.jpeg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/
1 KB
1 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/covidtests.jpeg?itok=ixlYEOYs
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
429bbec44f7db505908310b3a6ff2b4688f93cd1e47e7da93e33d411f5f0f254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 22:50:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cf646-482"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1154
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sheriff_car.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/
2 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/sheriff_car.jpg?itok=7h9KHT_q
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
98974757b02d2f2aeeb285e90da7ceb8c0cd133fd604528c22c7957fcbfc09f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 21:34:40 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639ce470-6cd"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1741
Expires
Thu, 31 Dec 2037 23:55:55 GMT
county_judge_0.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/
2 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/county_judge_0.jpg?itok=hW3fmHGr
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
83eae12458d635e49408f15ed68e049d832a3885640259116d41741255651311

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 21:09:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cde76-72d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1837
Expires
Thu, 31 Dec 2037 23:55:55 GMT
edwards.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/
2 KB
3 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/edwards.jpg?itok=oeWyH6NK
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b5dd19a83ec735eed028fdc80b23c93cfee5f33b4386cbb5344c002df2fb5074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 21:09:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cde76-8b9"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2233
Expires
Thu, 31 Dec 2037 23:55:55 GMT
img_2068_c.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/
2 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/img_2068_c.jpg?itok=hq40K2LM
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3946e9023e6a145bf7185a86cfd6ec3237536926862032db05f8f5ab66474fc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 21:09:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cde76-7d3"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2003
Expires
Thu, 31 Dec 2037 23:55:55 GMT
img_0984.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/
2 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/slideshow_thumb/public/field/image/img_0984.jpg?itok=rO1GsA14
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ec5efb267de93bb7ad3d755f966cdc78d79f98db94f61e73e7df56534c2f102d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 21:09:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cde76-6e3"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1763
Expires
Thu, 31 Dec 2037 23:55:55 GMT
covidtests.jpeg
www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/
1 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/covidtests.jpeg?itok=yM5OXWAk
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
df91e52bd316564d39538aaab7912423405301e790a84d1d204313fff2526689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 22:34:48 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cf288-576"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1398
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sheriff_car.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/
2 KB
3 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/sheriff_car.jpg?itok=eYHcU3YI
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
285328c7f72249b5a62a49fa02be35847d707e7400c9a75413dbfcb5fcd1aaed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 21:33:37 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639ce431-9cb"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2507
Expires
Thu, 31 Dec 2037 23:55:55 GMT
county_judge_0.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/
3 KB
3 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/county_judge_0.jpg?itok=KIK3al_f
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f2574d511f3613fad598fbde210dfcfc80805f725dce65df8451af826b84b4c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 20:44:50 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cd8c2-ad7"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2775
Expires
Thu, 31 Dec 2037 23:55:55 GMT
edwards.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/
4 KB
4 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/edwards.jpg?itok=GH9oBZeV
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3c209a49b4d7df2408b3113bb672b19bb33856afd5c59ddec72f146099928f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 16 Dec 2022 20:54:23 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cdaff-e1d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3613
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fields_tax_hot.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/
2 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/fields_tax_hot.jpg?itok=KmfzyURp
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
958d318f762b075d55ab5afa1582d87b3af5e7725495b7fd2d0f75346b393940

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Tue, 13 Dec 2022 17:16:23 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6398b367-7c9"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1993
Expires
Thu, 31 Dec 2037 23:55:55 GMT
prenushi.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/
3 KB
3 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/prenushi.jpg?itok=HAMr7Vpr
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
28463660a31bf5420b5f3b42c5c939f1230c3e43561da75a446ce6434f7e40c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 21:31:40 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639ce3bc-c23"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3107
Expires
Thu, 31 Dec 2037 23:55:55 GMT
img_2068_c.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/
3 KB
3 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/img_2068_c.jpg?itok=dER1swpE
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
21daf875d02bb37ca6037fc84719bedcbe525c723c6db168656a2c4a5daffaf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 20:57:16 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cdbac-bf4"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3060
Expires
Thu, 31 Dec 2037 23:55:55 GMT
img_0984.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/
3 KB
3 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/thumbnail/public/field/image/img_0984.jpg?itok=NL2LMIWz
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6b015c983d729633070daf6647a74892cefc427f5e32ff191aa97df82af5d2ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 16 Dec 2022 21:00:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"639cdc8a-aaf"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2735
Expires
Thu, 31 Dec 2037 23:55:55 GMT
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.12.1/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=6TRdLu0n&cid=12154&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.12.1/embed.js
7 KB
3 KB
Script
General
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.12.1/embed.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Server
108.138.17.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54fc7d547a2997ad062694a9b0d2f483a11beb5ab282eae2d77cfa26a6962f01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:02 GMT
x-amz-version-id
8u2JSUrthbycPJmj3ZGGoKPZsapa3f9i
content-encoding
br
last-modified
Tue, 20 Dec 2022 01:45:39 GMT
server
AmazonS3
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"d215ebee58ec47f1196c07d77823f831"
age
14
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uifUWo_idmujQK7TkV3Z4ycSaX1UN2LVk-6IdXm5liIzl4KBxBCwaA==

Redirect headers

date
Tue, 20 Dec 2022 17:05:14 GMT
via
1.1 61e929f79f2623281d7e3a91da354352.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MXP64-P1
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.12.1/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
z2OFi7TfdWEJtEcSGLhIKIeukMtnByqAV-EmJXVu66AdeUiOPM24Ug==
delivery.js
assets.revcontent.com/master/
157 KB
50 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
3fdc364eeb75f7f4a1a581857d0c5f2719e89939d9dd63bfe154f798edb81ab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNzyh50GEokBCiRmZTBlN2RiZi1kMTBkLTRjMDQtYTVjNy0yZWFiYThhNTdjYWMQwLnuqZCq+wIaBgjM1oedBiIOMjE3LjExNC4yMTguMjcosP4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ0ZDg1OTE0MC0zYWQ0LTQyNDYtYWY4ZC1jOWUxNzM4NzQ3NTUYt4oDIhgIAhIUY2RzMTQ2LmZyOC5od2Nkbi5uZXQ=.gQ3lotT8yPjFoDSggX+Wt+MY4m7hSkltCCi0MrTzIdc=
last-modified
Fri, 16 Dec 2022 17:47:02 GMT
server
AmazonS3
x-amz-request-id
PTW6WSD13QQVTWM8
etag
"f78c394118325a3686d52927a21f58d4"
x-hw
1671555916.cds158.fr8.hn,1671555916.cds146.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
50487
x-amz-id-2
dk2I5IX/qUL+iX5Yr7hTKrgQ1ZVwEjWa2NFwSY7bCH9wFRXEbScQP7DSbHrxGf0J2Ko50T1u4LM=
thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/303/
215 KB
215 KB
Image
General
Full URL
https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/303/thumbnail.jpg
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c9179c69366c10639a31e705e634afee6fbc08e907d7fab56ab883253dc491f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 20 Dec 2022 17:05:14 GMT
Last-Modified
Sat, 17 Dec 2022 00:05:23 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DADFC264EA94BC
Content-Type
.jpg
x-ms-request-id
f93e62ed-201e-003d-2295-143329000000
x-ms-version
2009-09-19
Content-Length
220262
widgey-dug.php
japfg-trending-content.appspot.com/
5 KB
2 KB
Script
General
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10239&v=1&q=3&i=1
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
1bf9b7e79e159c7024906ad7633be1c3726450aa3bd8b59d2734fb310bf5e954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ccb-busad.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
8 KB
8 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/ccb-busad.png?itok=8AkABfi6
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
512eee29a2fd7e0bddd207a5fd4c1900a009a08c8f3a5b83c004c8f7299cb35f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Wed, 13 Apr 2022 14:24:00 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6256dd00-1eb3"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7859
Expires
Thu, 31 Dec 2037 23:55:55 GMT
windersauto-busad.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
7 KB
7 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/windersauto-busad.png?itok=H-BbuLq0
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0a5ae5dc3b794c6a33138334eb5cd43addd762bbdedcd309430272c92f19b6fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 11 Mar 2022 16:28:57 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"622b78c9-1afc"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6908
Expires
Thu, 31 Dec 2037 23:55:55 GMT
djpolaris-busad.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
9 KB
9 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/djpolaris-busad.png?itok=OSDQuEU5
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ade14c5de0a0b25efe5435ab9816cf8d87bee604dd50e9ddbd456b66d6cd074e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 11 Mar 2022 16:28:32 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"622b78b0-22d6"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8918
Expires
Thu, 31 Dec 2037 23:55:55 GMT
airsmart-busad2.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
9 KB
9 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/airsmart-busad2.png?itok=hrr1-zc0
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
562fae1d633ef308328aff9afd7017c509e413a77af15784d0374e7677e4af57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 11 Mar 2022 16:28:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"622b7897-22e3"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8931
Expires
Thu, 31 Dec 2037 23:55:55 GMT
image.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
4 KB
4 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/image.png?itok=lprnEO3C
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
66514a431926f8bfa1b7121208cd67001f8fd64d25cb9ef69e6db210a05962ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 02 Apr 2021 16:24:15 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6067452f-e33"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3635
Expires
Thu, 31 Dec 2037 23:55:55 GMT
grmc.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
2 KB
3 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/grmc.jpg?itok=_bI3sNBu
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1313e1fb60b40a4c9c483fb091ff9a8da60f1380d9afdae2c6b9197eabba2148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Fri, 18 Sep 2020 21:51:26 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f652bde-8e5"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2277
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gsl_web_banner_made_in_the_shade_facebook1.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
2 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/gsl_web_banner_made_in_the_shade_facebook1.jpg?itok=ya_1JTP0
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
129af70f60bb729750eb2b761c0a524a2469404733c3ebb95ee25dbbd0de6e76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Wed, 01 Apr 2020 18:57:16 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e84e40c-679"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1657
Expires
Thu, 31 Dec 2037 23:55:55 GMT
beyondfaith-300x90-01.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
1 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/beyondfaith-300x90-01.jpg?itok=mzssdj6k
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4def67b37e52fd0020cfe07b8abc262da9ff78822d01595104f8c3e49b7f09e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Wed, 01 Apr 2020 18:56:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e84e3c2-53d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1341
Expires
Thu, 31 Dec 2037 23:55:55 GMT
buchanans300x90-01.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
1 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/buchanans300x90-01.jpg?itok=JwZknDLO
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
809efa47eb79062b56ddd469bb00b4556c7debae82e72e5b2634aa34b8d349b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Wed, 01 Apr 2020 18:55:27 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e84e39f-52c"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1324
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ppgh_business_directory_web.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
6 KB
6 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/ppgh_business_directory_web.png?itok=g5frILv9
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e5452483cc895d518d050093f76abaf9390212dfc6f69c771a21737765ab53e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Mon, 02 Mar 2020 21:09:14 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e5d75fa-1714"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5908
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/
381 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 20 Dec 2022 13:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Dec 2023 13:29:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
153 B
726 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.grahamleader.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f7f5e7586727ecdae05fd4ee0f7a42f75e587e4c1a55c1bfa892e4f0a1fafd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Tue, 20 Dec 2022 17:05:14 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 16:27:23 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2272
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 18:27:23 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a8aec1c2194a9fae11e2057c14dc7a7ee3c10b156efcf3f1a36b84250e5113d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 17:05:15 GMT
content-md5
8MdyvUJp+o+XiYnXJetiSg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
el5n6Vo+IUAhnc3APcCi8R9rRFqYsU4TFGnAwli1NBdH93Vc2RmhVU/JME39vEQUCbdRoR8zBkRvXOImdG+RSw==
x-fb-trip-id
917726464
x-fb-content-md5
e33207ef365bb964e49336829eb480ad
cross-origin-opener-policy
same-origin-allow-popups
etag
"f3608f1442ebdab069872312eaf77188"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=1,i
expires
Tue, 20 Dec 2022 17:20:19 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Anton|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:21:12 GMT
x-content-type-options
nosniff
age
6243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:21:12 GMT
/
www.grahamleader.com/
356 B
600 B
XHR
General
Full URL
https://www.grahamleader.com/?q=simpleads/load/415/1
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
88f49a24947c24e82eeaccaee6b65c793fbf23a897d10253fb45da34db6c9058
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.grahamleader.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
/
www.grahamleader.com/
256 B
555 B
XHR
General
Full URL
https://www.grahamleader.com/?q=simpleads/load/416/2
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d13c0089f0ab0e532b03dffb14f864d87d4fec441a499ccd55bb2efbef2cbc97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.grahamleader.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
trans.png
www.grahamleader.com/sites/all/themes/cni/images/
1 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/all/themes/cni/images/trans.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aa2d180b6b78bcb16f9e4116b225324669a35aeb924f447ee7eed4602854c1dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Thu, 14 Sep 2017 17:04:38 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"59bab6a6-4b9"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1209
Expires
Thu, 31 Dec 2037 23:55:55 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.grahamleader.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.grahamleader.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
1 KB
410 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1846849647414964&correlator=1531847550272316&eid=31071256%2C31068367&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=116205717%2CTPA-Northsidebar2%2CTPA-Northleaderboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C728x90&ifi=1&adks=3276694238%2C543835968&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1671555915103&lmt=1671555761&dlt=1671555914138&idt=900&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.grahamleader.com%2F&frm=20&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=107924288.1671555915&ga_sid=1671555915&ga_hid=1011391102&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a79d5c03017851d73cb8ce6160b60992e52ca269d3bc4600f9a87c66bf89fdf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
380
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
36 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1846849647414964&correlator=1531847550272316&eid=31071256%2C31068367&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=21843165966%3A116205717%2CEtype_300x250%2CEtype300x250_2%2CEtype_300x600%2CEtype160x600%2CEtype468x60%2CEtype728x90%2CEtype970x250%2CEtype970x90%2CEtype_468x60%2Cetype_300x250%2Cetype300x250_2%2CEtype_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=300x250%2C300x250%2C300x600%2C160x600%2C468x60%2C728x90%2C970x250%2C970x90%2C468x60%2C300x250%2C300x250%2C728x90&ifi=3&adks=1614352962%2C2232150859%2C4282577357%2C1003211113%2C4036073746%2C3738067068%2C2131687355%2C3304717719%2C3258222307%2C3085657378%2C3450881796%2C3049439894&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1671555915110&lmt=1671555761&dlt=1671555914138&idt=900&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C406%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C1499%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C1%7C-1%7C-1%7C-1&ucis=3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.grahamleader.com%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C578x60%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C578x60%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=107924288.1671555915&ga_sid=1671555915&ga_hid=1011391102&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d333d4f428354a6439a8c750fa1178805460bfc03e6ea38bf8d64b2067f4ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10639
x-xss-protection
0
google-lineitem-id
-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2f98c381b06dabd5ad9d34d833b6f7f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D29
6 KB
3 KB
Document
General
Full URL
https://2f98c381b06dabd5ad9d34d833b6f7f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 17:05:15 GMT
expires
Wed, 20 Dec 2023 17:05:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/
126 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXL3J67
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b41a06a242944bf868081b0e6fc315026407dd1bf4b65ddaba400f022111aa04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47972
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Dec 2022 17:05:15 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.12.1/
671 KB
182 KB
Script
General
Full URL
https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.189.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-189-122.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3917d956a053304b10a4e415ad25ac8c1dd02925948fd4ad26ea8b587851c3b6

Request headers

Referer
https://www.grahamleader.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:04:37 GMT
x-amz-version-id
qAR7H6bpkQZQMfB6xBT4r65BLVHEXSvN
content-encoding
br
last-modified
Tue, 20 Dec 2022 01:45:38 GMT
server
AmazonS3
age
39
x-amz-cf-pop
MXP64-P1
etag
W/"ff87e167f893622b888283f9b0d414b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 785051524e198b20f8b58122667c188e.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
fbFLtGNGAz_u0P2p6q8Ljx3oxMLrqY96kET6-aGyKMxRRx_onJafIA==
/
www.grahamleader.com/
905 B
759 B
XHR
General
Full URL
https://www.grahamleader.com/?q=simpleads/load/615/25
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
66025ee4c27756db06e9e7926b5dbffb0dcd039a4a8c66115285c8a824f62de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.grahamleader.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
/
www.grahamleader.com/
901 B
757 B
XHR
General
Full URL
https://www.grahamleader.com/?q=simpleads/load/420/25
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f83d0b56a679e534cb7a63af97c9e0ba3dc17977995e2642f63ae5a112aac2c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.grahamleader.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
loadView.html
cdnres.willyweather.com/widget/ Frame 8C56
2 KB
1 KB
Document
General
Full URL
https://cdnres.willyweather.com/widget/loadView.html?id=96864
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache/2.4.46 (IUS) / PHP/7.0.32
Resource Hash
28b010620ed3054703156792b63290f4e471a1fb07715e5600033ad2e1d4c1a2

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60, public
content-encoding
gzip
content-length
831
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 17:05:15 GMT
server
Apache/2.4.46 (IUS)
x-hw
1671555915.cds154.fr8.hn,1671555915.cds165.fr8.sc,1671555915.dop201.sj3.r,1671555915.cds120.sj3.c,1671555915.cds165.fr8.p
x-powered-by
PHP/7.0.32
x-sp-metadata
HS256.CNvyh50GEokBCiQ1Njc0NDUyZS05MWY0LTRiNGMtOWFjYi01NDQwNzlkMmJlYjYQ4KmGjOqg+wIaBgjL1oedBiIOMjE3LjExNC4yMTguMjco9v4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKRIkZDE0MDI0NTItN2EyMi00MmViLThkYTAtZDM0NTNhOGUyYWVlGL8GIhoIAhIUY2RzMTY1LmZyOC5od2Nkbi5uZXQYAw==.DetWi8Mh5NDHiUVPguu+WuSDLKx2oR1k+MfeGDASNOQ=
/
www.grahamleader.com/
351 B
595 B
XHR
General
Full URL
https://www.grahamleader.com/?q=simpleads/load/422/25
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fd8d832726fd8dc49d8a8e791cd125b74270866ea1cce9c3012e4749ccd5da7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.grahamleader.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
sdk.js
connect.facebook.net/en_US/
306 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=78b33f86ec10e27e20c43df054c0f741
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d32dad4b50b91a13f6e4be3388e39d4f09faace0a68b7e8b550b0d13ab7a6717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.grahamleader.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 17:05:15 GMT
content-md5
Usj/zXadchFR+hNIg0/pxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88479
x-fb-rlafr
0
x-fb-debug
g/t19D497nVkaebeuoV4vIy89G9WIlRpOUtpClHMdl3MHLBkjYfoi+ecgD88HvLBHtWQGXMIZEeLrD6uZQKveQ==
x-fb-content-md5
e6b33ea19c0537789d2576c9698c94c9
cross-origin-opener-policy
same-origin-allow-popups
etag
"69a30d3a7df26527a194ec1a313a06fd"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 20 Dec 2023 14:18:27 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1011391102&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grahamleader.com%2F&ul=en-us&de=UTF-8&dt=Graham%20Leader%20%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAACAAI~&jid=472085809&gjid=514639925&cid=107924288.1671555915&tid=UA-77243405-1&_gid=380036729.1671555915&_r=1&_slc=1&z=798700958
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/
39 KB
13 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 16:41:57 GMT
server
cloudflare
age
1153
etag
W/"da4ae7-9a4f-5f0451d41d012"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
77c9f6373cb09186-FRA
expires
Tue, 20 Dec 2022 21:05:15 GMT
css
fonts.googleapis.com/
3 KB
631 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 16:05:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 17:05:15 GMT
icon
fonts.googleapis.com/
569 B
367 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 17:05:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 17:05:15 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9496566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GxSblTWpgustKqlAVwVM60yQag%2FHvva%2BU9aECklpKLhvhSOvGLkFRqkMaiYhTtAzgs9rPrVzCDsGdIr725OYk5K6uQjFpxh2iAljw78iOoNpQarrl4YUkrPmBT0nx4ld7RoAhikTPOcI3yIn%2FpmIG1A"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77c9f6376e19bb37-FRA
expires
Sun, 10 Dec 2023 17:05:15 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame B14E
53 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7939987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9oFxWVgY2dv6qA5Dv1VWKoz%2F%2BKce%2BYGO%2F3sPIuXWJLtxIdB%2BhFNVb211HqB80fMAVqCY3WKDF7jrUeN6yFagIbT2OxQ2Efn8vZSjydWRBeA%2Ffd6MkLRm7ghPcYDAiWQIsSUATNJYgkYc5CyGsUnFOv8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77c9f6376e1dbb37-FRA
expires
Sun, 10 Dec 2023 17:05:15 GMT
prebid7.17.0.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/ Frame B14E
309 KB
98 KB
Script
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f983dbe5d020d1c937263b46c8559df71c058bb666ad50c94290dacc9cb4edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 22:39:10 GMT
content-encoding
gzip
via
1.1 80d333a7c8f93ae71eecc760dbcee2d6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 01:19:16 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C2
age
66366
etag
W/"bf20d6f18d3ce40dacf71c19374e42a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lb6AUJ8zdsEvpYnn8DI-vipqMMl6lcQB3cRBiHrzAgY7Sv4yOpeU7A==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame B14E
335 KB
59 KB
Script
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 14:16:18 GMT
content-encoding
gzip
via
1.1 80d333a7c8f93ae71eecc760dbcee2d6.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C2
age
10138
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
1lSgJZiXbwtPdzKG4BCCORUNFvDabEuafpn68rY2FBxu2QZUuuWwTQ==
ima3.js
imasdk.googleapis.com/js/sdkloader/
372 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Tue, 20 Dec 2022 17:05:15 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/
1 KB
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 09:11:05 GMT
via
1.1 80d333a7c8f93ae71eecc760dbcee2d6.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C2
age
28451
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
fXj0kGuquUfuRq3IbClZuoXq5YijX5ajwb2vHlBPxZoxtAhj3ic7Ng==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/
322 B
637 B
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 22:04:02 GMT
via
1.1 80d333a7c8f93ae71eecc760dbcee2d6.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C2
age
68474
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
CGFb5cz_96n59i59KhP6kdEEw2w3AxoI91MEKCJKUxDtS5bSpK8i1A==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/
832 B
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 22:04:04 GMT
via
1.1 80d333a7c8f93ae71eecc760dbcee2d6.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C2
age
68474
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
vkE3KlMdIR6ynpq-pNDZxU1mDFtLeHGyqTCX7awiihO2ITAclMRv_Q==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/
773 B
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 22:04:04 GMT
via
1.1 80d333a7c8f93ae71eecc760dbcee2d6.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C2
age
68474
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
LXNjoWjcRZwzNkIfnJPrWpOZ5wJ2mohX436kSK_CI3UtRDQg5T7-9g==
stn_trk.gif
s2l.sendtonews.com/
26 B
187 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=pSoA-k_qzv7vnvFt&instance=866495&version=7.12.1&age=221220&cmd=PRE_INIT&key=6TRdLu0n&seq=1&order=1&absoluteTime=2355.5&relativeTime=0.2&canonical=https://www.grahamleader.com/&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/
35 KB
7 KB
Fetch
General
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=pSoA-k_qzv7vnvFt&instance=866495&version=7.12.1&age=221220&ESG_key=6TRdLu0n&type=FULL&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.189.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-189-122.mxp64.r.cloudfront.net
Software
Apache /
Resource Hash
abb9ae44c3605c928d4925909a1f8e42385e5a2f6c6bd45ad64eb1d7380df50a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
via
1.1 785051524e198b20f8b58122667c188e.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
MXP64-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
dr_Hr_0Xt2EAlKyXKGyzh2FWuPMCaIXg30ioMk9RxjxBGwySuS5-5g==
content-length
6289
expires
Tue, 20 Dec 2022 17:05:16 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame B14E
178 KB
45 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:12:08 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 17:02:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3188
x-amz-server-side-encryption
AES256
etag
W/"9678e76b6e6295571547f8fe5df68b88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
GNtCJCD_qo1EPueL5A0zNHLlHRTxbs-F_pEhIbSHXnxICwat6w_zkg==
collect
stats.g.doubleclick.net/j/
1 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77243405-1&cid=107924288.1671555915&jid=472085809&gjid=514639925&_gid=380036729.1671555915&_u=YAhAAAAAAAAAACAAI~&z=1886355941
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 20 Dec 2022 17:05:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
brazos.jpg
www.grahamleader.com/sites/grahamleader.com/files/field/image/
28 KB
28 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/field/image/brazos.jpg
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2acadc67e0c0e8c8adc7f3c3299ff40d365b626dcb9e3af0427ceebfa88bdce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Wed, 23 Sep 2020 17:52:56 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f6b8b78-703a"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28730
Expires
Thu, 31 Dec 2037 23:55:55 GMT
identity
api.rlcdn.com/api/
44 B
364 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.grahamleader.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/
63 B
394 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
9ab773115247efc69e72c85c1a4b021261d013e1a475e32cc05fbbc03fbc610b

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grahamleader.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 19 Jan 2023 17:05:15 GMT
/
id.sv.rkdms.com/identity/
2 B
171 B
XHR
General
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.grahamleader.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.152.214 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-152-214.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.grahamleader.com
date
Tue, 20 Dec 2022 17:05:15 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
discountliquorno_970x90.png
www.grahamleader.com/sites/grahamleader.com/files/field/image/
512 KB
513 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/field/image/discountliquorno_970x90.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7913b63f91c00f14c9ae5f862e4a699314322425d56c6fe07b2e556c1d357d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Fri, 12 Aug 2022 20:36:15 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"62f6b9bf-801c7"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
524743
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29395
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2B8k07m%2BYx3oY9wRq9vs1smRCrSxceW%2BFUUn19iwSgVCXu%2FhpWS%2BKSIlZjJbsoNNuql8eRvG%2BZ%2FWrVE9gBDQGtRnRHMUB%2BbAvmtuKQmQUK3lOlSlDt9ADvy1mXLGVbBKNj%2Fm3z6sEosXVL6iM2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77c9f6388b4c90d7-FRA
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 07:24:28 GMT
content-encoding
gzip
age
726047
x-guploader-uploadid
ADPycdu3Gw5FY_q4NTn97VXYnntJVtAX26caEl7o3n1xhH_sP1GWn03HtLzXWtmuhtpWhoyqDf_pa2Sc5NeIIOZROxkPyfq5tOA6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Dec 2023 07:24:28 GMT
esp.js
cdn.id5-sync.com/api/1.0/
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
EQE76HEZ6JXKNVQT
age
2774
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77c9f6394c67bb5b-FRA
x-amz-id-2
j2Lo9VKgAHpQwSAT5fIm1uW/nR6idej/ZE8Ukdqw1cDFcrTXGGuz81VPr7G/Pn5YZKpafV0Orm4=
publishertag.ids.js
static.criteo.net/js/ld/
39 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 21 Dec 2022 17:05:15 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
32 KB
10 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 06:30:00 GMT
content-encoding
gzip
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
38116
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
UakW6Bu862hk9_pte5iPlvqNGkj9FTt2sbaWpb316DpLMxGtTopsoQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ea00:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56d514af1c2c960a699597920f5e4527026bff866d82024a69b23c14e7ab25f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 01:53:11 GMT
Via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
Last-Modified
Tue, 20 Dec 2022 01:53:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
54725
ETag
"f96f6002e33c2b154ec2db31acd9bd1b"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1767
X-Amz-Cf-Id
OMFjqWuyoVaENwYA3_RZ8WhG-h5V5qGNNxG4Tn4PspWGL5qCQadAow==
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 39B8
693 KB
222 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
184772
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Dec 2022 13:45:43 GMT
expires
Mon, 18 Dec 2023 13:45:43 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Dec 2022 17:05:16 GMT
gtm.js
www.googletagmanager.com/
126 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXL3J67
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb4c553d2d7102ed7be4d50c8d2a23134ee4600f18fc3f96bb67455221a7474d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47969
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Dec 2022 17:05:15 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B14E
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wNtqwpTGlGbwu0GXAW2Vd_FfHwa_heq-d0XTmUt6pXqY7lqBcczURA==
sprite_icons_6dc7d94.png
www.justapinch.com/images/
22 KB
22 KB
Image
General
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.10.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 09:04:40 GMT
via
1.1 google
last-modified
Fri, 09 Dec 2022 20:54:00 GMT
server
nginx
age
28835
x-who
gcloud-web-1
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22292
expires
Wed, 20 Dec 2023 09:04:40 GMT
txPf4TA1Nk0YglUN2iiSCKK5CajPJHAxTeVvlYxHgaQ093UcLF8CQEaaQ8N7ZQ2ncAWZdWtV9po_VvjjVbaEg9Kav2sui20=w300-h170-p-rj-l75
lh3.googleusercontent.com/
14 KB
15 KB
Image
General
Full URL
https://lh3.googleusercontent.com/txPf4TA1Nk0YglUN2iiSCKK5CajPJHAxTeVvlYxHgaQ093UcLF8CQEaaQ8N7ZQ2ncAWZdWtV9po_VvjjVbaEg9Kav2sui20=w300-h170-p-rj-l75
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
70a0c01a487e1e53c7cb4a2f9d6126dbfecdde3128cf2d19954da4ba87fd3be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:38:51 GMT
x-content-type-options
nosniff
age
12384
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14800
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 19 Nov 2022 01:14:35 GMT
payqriSsdJJ8tkIhhnAV1ZdBqTTAzsCf8Wf-0LAj3reXTySWF00DaS729Qh5SRf5KNyaUAFslDHq-9kLkMB27m83Cb_J=w300-h170-p-rj-l75
lh3.googleusercontent.com/
10 KB
10 KB
Image
General
Full URL
https://lh3.googleusercontent.com/payqriSsdJJ8tkIhhnAV1ZdBqTTAzsCf8Wf-0LAj3reXTySWF00DaS729Qh5SRf5KNyaUAFslDHq-9kLkMB27m83Cb_J=w300-h170-p-rj-l75
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
80c8a6d929b1ee0e502702ef1c609d58e74da0a0be05f51d51bbc8fb0a764ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 13:10:15 GMT
x-content-type-options
nosniff
age
14100
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9975
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 17 Dec 2022 23:16:28 GMT
HmbN7XIL06usL-DTI4nw3tefkutirxOgvzyIH45p9ONNGGGjCXrfxaMUk9ZNY-h0y6hco1llHmo3cDMsnj2jfKF8QYXAPA=w300-h170-p-rj-l75
lh3.googleusercontent.com/
10 KB
11 KB
Image
General
Full URL
https://lh3.googleusercontent.com/HmbN7XIL06usL-DTI4nw3tefkutirxOgvzyIH45p9ONNGGGjCXrfxaMUk9ZNY-h0y6hco1llHmo3cDMsnj2jfKF8QYXAPA=w300-h170-p-rj-l75
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ae5c3352accd59ea67c1a6e1a782c5a3ea29a0154f8a4befc56e62aa10752196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:40:10 GMT
x-content-type-options
nosniff
age
5105
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10667
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 21 Dec 2022 03:01:39 GMT
postscript-bg.png
www.grahamleader.com/sites/all/themes/cni/images/
22 KB
23 KB
Image
General
Full URL
https://www.grahamleader.com/sites/all/themes/cni/images/postscript-bg.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4acf439c9ae114b6707b0b59036ced496e25670143d6c774bc7315dcff1a8c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:16 GMT
Last-Modified
Thu, 14 Sep 2017 17:04:38 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"59bab6a6-58dd"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22749
Expires
Thu, 31 Dec 2037 23:55:55 GMT
boaz-christmasshopping.png
www.grahamleader.com/sites/grahamleader.com/files/field/image/
296 KB
297 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/field/image/boaz-christmasshopping.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8dd6e2982523c51e7455b1d6b41deb5b7ae5e4c67d7786b3a129e0e3f83feb07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Mon, 21 Nov 2022 22:10:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"637bf76d-4a1ca"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
303562
Expires
Thu, 31 Dec 2037 23:55:55 GMT
graham_hiring_bw.jpg
www.grahamleader.com/sites/grahamleader.com/files/field/image/
499 KB
499 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/field/image/graham_hiring_bw.jpg
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
179a1f39ddbf0c91efa0464c8261face778eef8b93229b114b1a07038d96ff3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Wed, 16 Nov 2022 22:18:08 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"637561a0-7cb62"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
510818
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fumc-xmaseve3x8.png
www.grahamleader.com/sites/grahamleader.com/files/field/image/
803 KB
803 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/field/image/fumc-xmaseve3x8.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
283e7fc6e0b49e31d0923fd2be29cbcb6cfd201816bf6c61c2608f9506c45e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Tue, 20 Dec 2022 14:39:45 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"63a1c931-c8c30"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
822320
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wildcatter-holidayparties_0.png
www.grahamleader.com/sites/grahamleader.com/files/field/image/
1 MB
1 MB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/field/image/wildcatter-holidayparties_0.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3c045f48d6ccd8f8e09e2c2a5062dfaf6c6e56e134358c33768e43f2f43c077

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Wed, 30 Nov 2022 20:41:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6387bff0-13ed08"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1305864
Expires
Thu, 31 Dec 2037 23:55:55 GMT
smiths-skyscraper-01.jpg
www.grahamleader.com/sites/grahamleader.com/files/field/image/
92 KB
93 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/field/image/smiths-skyscraper-01.jpg
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d84ea754fb9f9efeeafcd22068b342d8a51bf2fb24c80febf497632ead8bc4ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:15 GMT
Last-Modified
Mon, 02 Mar 2020 14:12:50 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e5d1462-17190"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
94608
Expires
Thu, 31 Dec 2037 23:55:55 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grahamleader.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grahamleader.com%2F&rid=esp&cc=1
85 B
103 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grahamleader.com%2F&rid=esp&cc=1
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H3
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
fb2562dc537617fbee16840e9fa7c1ef12b55c330d9f3a3da928bb25f823d1e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-lk4sv9j3J4tuQOxBk4Bab1jskcI"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grahamleader.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 20 Dec 2022 17:05:15 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.grahamleader.com
location
/esp?url=https%3A%2F%2Fwww.grahamleader.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/
0
329 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grahamleader.com
date
Tue, 20 Dec 2022 17:05:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
headerstats
as-sec.casalemedia.com/
0
507 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.grahamleader.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjM9AsII81FOpQZpIXFuQPbkStoBaj0K7mh%2F0m6%2F3DMPHwhyRpgBN76Js3kDO%2FhL%2FrASk5hMHfi11ixNRhpit9HxjLUDPPcfz3iTzT6ZHpOnDjHWAHBWCluqK2UchgZfDlDsoSvNNjY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77c9f63a5a4abb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
config
c.amazon-adsystem.com/cdn/prod/ Frame B14E
248 B
603 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.grahamleader.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.grahamleader.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
O3ANkS0r1XX466pWCNynbsBkWBP4k_XEq11zZTsQFAwTBgLIkpXj2A==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=pSoA-k_qzv7vnvFt&instance=297866495&version=7.12.1&age=221220&cmd=GET&key=6TRdLu0n&c_id=12154&seq=1&order=2&absoluteTime=2878.7&relativeTime=523.4&canonical=https://www.grahamleader.com/&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:15 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/
0
143 B
Ping
General
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=6TRdLu0n&ES_key=6TRdLu0n&ES_ID=31843&S_RKEY=zO1FXJrfK8&USR_ID=297866495&ST_usrKey=pSoA-k_qzv7vnvFt&SM_ID=2421375&C_ID=12154&C_companyName=Moser%20Media&version=70120010&sC_ID=4719&AC_ID=2008&TYPE=FLOAT&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 17:05:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Tue, 20 Dec 2022 17:02:54 GMT
0.js
player.sendtonews.com/bidderFiles/
4 KB
2 KB
Script
General
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6484dbdbcc018ef0cc92a28a4ef391571c4651aaa1958a85a24439c6120f9606

Request headers

Referer
https://www.grahamleader.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
R1seq2Z_z8JGW4oF8VGqO4_69qZCLOzx
content-encoding
gzip
via
1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront), 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
date
Mon, 19 Dec 2022 19:58:04 GMT
x-amz-cf-pop
FRA56-P7, FRA60-P4
age
76033
x-cache
Hit from cloudfront
last-modified
Thu, 15 Dec 2022 19:57:28 GMT
server
AmazonS3
etag
W/"7cf0333618ae77b3dfe7d27466506fa8"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
iUlK093WForHYsDTTHFrRnnNyJnGVVVQ8DbCRb79k6z6kwBrLYZyTQ==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 19:04:32 GMT
x-content-type-options
nosniff
age
79244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 19:04:32 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/
125 KB
125 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:21:17 GMT
x-content-type-options
nosniff
age
6239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:21:17 GMT
rzs9y3h3f0vtca1ru45erh45jxt41wib.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/
21 KB
22 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/rzs9y3h3f0vtca1ru45erh45jxt41wib.jpg
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5df4848250963084f52150ea11e08ac47180dc1542a3c4c3184f6c1bdfd9fa4

Request headers

Referer
https://www.grahamleader.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:17 GMT
via
1.1 11f2bbed05b5b40cdf20119c85254bce.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
21929
last-modified
Wed, 14 Dec 2022 02:25:06 GMT
server
AmazonS3
etag
"1772bc29f4581b54655b6905b73502df"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
JlumxoN2zClBRJpvC9_8tXMzQEpU0XLN0YnK2e2hG7iGbAcHnXuZZQ==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=pSoA-k_qzv7vnvFt&instance=297866495&version=7.12.1&age=221220&cmd=RTP&key=6TRdLu0n&c_id=12154&seq=1&order=3&absoluteTime=2935.2&relativeTime=579.9&sC_ID=4719&sm_id=2421375&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/
0
142 B
Ping
General
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=6TRdLu0n&ES_key=6TRdLu0n&ES_ID=31843&S_RKEY=zO1FXJrfK8&USR_ID=297866495&ST_usrKey=pSoA-k_qzv7vnvFt&SM_ID=2421375&C_ID=12154&C_companyName=Moser%20Media&version=70120010&sC_ID=4719&AC_ID=2008&TYPE=FLOAT&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 17:05:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Tue, 20 Dec 2022 17:05:17 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame B14E
0
96 B
Script
General
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
77c9f63bef3d9a0c-FRA
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/
60 B
338 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.104.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-104-18.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a0e21267c6c9eaae680de6e21aaf72b07c50cd0c97b18abba548641ac63044bd

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache
x-server
10.45.19.40
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame AFF2
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.grahamleader.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 17:05:16 GMT
server
Kestrel
server-processing-duration-in-ticks
1016230
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame B14E
53 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.79.50 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-79-50.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Tue, 20 Dec 2022 17:20:16 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame B14E
33 B
564 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221a78e80bf0f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.grahamleader.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.grahamleader.com%2F%22%2C%22domain%22%3A%22grahamleader.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22grahamleader.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.grahamleader.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22lbwh8ffz.xIEgac%22%2C%22adunitcode%22%3A%22lbwh8ffz.xIEgac%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22260944082d1e56%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%2C%22tid%22%3A%2271d74e1b-1362-4755-b861-c556819cd70e%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A578%2C%22h%22%3A325%2C%22sizes%22%3A%5B%5B578%2C325%5D%5D%2C%22playerSize%22%3A%5B%5B578%2C325%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22krvviRkl4Pl2V3f12wEeVw%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b2490197a8220973574029c3e74021ea0f740390c1dfeeab3f0f375a107f2f

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9cBSsRa1tPzD3My3t7tH3mrhhTbnBaw%2BDk25fG0O5GAbP2%2Bc6vRLZKRBCaFz9HN7h9R6T2atCx1TLF7wCGYghvgTTrh6iCUtuSq8qu%2Bls58jb5BcnLc2424a8%2FICqAwdwztl9un"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77c9f63c0a2d92b7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33
expires
0
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame B14E
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Tue, 20 Dec 2022 17:05:16 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.010753
X-SpotX-Timing-Transform
0.005545
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.010753
X-SpotX-Timing-Page-Require
0.000288
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001728
X-fe
140
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.019440
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000238
Last-Modified
Tue, 20 Dec 2022 17:05:16 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.grahamleader.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000855
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame B14E
0
120 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grahamleader.com
date
Tue, 20 Dec 2022 17:05:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame B14E
138 B
953 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
26eb5ddefc0e32b728b3f40c2a6a97c554ed17bc9070667265c8ec711a4671cb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 17:05:16 GMT
AN-X-Request-Uuid
cb2d8e0b-af30-40cb-a14f-4afb7100de26
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.grahamleader.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame B14E
173 B
408 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.37.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-37-151.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c4ac58719dd6002299ead13a4e53d6eabb6355237250d251a59f7e76d432a503

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:16 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
auction
tlx.3lift.com/header/ Frame B14E
19 B
511 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.grahamleader.com%2F&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.182.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-182-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:16 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame B14E
23 B
467 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.grahamleader.com%2F&pid=0lUD307Avh9uS&cb=0&ws=1600x1200&v=22.1212.1511&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CkrvviRkl4Pl2V3f12wEeVw%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-210.vie50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
4TC69TKFSQS48NGECV7S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.grahamleader.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
7t8dXTcwtVcaI5TrI98Mf0Vs8GuDx8Z9qy53PkITZ7kJ1ptmaLzT2Q==
sid
mug.criteo.com/ Frame AFF2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=grahamleader.com&sn=ChromeSyncframe&so=0&topUrl=www.grahamleader.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=VeC_jHxDTW1pNUlGY3pybHNjOTVlZW5oUW1HVU9kWmp5SUg3NUM1VFdDUEMvVE9OVzVCczJNUGMva1lCVVA5VThTVDJJYlFxZ0F3ZTNxWGExV3FEMGROSENLQ2JRK3ZQK2JsajhDM1V5Nnd1TmNiWWl0cWk4bngzRWNHV3...
454 B
670 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=VeC_jHxDTW1pNUlGY3pybHNjOTVlZW5oUW1HVU9kWmp5SUg3NUM1VFdDUEMvVE9OVzVCczJNUGMva1lCVVA5VThTVDJJYlFxZ0F3ZTNxWGExV3FEMGROSENLQ2JRK3ZQK2JsajhDM1V5Nnd1TmNiWWl0cWk4bngzRWNHV3IxcXNBR2NUd1NXeDhFZFVTeHU1OWVmWTNJdzdjTFZNQVBqMm96WGVWYmYxeVdPQXJFc29TWmI4Nkd2VUtxbWxaWmxJQUdMWWNkL2MwcWthTGZSRVpVNkJGU1NubnU1TWJVcXVkbjdHSkhXQnNHUUIybmZjUDN2YlVHNjZGenJNelM0QkkvN3VQcENkdDBFZ1R5NkdoeVhydG9obGRJYTdvN0dhWmJPT2VMZENkMDEvYU11TT18&cppv=2
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ceb579d8c3f76bc446f2bb7fa1a6132daccc6b740d8dc354603b88cf49f24fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1796889
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=VeC_jHxDTW1pNUlGY3pybHNjOTVlZW5oUW1HVU9kWmp5SUg3NUM1VFdDUEMvVE9OVzVCczJNUGMva1lCVVA5VThTVDJJYlFxZ0F3ZTNxWGExV3FEMGROSENLQ2JRK3ZQK2JsajhDM1V5Nnd1TmNiWWl0cWk4bngzRWNHV3IxcXNBR2NUd1NXeDhFZFVTeHU1OWVmWTNJdzdjTFZNQVBqMm96WGVWYmYxeVdPQXJFc29TWmI4Nkd2VUtxbWxaWmxJQUdMWWNkL2MwcWthTGZSRVpVNkJGU1NubnU1TWJVcXVkbjdHSkhXQnNHUUIybmZjUDN2YlVHNjZGenJNelM0QkkvN3VQcENkdDBFZ1R5NkdoeVhydG9obGRJYTdvN0dhWmJPT2VMZENkMDEvYU11TT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
631165
content-length
0
expires
0
cssView.1.39.03.html
cdnres.willyweather.com/widget/ Frame 8C56
7 KB
2 KB
Stylesheet
General
Full URL
https://cdnres.willyweather.com/widget/cssView.1.39.03.html?id=96864
Requested by
Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/loadView.html?id=96864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache/2.4.46 (IUS) / PHP/7.0.32
Resource Hash
6bcba42ed5e926520391de384965784522e9dbafe39337e45177aa94a5204b7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdnres.willyweather.com/widget/loadView.html?id=96864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNzyh50GEokBCiQ1MDViOGU5MS04ZjMyLTQ0MTEtYjg5Yi0xM2E3ODgwYjA4N2YQ4KmGjOqg+wIaBgjM1oedBiIOMjE3LjExNC4yMTguMjco9v4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQxZWQ3MTdkMi1mZGVmLTQyNTItOWI3NS0xNTRhNTA4ZDI5NmIYzwsiGAgCEhRjZHMwMDQuZnI4Lmh3Y2RuLm5ldA==.0XnXe3a4HFwirW1rLolMbGwVEQDkDbyJ+K90Av7zxeY=
server
Apache/2.4.46 (IUS)
x-powered-by
PHP/7.0.32
x-hw
1671555916.cds154.fr8.hn,1671555916.cds004.fr8.c
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1487
pd
google-bidout-d.openx.net/w/1.0/ Frame 86F1
0
176 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 20 Dec 2022 17:05:16 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
analytics.js
www.google-analytics.com/ Frame 8C56
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/loadView.html?id=96864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdnres.willyweather.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 16:27:23 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2273
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 18:27:23 GMT
sprite-precis.png
cdnres.willyweather.com/bundles/willyweatherwebapp/images/widgets/ Frame 8C56
16 KB
16 KB
Image
General
Full URL
https://cdnres.willyweather.com/bundles/willyweatherwebapp/images/widgets/sprite-precis.png
Requested by
Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/cssView.1.39.03.html?id=96864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache/2.4.46 (IUS) /
Resource Hash
2d68e964474991f19656a6d03de9690d625af240e0647395b915464d25539d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdnres.willyweather.com/widget/cssView.1.39.03.html?id=96864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
x-sp-metadata
HS256.CNzyh50GEokBCiRkOTkwOTgzYy1lZWVmLTRlNDMtOTllZC0zNWJiYjYxYjY3MzkQ4KmGjOqg+wIaBgjM1oedBiIOMjE3LjExNC4yMTguMjco9v4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQxYTIxNTIzNC1lN2IxLTRhMjYtYjQ0NC1mNWVmMWI0ZWI0OTAYr3wiGAgCEhRjZHMxMzIuZnI4Lmh3Y2RuLm5ldA==.evJQN19/U+4HdqV/XZcAVPoUK8XLFPOhpHjXS5kuGng=
last-modified
Thu, 02 Jun 2022 08:42:11 GMT
server
Apache/2.4.46 (IUS)
etag
"1654159331"
x-hw
1671555916.cds154.fr8.hn,1671555916.cds132.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15919
sprite.png
cdnres.willyweather.com/bundles/willyweatherwebapp/images/widgets/ Frame 8C56
54 KB
54 KB
Image
General
Full URL
https://cdnres.willyweather.com/bundles/willyweatherwebapp/images/widgets/sprite.png
Requested by
Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/cssView.1.39.03.html?id=96864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache/2.4.46 (IUS) /
Resource Hash
dfdf0c64f9007815d3ead2b68031a4ffbc0c4bb3493424faf70fd1f75ec405db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdnres.willyweather.com/widget/cssView.1.39.03.html?id=96864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
x-sp-metadata
HS256.CNzyh50GEokBCiQzYWEwNDQyYy1iNGQ2LTRiNmQtYTdlMi0zMGQwNmZjYmIxNWYQ4KmGjOqg+wIaBgjM1oedBiIOMjE3LjExNC4yMTguMjco9v4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQzMDJmNDNjOC1jMTJkLTQ2YWEtYmJmYi04ZTMyN2FlNTA1MWYY6q4DIhgIAhIUY2RzMjMwLmZyOC5od2Nkbi5uZXQ=.t7jtIt7xRjqQ3dhK/12iCQARfOVQCe/YicK6CTcZ02A=
last-modified
Thu, 11 Aug 2022 00:11:21 GMT
server
Apache/2.4.46 (IUS)
etag
"1660176681"
x-hw
1671555916.cds154.fr8.hn,1671555916.cds230.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55146
ads
pubads.g.doubleclick.net/gampad/
5 KB
2 KB
Fetch
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/92056281,116205717/grahamleader-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https://www.grahamleader.com/&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2421375&us_privacy=false&cust_params=sessionKey=297866495-pSoA-k_qzv7vnvFt%26schain=stnvideo.com,krvviRkl4Pl2V3f12wEeVw%26content=4719%26placementType=Premium%26embed=6TRdLu0n%26domain=grahamleader.com%26player_size=medium%26player_width=578%26player_height=325%26player_type=float%26version=7.12.1%26player_status=LVFNMNIY%26play_code=2008%26view100=1%26excl_cat=stl_id00014%26rand=16%26us_privacy=false
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caac0164ff0faa04e45e3ff043b9501b9d315739b9a4341584cb7c9df48dc4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
949
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
600rss75p70s5p08n147qqo58884or01playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/
291 B
831 B
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/600rss75p70s5p08n147qqo58884or01playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a50992b56ef7d2da60a48380671567cde65e2d11599d8d665c4502b54f31165d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:17 GMT
via
1.1 11f2bbed05b5b40cdf20119c85254bce.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Wed, 14 Dec 2022 02:26:34 GMT
server
AmazonS3
etag
"d40ce59cc19551b226e9fae51718d0f8"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
-huGH7xl6F3FRyaH8sqemLft71o638uC1Vct_2EqD9loy-qcWfyRJQ==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=pSoA-k_qzv7vnvFt&instance=297866495&version=7.12.1&age=221220&cmd=IMA&key=6TRdLu0n&c_id=12154&seq=1&order=4&absoluteTime=3546.3&relativeTime=1191&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.549.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=pSoA-k_qzv7vnvFt&instance=297866495&version=7.12.1&age=221220&ldt=BIDS&key=6TRdLu0n&c_id=12154&seq=1&order=5&absoluteTime=3546.6&relativeTime=1191.3&sm_id=2421375&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4719&load=1&status=LVFNMNIY&ac_id=2008&prebid.cid=0&prebid.bidders.ix.time=138.9&prebid.bidders.spotx.time=190.3&prebid.bidders.pubmatic.time=186.5&prebid.bidders.appnexus.time=117.7&prebid.bidders.rubicon.time=135&prebid.bidders.triplelift.time=154.2&prebid.start=3060.7&prebid.time=196.1&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
q0o43o2n1np300r11os606950s44oq4nbase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/
1 KB
2 KB
TextTrack
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/q0o43o2n1np300r11os606950s44oq4nbase.en.vtt
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95fe4ff28318c7af9cb16eb9168bab3ece3eeae1f188595261dc86b58beae018

Request headers

Referer
https://www.grahamleader.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:17 GMT
via
1.1 11f2bbed05b5b40cdf20119c85254bce.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 02:27:43 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C2
etag
"764455d3132215500da1304d2f4f3daf"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
content-length
1535
x-amz-cf-id
QIxICJEu_l2onEtTtY3Uie8Px8PP--nOvEeQ8q7FgqSSbcgF2nBmsQ==
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.grahamleader.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.grahamleader.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=pSoA-k_qzv7vnvFt&instance=297866495&version=7.12.1&age=221220&cmd=INV&key=6TRdLu0n&c_id=12154&seq=1&order=6&absoluteTime=3714.8&relativeTime=1359.5&alt=0&sC_ID=4719&sm_id=2421375&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/
0
142 B
Ping
General
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=6TRdLu0n&ES_key=6TRdLu0n&ES_ID=31843&S_RKEY=zO1FXJrfK8&USR_ID=297866495&ST_usrKey=pSoA-k_qzv7vnvFt&SM_ID=2421375&C_ID=12154&C_companyName=Moser%20Media&version=70120010&sC_ID=4719&AC_ID=2008&TYPE=FLOAT&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&PLAYERWIDTH=578&PLAYERCODE=LVFNMN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 17:05:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Tue, 20 Dec 2022 17:02:54 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 39B8
156 B
144 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fgrahamleader-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D297866495-pSoA-k_qzv7vnvFt%26schain%3Dstnvideo.com%2CkrvviRkl4Pl2V3f12wEeVw%26content%3D4719%26placementType%3DPremium%26embed%3D6TRdLu0n%26domain%3Dgrahamleader.com%26player_size%3Dmedium%26player_width%3D578%26player_height%3D325%26player_type%3Dfloat%26version%3D7.12.1%26player_status%3DLVFNMNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D16%26us_privacy%3Dfalse&url=https%3A%2F%2Fwww.grahamleader.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.grahamleader.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&us_privacy=false&hl=en&cmsid=2460952&vconp=2&video_doc_id=2421375&vpa=auto&vpmute=1&cnc=116205717&kfa=0&tfcd=0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=823B3AAE-675D-4E75-891C-B46FBE462EBC&a3p=EhwKDWNyd2RjbnRybC5uZXQYir78g9MwSABSAghkEhkKCnB1YmNpZC5vcmcY9b78g9MwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIq-_IPTMEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkMGRHYlVFMFNIRlRkalpQU1dkQlZYTmljbXN2ZHowOUluMD0YjsP8g9MwSAASGQoKdWlkYXBpLmNvbRiKvvyD0zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMvB_IPTMEgAUgIIag..&nel=0&eid=44748969%2C44752657%2C44765701&top=https%3A%2F%2Fwww.grahamleader.com%2F&loc=https%3A%2F%2Fwww.grahamleader.com%2F&dlt=1671555914138&idt=1615&dt=1671555916757&cookie=ID%3Ded671e9d78687008%3AT%3D1671555915%3AS%3DALNI_MZJQDd26VkEZr-5PqfWdcBbzFY9SQ&gpic=UID%3D00000b95868d530f%3AT%3D1671555915%3ART%3D1671555915%3AS%3DALNI_MYWSqRN_fCuiV9Dq_98CJccMO9J1Q&correlator=3805139688666702&scor=2542428864601877&ged=ve4_td3_tt1_pd3_la3000_er975.0.1200.400_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
600rss75p70s5p08n147qqo58884or01.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/
539 B
1 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/600rss75p70s5p08n147qqo58884or01.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd69d2dbcb5cae02ecb65623eba66373afff15433c5cbf7ebb2d43af1f0a3ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:17 GMT
via
1.1 11f2bbed05b5b40cdf20119c85254bce.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
539
last-modified
Wed, 14 Dec 2022 02:26:45 GMT
server
AmazonS3
etag
"1d8d8bef80cd3df8e2b816caf12f48ce"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
h46Ugdndwg2vqmqR07GrUl60-AcHtOAuoBKHZQCWf4hw3A-rI8UWhw==
600rss75p70s5p08n147qqo58884or01-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/
475 KB
476 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/600rss75p70s5p08n147qqo58884or01-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
913ddc00c89a38485e217406a64128fd8207b9ef72a982a70e6910db8dd98fed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
via
1.1 11f2bbed05b5b40cdf20119c85254bce.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
486356
last-modified
Wed, 14 Dec 2022 02:26:44 GMT
server
AmazonS3
etag
"efa14add5127350ca69d0b8f0f0aa2d1"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
enfk2Q4HEKhF0wLNvSFgXhnCIZedVTzhjGl81_cLdSVcQo4jqHV2xw==
e033714b-47c0-43b0-aada-50786c08d9a0
https://www.grahamleader.com/
93 KB
0
Other
General
Full URL
blob:https://www.grahamleader.com/e033714b-47c0-43b0-aada-50786c08d9a0
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f665a277997ba00203271543c76f305855a83b7d06b4c0188434769008e9274

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
p
sb.scorecardresearch.com/ Frame B14E
43 B
263 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1671555916077&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=67230&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2421375&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1671555917726&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1649&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.grahamleader.com%2F&c8=&c9=https%3A%2F%2Fwww.grahamleader.com%2F
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:17 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
43
x-amz-cf-id
UfcS6Sue2i730Iz9NBdPSdYATLFg5ii6KfioM-R-ABAIeGMIifLLZg==
x-cache
Miss from cloudfront
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=pSoA-k_qzv7vnvFt&instance=297866495&version=7.12.1&age=221220&cmd=PLAY&key=6TRdLu0n&c_id=12154&seq=1&order=7&absoluteTime=4709.5&relativeTime=2354.2&alt=0&sC_ID=4719&sm_id=2421375&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:17 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/
0
142 B
Ping
General
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=6TRdLu0n&ES_key=6TRdLu0n&ES_ID=31843&S_RKEY=zO1FXJrfK8&USR_ID=297866495&ST_usrKey=pSoA-k_qzv7vnvFt&SM_ID=2421375&C_ID=12154&C_companyName=Moser%20Media&version=70120010&sC_ID=4719&AC_ID=2008&TYPE=FLOAT&EXTREF=https://www.grahamleader.com/&REF=https://www.grahamleader.com/&PLAYERWIDTH=578&PLAYERCODE=LVFNMN&OGSET=1&REFONLY=0&STRIPQUERY=1&pposition=float&floattype=s
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 17:05:17 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Tue, 20 Dec 2022 17:05:18 GMT
600rss75p70s5p08n147qqo58884or01.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/
541 B
1 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/600rss75p70s5p08n147qqo58884or01.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5acc99cb412b48a286bb8b2813722b922a549b502978c9da5764161d706e6722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
via
1.1 11f2bbed05b5b40cdf20119c85254bce.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
541
last-modified
Wed, 14 Dec 2022 02:26:49 GMT
server
AmazonS3
etag
"278ff312b0da7305e6422cc5afd65912"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
tOq8V0_fNWm1LmIGZUU71G1q1QgGSvWCJjDm2152jgN5-PN-tA6J-g==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/
210 KB
65 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
content-encoding
gzip
last-modified
Mon, 28 Nov 2022 20:34:20 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117804
accept-ranges
bytes
content-length
65523
expires
Thu, 22 Dec 2022 01:48:42 GMT
arrows.png
www.grahamleader.com/sites/all/themes/cni/images/
3 KB
4 KB
Image
General
Full URL
https://www.grahamleader.com/sites/all/themes/cni/images/arrows.png
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
23adf4ca6a754efc3444567a81aa0154b3925795dace26be251ee01058befa88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:17 GMT
Last-Modified
Thu, 14 Sep 2017 17:04:38 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"59bab6a6-db2"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3506
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
trends.revcontent.com/api/demand/
52 B
400 B
Fetch
General
Full URL
https://trends.revcontent.com/api/demand/?w=140369
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-RC-Region
eu-west-1c
Date
Tue, 20 Dec 2022 17:05:18 GMT
Strict-Transport-Security
max-age=931536000; includeSubDomains
Server
openresty
Content-Type
text/html; charset=UTF-8
access-control-allow-origin
https://www.grahamleader.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
52
sync
trends.revcontent.com/
0
0

sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55c637789112daedc68027d87f33cc9959284b9989218d188814e75f31a082a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11117
x-xss-protection
0
tcx-ping.php
japfg-trending-content.appspot.com/
204 B
146 B
Script
General
Full URL
https://japfg-trending-content.appspot.com/tcx-ping.php?s=10239&t=Graham%20Leader&h=www.grahamleader.com&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
05df3743847ca8584db6100da5894f3b2b435295fe6f446dd2eccaef36556485

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 17:05:18 GMT
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

X-RC-Region
eu-west-1c
access-control-allow-origin
*
Date
Tue, 20 Dec 2022 17:05:18 GMT
Server
openresty
Connection
keep-alive
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.grahamleader.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 20 Dec 2022 17:05:18 GMT
Server
openresty
X-RC-Region
eu-west-1c
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
/
trends.revcontent.com/api/delivery/
28 KB
11 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=140369&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.grahamleader.com%2F&icr_url=&va=0&user_uuid=undefined&time=1671555918386&up=pc&bn=chrome&bv=108&widget_width=578&style_id=0&idhub[pubcid]=83ba590d-8bf7-4171-916d-5cf5825e0e5d&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
41cbd628590cc44d5d8ff8e18c390dcc24773d1381cc0fe7edb6a589da192b52
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-RC-Region
eu-west-1c
Date
Tue, 20 Dec 2022 17:05:18 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=931536000; includeSubDomains
Server
openresty
vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
access-control-allow-origin
https://www.grahamleader.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
11300
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB5F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 16:41:08 GMT
expires
Wed, 20 Dec 2023 16:41:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F3BC
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d57fe7d65da1f448fe8db69ef2f2c95b5303a6c451d94f916cf5f5b497ed20b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K1lcMRgL9G8fIXBeZRwE7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-K1lcMRgL9G8fIXBeZRwE7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 17:05:18 GMT
expires
Tue, 20 Dec 2022 17:05:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame CB5F
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 19:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 19:29:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F3BC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=1846849647414964&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region
eu-west-1c
Date
Tue, 20 Dec 2022 17:05:18 GMT
Strict-Transport-Security
max-age=931536000; includeSubDomains
Server
openresty
access-control-allow-origin
https://www.grahamleader.com
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
Content-Type
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/
23 KB
7 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
835e347cd1bf6ccfdbcf9fd51249ddc375bee11dcc3d1e175d24de2479cb9867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
content-encoding
gzip
x-sp-metadata
HS256.CN7yh50GEokBCiRhMjM5ZDViOS00ZmU3LTRkYjEtOWRiMC1iYTM2ZTJhOTRmNTQQwLnuqZCq+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcosP4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQ3OWVhODBiMy1hNGFhLTRjNTktOThkNy1jMDgzNjM5OWY2YWUY+zYiGAgCEhRjZHMxNTQuZnI4Lmh3Y2RuLm5ldA==.2gXl1QUB63ywTA9+S7Ld11GmFG1CheKUrlM+Ifn4iio=
last-modified
Fri, 16 Dec 2022 17:47:06 GMT
server
AmazonS3
x-amz-request-id
PTW2HE2G5EBA098T
etag
"e809cab7155c5e2274f446babe344a3f"
x-hw
1671555918.cds158.fr8.hn,1671555918.cds154.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
7035
x-amz-id-2
YYmPD9qoMSQaT7PekX6IHmaXR6N/fDvCMs5DSs5IVUVM8oiP7hGObfF62XHRzla++RFJ58cqF6c=
defaultWidget.delivery.js
assets.revcontent.com/master/
17 KB
7 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
11c65b35a88ab5c8ccac646f4b11bce743d60ed02e8ca67f07240627f62bd8c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
content-encoding
gzip
x-sp-metadata
HS256.CN7yh50GEokBCiQxYTc5NDRiMi0yZjcxLTRhMTYtYTFkNi1hNGRiYWUxYzNmOTkQwLnuqZCq+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcosP4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQ2YTgxZDQ0YS01YTg3LTRiZTYtOGMyZi1mMmVjNDg1ZTA1MDcYwDAiGAgCEhRjZHMyODAuZnI4Lmh3Y2RuLm5ldA==.wT5HbvrPcsDbdJxd6OiOwv3oiYzVly2WU3iuHhZ0AtA=
last-modified
Fri, 16 Dec 2022 17:47:04 GMT
server
AmazonS3
x-amz-request-id
PTWEX8YV3PHT5C70
etag
"44f4304e496f72d7ad2f76a9269f845c"
x-hw
1671555918.cds158.fr8.hn,1671555918.cds280.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
6208
x-amz-id-2
91FcGcuasoqXh7NIBVUq0vVDX5EIMKcJtNY0lV2+8p/qjU7GrLw9Ma9AxTZGjcnZGbj7CsnWEMA=
commonModal.delivery.js
assets.revcontent.com/master/
3 KB
2 KB
Script
General
Full URL
https://assets.revcontent.com/master/commonModal.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
521cc807c765916486d3c1258f5552a182cc1b5f572ba9a83c818fddccee9675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
content-encoding
gzip
x-sp-metadata
HS256.CN7yh50GEokBCiQxMDEyOWY5MS1kY2JiLTRiMzEtYjhkMy1kOTVjMzU4OTgzZjUQwLnuqZCq+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcosP4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiRkOTc4YTA4NC0yNmVmLTQ1N2YtYTgwMC03OGMwOThkYmQ1ZmUY/gwiGAgCEhRjZHMwMDIuZnI4Lmh3Y2RuLm5ldA==.GS8G0g0CR3IFyz9oCW7kurVqWm5ZD1FUM2v6SNfl3wA=
last-modified
Fri, 16 Dec 2022 17:47:04 GMT
server
AmazonS3
x-amz-request-id
PTW75XD9GEMTEPJX
etag
"4bd0e667cb75952eacaaafc57c64ebee"
x-hw
1671555918.cds158.fr8.hn,1671555918.cds002.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
1662
x-amz-id-2
9x+4dbR9k4Vb9pPrueFEkOEhxgOgOCNV95777KJfoGV7aUOyfuy+tp+hBpzabNzK3MpOWx5du1g=
score.min.js
js.ad-score.com/
410 KB
131 KB
Script
General
Full URL
https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ba00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac1b5891b39bfd1e02a15c3abb623b1166dda5b857c160ceb46a3b33804f87a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 16:10:43 GMT
Content-Encoding
br
Via
1.1 eea0826c9064fc2d08f21b43b4a26010.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
ZAG50-C1
Age
3275
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 20 Dec 2022 16:10:43 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
CRwLgWB0p3W6hY6XaBi3oQVFIOpj6w3OIyh229y-e6hIe8oYbrxkQQ==
Expires
Wed, 21 Dec 2022 16:10:43 GMT
/
img.revcontent.com/
1 KB
2 KB
Image
General
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
x-sp-metadata
HS256.CN7yh50GEokBCiQxN2M0ODE1MC00OTVjLTQ0NjctOWFlNC01NDg4Y2EwOTkxMzMQoL/IhabZ+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcohIkDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiRkY2FiNDVjOC0zODg5LTQxNTEtODllNi0xYTc2N2YzODg1OWYYxwoiGAgCEhRjZHMyNjAuZnI4Lmh3Y2RuLm5ldA==.jn96wiLZwoAqVqw78H3/DT7qA8MIxoHxA6r71wCqz24=
last-modified
Thu, 02 Jun 2022 15:22:42 GMT
etag
"1654183362"
x-hw
1671555918.cds259.fr8.hn,1671555918.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1351
rc-logo.png
cdn.revcontent.com/assets/img/
2 KB
2 KB
Image
General
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
x-sp-metadata
HS256.CN7yh50GEokBCiQxOGM1YjVmMC1jNDllLTRhOTctYTVlMi0yMjU1MzMyMDBhOTYQyLfx1Yuh+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcoxokDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiRiOGQxZTMyZi05YWRjLTQxZWUtYWU1NS05ODg5Y2NiZGYyNjEYqxAiGAgCEhRjZHMwNTcuZnI4Lmh3Y2RuLm5ldA==.rSjtCGl+LwoWVzuY0K8HlGjPIBkpBq4MIZMtRWfTcr8=
last-modified
Fri, 16 Dec 2022 16:17:55 GMT
etag
"1671207475"
x-hw
1671555918.cds257.fr8.hn,1671555918.cds057.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=29240
accept-ranges
bytes
content-length
2091
generate_204
tpc.googlesyndication.com/ Frame CB5F
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?365E6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
63877d26b55a49-33088013.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
6 KB
7 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/63877d26b55a49-33088013.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
3a3be08a78b019b0ee92257ea3233a08c453ba41cad584d8c07df641c7fe772b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=18;cpu=0;start=2022-12-01T10:24:56.169Z;desc=hit,rtt;dur=0
content-length
6579
x-request-id
b6b27b0583b5b9c2fcebe9366b7f5c90
x-sp-metadata
HS256.CN7yh50GEokBCiRjMDVjMWE3ZC1mNjJkLTQxMmYtYTdkOC1iNzdkMzU3Y2JlM2YQmMGs1q3Z+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcohooDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiRiYWUxZmI5MS03MmQ4LTQ5NDUtODM3YS05OTZhNzg3MDEyZjMYszMiGAgCEhRjZHMyNTguZnI4Lmh3Y2RuLm5ldA==.z/kBDiZk/IwnvwANnRFFi9++67Z7BqcYvT+K3Vmwdg4=
last-modified
Wed, 30 Nov 2022 15:57:50 GMT
server
Cloudinary
etag
"109c7179cc875988476e90bbd507c491"
x-hw
1671555918.cds154.fr8.hn,1671555918.cds258.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
639cbfc2d23dc7-91986898.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
12 KB
13 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/639cbfc2d23dc7-91986898.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
a2a0282057083a2f8d7910150e82927ec2b212a7de17f144ee7b5378c8ed5a45
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=397;cpu=2;start=2022-12-17T09:33:52.642Z;desc=miss,rtt;dur=0,cloudinary;dur=302;start=2022-12-17T09:33:52.691Z,cld-id;desc=dbb124c70177d08f1e146a63953c4207
content-length
12380
x-request-id
dbb124c70177d08f1e146a63953c4207
x-sp-metadata
HS256.CN7yh50GEokBCiQ1OGI2N2QyOS04ZjZmLTRiN2YtYjQ4NS1jZTA0MmU5MDgyZDUQmMGs1q3Z+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcohooDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQ3ZWFmYWJhNS03YjRkLTQ0MzYtYTJlNC03OWE3NjhlZjc3ZDcY3GAiGAgCEhRjZHMxNDguZnI4Lmh3Y2RuLm5ldA==.wo413TiqgYgApNvH/avk0YxekoQ63Z58TseEE5MblDI=
last-modified
Fri, 16 Dec 2022 18:59:01 GMT
server
Cloudinary
etag
"3e3c2d03cf8b0732eae58d54aeaaec99"
x-hw
1671555918.cds154.fr8.hn,1671555918.cds148.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
6398bd01afe858-77144072.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
15 KB
15 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6398bd01afe858-77144072.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
b7f138ce4a2e525d7bfbb6c5bbdc6b61e9543fd3e16b80ec72d9fde25073a76f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=3;cpu=0;start=2022-12-16T00:21:40.441Z;desc=hit,rtt;dur=0
content-length
14861
x-request-id
1b8f68bfc1a442fc0c7a7f51ef16e6a3
x-sp-metadata
HS256.CN7yh50GEokBCiRjOTZiNWI1ZC01ZWIzLTRlZTUtYmNjNS1hNTI2YjQ1M2UxOTkQmMGs1q3Z+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcohooDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiRlYjI3YzJjOS1jZjY4LTQ4NzEtYTg3Mi05YTA0ODdjMmM1ZGMYjXQiGAgCEhRjZHMxNTcuZnI4Lmh3Y2RuLm5ldA==.+u9OqD23Hvvhdcb9yPnENS4CW4Puf0zu9m6cdBv5OGQ=
last-modified
Tue, 13 Dec 2022 17:59:31 GMT
server
Cloudinary
etag
"9e4658a5444127f009b431307c57db21"
x-hw
1671555918.cds154.fr8.hn,1671555918.cds157.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
63a02a5b4d7b37-50541131.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
9 KB
9 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/63a02a5b4d7b37-50541131.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
c5bfdf0bb09c63cbf841745bcab75cb9c2eb59e6b04451b64a35eba16f0bbde1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=2;cpu=1;start=2022-12-19T15:17:00.600Z;desc=hit,rtt;dur=0
content-length
9092
x-request-id
3492337414965ebfaeacd78ebca69a78
x-sp-metadata
HS256.CN7yh50GEokBCiQ2MjMzNDdjMC0wMDNhLTRjZjUtYWQ4Yy04NmZmMGFjMTE4NGIQmMGs1q3Z+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcohooDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQ0ZTI1YjE0Ny03MGI5LTQ5NjgtOTA1Mi1mZjFkOWJiM2I3ZmIYhEciGAgCEhRjZHMxMDcuZnI4Lmh3Y2RuLm5ldA==.Jh98dduPIQLRjNb7H4DqAR1iC/k0dXBULL31yX/skcY=
last-modified
Mon, 19 Dec 2022 09:25:17 GMT
server
Cloudinary
etag
"0fc5c181a76e41561d18f796a7f7e96b"
x-hw
1671555918.cds154.fr8.hn,1671555918.cds107.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
56ec5cc3cbad85b65b66ae45bb17d1f9.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
7 KB
8 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/56ec5cc3cbad85b65b66ae45bb17d1f9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
f3a1c763bf07564c50b3737563ce43222419997853c7f8ca55dc0fb4ca03e28a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=283;cpu=0;start=2022-06-06T16:01:44.154Z;desc=miss,rtt;dur=0,cloudinary;dur=182;start=2022-06-06T16:01:44.197Z,cld-id;desc=4606095ae158bc2a2dffca29d1492059
content-length
7210
x-request-id
4606095ae158bc2a2dffca29d1492059
x-sp-metadata
HS256.CN7yh50GEokBCiQyZTc5MWM1Yi02MDMyLTQyMDktOGJjYS1hOTQ4NGQzODU0YTYQmMGs1q3Z+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcohooDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQxMTNhZjBlMi03ZDY2LTQ4YzEtOTM2OS0zOWNlZGViYTNjYTQYqjgiGAgCEhRjZHMwMDUuZnI4Lmh3Y2RuLm5ldA==.1ReV0lmH7+MQvy1+89z8IfHFVQmeYyO3S1114/vD0UY=
last-modified
Mon, 06 Jun 2022 16:00:23 GMT
server
Cloudinary
etag
"2e950f4c16c3f8303e1efab31ac78aac"
x-hw
1671555918.cds154.fr8.hn,1671555918.cds005.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
62d00bcaf1dc13-30236297.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
8 KB
9 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/62d00bcaf1dc13-30236297.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
6b11ff90bc785c7b57ba4cf4c76253687209aa3679a3afa0332be2cbea95d461
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:18 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;start=2022-11-03T21:50:41.151Z;desc=hit,rtt;dur=0
content-length
8697
x-sp-metadata
HS256.CN7yh50GEokBCiRjMGZkNzZkNi1lZjExLTQyNmMtYmY5MC1jZmQ0ZDJiYTJjMDAQmMGs1q3Z+wIaBgjO1oedBiIOMjE3LjExNC4yMTguMjcohooDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiRmZWI0YjQ1Yy00NDRmLTQ4NzgtYmQ2Ni0yMDY0NWJlOGE2ODYY+UMiGAgCEhRjZHMyMzUuZnI4Lmh3Y2RuLm5ldA==.4O8i69fyqx7Kvv2loAKjzOsr+eXFZkcWo1Bl6y2pQnM=
last-modified
Thu, 14 Jul 2022 21:45:24 GMT
server
Cloudinary
etag
"e2d5684e989f07cc753dbcdbf1c49118"
x-hw
1671555918.cds154.fr8.hn,1671555918.cds235.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cors
data.ad-score.com/data/
50 B
723 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=BmSGyVWiMdFeEcYLDgvuXnDzqhkCwTpW-FE7fPshldVrlKD4Y03rNEUvF-E0zGPchiaVTmNQ==&pm_ct=7e5bb355003fd0cd60188170&pm_pl=1671555918947&pm_td=9&pid=1000177&en=1.1&callback=__pm_glbl_uKttlCeYdDDb64YFZGZxkRqW._gc1&tt=opt&v=2c7c6bb
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
c557385648ce026ba1b834da2bd0d6a5f1b0b2ed301dba519944c7fc9fcd0962

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 17:05:19 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.grahamleader.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
50
x.html
js.ad-score.com/ Frame 32DE
14 KB
6 KB
Document
General
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ba00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
28210246ee119c6fe0b48e36744fa215b63f1ca0a0d00e33867bb77a9a7c8b5c

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3275
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Dec 2022 16:10:43 GMT
Last-Modified
Tue, 20 Dec 2022 15:44:06 GMT
Transfer-Encoding
chunked
Via
1.1 eea0826c9064fc2d08f21b43b4a26010.cloudfront.net (CloudFront)
X-Amz-Cf-Id
bpUVBdSPhjZntTJlMKZttOtyzkib_FR_hEte0px6w2XsF4t4KIC2-Q==
X-Amz-Cf-Pop
ZAG50-C1
X-Cache
Hit from cloudfront
0bf00bff-6368-46ac-861e-71655b6d6d6d
https://www.grahamleader.com/
288 B
0
Other
General
Full URL
blob:https://www.grahamleader.com/0bf00bff-6368-46ac-861e-71655b6d6d6d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
x.html
js.ad-score.com/ Frame 32DE
0
564 B
XHR
General
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ba00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.ad-score.com/x.html?pid=1000177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 16:10:43 GMT
Content-Encoding
gzip
Via
1.1 eea0826c9064fc2d08f21b43b4a26010.cloudfront.net (CloudFront)
Last-Modified
Tue, 20 Dec 2022 15:44:06 GMT
X-Amz-Cf-Pop
ZAG50-C1
Age
3276
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
A5-70ZxW7FiKhYBrgcgIIJ05ySnqZEwsdCmJJYi3D9oP6bhJuZD-9g==
page-view
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.grahamleader.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 20 Dec 2022 17:05:19 GMT
Server
openresty
X-RC-Region
eu-west-1c
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
widget-loaded
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.grahamleader.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 20 Dec 2022 17:05:19 GMT
Server
openresty
X-RC-Region
eu-west-1c
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
page-view
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

X-RC-Region
eu-west-1c
access-control-allow-origin
*
Date
Tue, 20 Dec 2022 17:05:19 GMT
Server
openresty
Connection
keep-alive
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

X-RC-Region
eu-west-1c
access-control-allow-origin
*
Date
Tue, 20 Dec 2022 17:05:19 GMT
Server
openresty
Connection
keep-alive
vary
Origin
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=1846849647414964&bg=!DQ6lDkrNAAYgquz3AKo7ACkAdvg8WluvoTCCTxY6X5ByXH7GXVEYN7ADXcUkS0t6eDCF2wiExrkg3AIAAACDUgAAAARoAQeZAsW5WRF2l_kB3TODBxsRFbOvIfHbR_CeDoYvzMgZNfm-OyQf6Zk-ZLFHAUynF-sxkqCcenaxUF1ogwv2Ug0j8oRSrpPsWa-DqBiMAJbOtVKl10NbZaa90N5TS4Ki8enoPQE6BY7VZZkirhg42luo8pmkxoAAFSVafDI3pFse_282INAS--fGip1ICygV6UQCKdfBbXTPeqW2JjSqYy06mTZ9WNf4WolJPHCOmHIeaN3O840JJ7jMccrVzpSNV2dqjqJUfWSLx6SL5WxHqIVsEiwfdclaN8_b11DnNOsXCqfAyEtxJdorLk3X6WzxCI55vKjFgmo9VCnzYwpJd97gOsQCDrUZRHyBVLY1Bz3iZVwkynZFbig-vOiB7ysCjhA1H23Eqwj0n5DQcZ911Rtjc5Ko4TcvHxL7hWBAMfEHAVCWDYgEfP4GD28oLNcz3EvvvD0KwDRqDKb0LH_ii31Y9TFVd-51xULQ-MXq2Zpe3En6e6MS-I7fBTPVXSkJMvs5wAj9QXykLgC1UZVmSAT1IMUdmPhCLYWmxExL4fvO3JU_EZN_CUNgmUlbZTZIuayxcx0joZNWETO1qWS_rKqz53hFjhwR1F9kM6GJTbX5K-ROim03t4CBtMIBnoKlP7t_jPNF0YxF30XK2x-eC304Pg9OYL48TW2EyNK50Pn3q6D11QM6hbHbMsW2s4QObZuu6e30XVlD92twL26-USYtu4NkIg6hwmtUx0sN3W8ZrkBSZ37ETt9Htch9jOiApwkRB-NQQCfO1zk51bCAAKzAa6oxpjSK5jHrruE4EFkHtVAN6JzxEDOCXrUEw316FuOW2afKy1kAK-OJF2iryuiZEFTG8TAn5-Kn-dN-ZQf-xh4KMR1JTr1vPtsyVP_rNXbp6ur0zPvac8b8bU8UY4JHiLgcSxMbU-O7Rb4tXiB_vPmhdeuFlo-x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

usync.html
eus.rubiconproject.com/ Frame 97BD
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/prebid7.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Dec 2022 17:05:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 97BD
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2040f33b181330e0ae272e71a038179e508b7d7751b50c6b2f6591c5f905c14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 13:29:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73484
Connection
keep-alive
Content-Length
10067
Expires
Wed, 21 Dec 2022 13:30:03 GMT
khaos.jpg
token.rubiconproject.com/ Frame 97BD
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cors
data.ad-score.com/data/
1 B
276 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=BmSGyVWiMdFeEcYLDgvuXnDzqhkCwTpW-FE7fPshldVrlKD4Y03rNEUvF-E0zGPchiaVTmNQ==&pm_ct=7e5bb355003fd0cd60188170&pm_pl=1671555918947&pm_td=582&pid=1000177&en=1.1&callback=__pm_glbl_uKttlCeYdDDb64YFZGZxkRqW._gc2&tt=opt&v=2c7c6bb
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.grahamleader.com
Date
Tue, 20 Dec 2022 17:05:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.grahamleader.com%2F&domain=www.grahamleader.com&bundle=qgVocV8lMkYzeXNSY3ZPa0FXQ0ZhZFlPVWZHODZDdzdCRFZwUUtGQllsQjNvVW1yanhXQzd3RnVzeWY1Z2ZvZ2dtJTJCMEFTWU96RGhGZUFWamduMGR1VkM2UnBFWUNNZyUyRkxGY2tZWFV1NkthUGo0SUpOcjVZbllNdWFmckQlMkJFQXM0bk9oempGQmFJUHlOamR0eGlicnJjMWZpJTJCMFR6ckJOMHJzeWJHUUZiZWpnVDRPRmVrJTNE&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.grahamleader.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Dec 2022 17:05:20 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
459401
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
49 B
254 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.grahamleader.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.grahamleader.com%2F&domain=www.grahamleader.com&bundle=qgVocV8lMkYzeXNSY3ZPa0FXQ0ZhZFlPVWZHODZDdzdCRFZwUUtGQllsQjNvVW1yanhXQzd...
  • https://mug.criteo.com/sid?cpp=YpP8iXwyU1NoUkE4bk8wTDRHN0tqMVphVzJKdVdwVHMzcVJEY2tRZjE1ZVJaNWI3RW9hUm9ROG1jTHdVamMyNk8yZTJJVHd4ZTNiejBZekN0WU5ING83MzZGd3NPcWlaWUJRaitGWWlTeFQzWmh0a2t6UFFNYVhybTFoQ0...
495 B
741 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=YpP8iXwyU1NoUkE4bk8wTDRHN0tqMVphVzJKdVdwVHMzcVJEY2tRZjE1ZVJaNWI3RW9hUm9ROG1jTHdVamMyNk8yZTJJVHd4ZTNiejBZekN0WU5ING83MzZGd3NPcWlaWUJRaitGWWlTeFQzWmh0a2t6UFFNYVhybTFoQ0RaMVh3M2Qwc3VxcERnTERCTEFSZFMwSDY5eUloMFVoMjdJNFpCSG5VZ2R2b2J6R1pSeVlob1VFRURZZmx2alVWZmNTSzNXdnhrOG0xYlJUejFQb3hqaUtuQ2hsb2JmdFJIZy85RlQ1WHhQREFidUxOR0crWlRJQy9ETDg2OVlKVjR4UmYvdzFjTFNaUUE2OWt5VEU0MHdxUlprbTNXUzEvV2RhUkJXOVVsWUs4bzhZZjBiTW1JcWpVbG1wY2pULzhhbDJZT3Fac3w&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
102a95c2ca58eb11e467a980d5536452e9e91280707c5dd8c7e91909f271603d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2817429
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=YpP8iXwyU1NoUkE4bk8wTDRHN0tqMVphVzJKdVdwVHMzcVJEY2tRZjE1ZVJaNWI3RW9hUm9ROG1jTHdVamMyNk8yZTJJVHd4ZTNiejBZekN0WU5ING83MzZGd3NPcWlaWUJRaitGWWlTeFQzWmh0a2t6UFFNYVhybTFoQ0RaMVh3M2Qwc3VxcERnTERCTEFSZFMwSDY5eUloMFVoMjdJNFpCSG5VZ2R2b2J6R1pSeVlob1VFRURZZmx2alVWZmNTSzNXdnhrOG0xYlJUejFQb3hqaUtuQ2hsb2JmdFJIZy85RlQ1WHhQREFidUxOR0crWlRJQy9ETDg2OVlKVjR4UmYvdzFjTFNaUUE2OWt5VEU0MHdxUlprbTNXUzEvV2RhUkJXOVVsWUs4bzhZZjBiTW1JcWpVbG1wY2pULzhhbDJZT3Fac3w&cppv=2
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
725308
content-length
0
expires
0
1285.json
id5-sync.com/g/v2/
216 B
630 B
XHR
General
Full URL
https://id5-sync.com/g/v2/1285.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
50d83c1957cd3ab7130cee69d80f7e23502dcfbf7e72b79f855043eee50c8e65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grahamleader.com
date
Tue, 20 Dec 2022 17:05:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
0
0

id
id.crwdcntrl.net/
43 B
321 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache
x-server
10.45.7.227
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/
63 B
393 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
95a343259e361e4ab7ee332ea9f4866b88057c1bd4050777d4fb488cf7ff3777

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grahamleader.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 19 Jan 2023 17:05:20 GMT
liveView.php
live.primis.tech/live/
46 KB
17 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
ce7c0411f5e7492f9bf673924fc647af42544f785e3bcdfc7ca1ce210160bca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
no-store
config.js
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/
110 KB
25 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXL3J67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c191cc727b0c9347b26c30df79e60db3375be6b72f0bd2029bf8099c7876a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 15:36:17 GMT
server
cloudflare
x-amz-request-id
YEQXDZCVEPF7EYTG
age
95
etag
W/"4f7e7ce7db7d39d34b48eb147d0d9331"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77c9f6561e589273-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
I0O+/UmvxyG7VfCONRzyU+iWfTOl5DFWLowREy3YoUD2fRxWuOpbPxOLslLjcG+zGUWAymGPozQ=
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=YpP8iXwyU1NoUkE4bk8wTDRHN0tqMVphVzJKdVdwVHMzcVJEY2tRZjE1ZVJaNWI3RW9hUm9ROG1jTHdVamMyNk8yZTJJVHd4ZTNiejBZekN0WU5ING83MzZGd3NPcWlaWUJRaitGWWlTeFQzWmh0a2t6UFFNYVhybTFoQ0RaMVh3M2Qwc3VxcERnTERCTEFSZFMwSDY5eUloMFVoMjdJNFpCSG5VZ2R2b2J6R1pSeVlob1VFRURZZmx2alVWZmNTSzNXdnhrOG0xYlJUejFQb3hqaUtuQ2hsb2JmdFJIZy85RlQ1WHhQREFidUxOR0crWlRJQy9ETDg2OVlKVjR4UmYvdzFjTFNaUUE2OWt5VEU0MHdxUlprbTNXUzEvV2RhUkJXOVVsWUs4bzhZZjBiTW1JcWpVbG1wY2pULzhhbDJZT3Fac3w&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Dec 2022 17:05:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
498172
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212121148/
210 KB
66 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 16:50:50 GMT
server
cloudflare
x-amz-request-id
79PRN948QHVRQ22A
age
684763
etag
W/"a295e934190c6de7fe47fed7fbac382f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77c9f656d9c2bbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
UoElqZ9r5EnIMcfDbeK21DiamGYKttzalAecoX/zJcbRyRQPod5CeHSuH49Dfe78YsFElLb1zic=
diberp-tcx-v7.13.0.js
www.americanhometownmedia.com/static/
328 KB
103 KB
Script
General
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 19:13:19 GMT
content-encoding
gzip
age
1633921
x-guploader-uploadid
ADPycds4WR4U65uu-VaBdJ9qL9L9xbnuoeevoFB9lzJp3xIGBPz4At_rSgrl7x2ddYnkT1Sy0O0z1_4oU00PuAPg6PqFVg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104504
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
server
UploadServer
etag
"f085c7609fb7c47fb72fd768d721373e"
vary
Accept-Encoding,Origin
x-goog-generation
1661782821233427
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
104504
accept-ranges
bytes
expires
Fri, 01 Dec 2023 19:13:19 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1426 / 377 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Dec 2022 17:05:20 GMT
liveView.php
live.primis.tech/live/ Frame 1760
5 KB
2 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1671555920&pubUrlAuto=https%3A%2F%2Fwww.grahamleader.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c8ff41200039ad415f6e2e26e187d8f4a83efc446143b1b7330e0521e794a2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:19 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
no-store
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 1760
19 KB
8 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1671555920&pubUrlAuto=https%3A%2F%2Fwww.grahamleader.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 20 Dec 2023 17:05:20 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 1760
9 KB
3 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1671555920&pubUrlAuto=https%3A%2F%2Fwww.grahamleader.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 20 Dec 2023 17:05:20 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 1760
8 KB
3 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1671555920&pubUrlAuto=https%3A%2F%2Fwww.grahamleader.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:19 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 20 Dec 2023 17:05:19 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 1760
258 KB
118 KB
Script
General
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1671555920&pubUrlAuto=https%3A%2F%2Fwww.grahamleader.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:19 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 12:48:35 GMT
server
nginx
etag
W/"623b1723-409bc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 20 Dec 2023 17:05:19 GMT
prebidVid.7.16.0_4.min.js
live.primis.tech/content/prebid/ Frame 1760
510 KB
261 KB
Script
General
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1671555920&pubUrlAuto=https%3A%2F%2Fwww.grahamleader.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 08:19:17 GMT
server
nginx
etag
W/"635f8505-7f9a4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 20 Dec 2023 17:05:19 GMT
liveVideo.php
live.primis.tech/live/ Frame 1760
548 KB
221 KB
Script
General
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32305F31397D7B7331363531303333357D7B4335377D7B53643364334C6D6479595768686257786C5957526C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.114.218.27&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a1eb507f196&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.189&geoLong=6.5231&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1671555920254&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1671555920&pubUrlAuto=https%3A%2F%2Fwww.grahamleader.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1194d191a23bdb0b0613448c98f844834357b13337cb734ceed30b1ac1feaf92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
primisslate.css
live.primis.tech/content/video/css/
18 KB
7 KB
Stylesheet
General
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32305F31397D7B7331363531303333357D7B4335377D7B53643364334C6D6479595768686257786C5957526C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.114.218.27&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a1eb507f196&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.189&geoLong=6.5231&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
etag
W/"620367f6-465a"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
apstag.js
c.amazon-adsystem.com/aax2/ Frame 1760
178 KB
45 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32305F31397D7B7331363531303333357D7B4335377D7B53643364334C6D6479595768686257786C5957526C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.114.218.27&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a1eb507f196&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.189&geoLong=6.5231&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:12:08 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 17:02:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3193
x-amz-server-side-encryption
AES256
etag
W/"9678e76b6e6295571547f8fe5df68b88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
RIMkZlKz7eGAyc5Tz-6RLna19iR9pSbIm9x0_ayoniBDHerLwCq0_Q==
css
fonts.googleapis.com/
1 KB
432 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32305F31397D7B7331363531303333357D7B4335377D7B53643364334C6D6479595768686257786C5957526C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.114.218.27&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a1eb507f196&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.189&geoLong=6.5231&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 15:28:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 17:05:20 GMT
liveView.php
live.primis.tech/live/ Frame 1760
26 KB
5 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNCUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2MwqwOGY2NmE2MTpjNTtkNTt1NTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnyF2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnxxmWXcboU5dY3uOnxUmTURVNE1UVTROVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx56RTBNREE0TURBp0NcQWqJQ0FcWyubq0ydo2qNVFxmTVRVNU9EWXyNQXA5LwRNV2kFnxEkVwqjNzR1ZXRFoV81MzJvnDV0N3cvU0g2QaU3VaVkUVRRqx0zqzyxX2NioaRyoaRsnWQ9MwIkMDp5MSZ2nWRsY29hqGVhqF9xZXNwPVBuoaRlrSgCpzVun2Zup3QeQ2Fmp2Vlo2kyJaZcZF9wo250ZW50X3RcqGkyPVBuoaRlrSgCpzVun2Zup3QeQ2Fmp2Vlo2kyJaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEkOTp1Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5apzFbYW1fZWFxZXIhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMkMmIlRDMlMmA1RwMkMmx3RDqCNmMmMTM2MmUmMTMjMmMmMmM1N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RDY0Nmx1OTU3Nwt2ODYlNTp3ODZDNTx1NmUlNxM2MmY5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTUkLwE4OSZaZW9Mo25aPTYhNTImMSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE4LwI3JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMDthMC41MmU5LwElNCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMmIyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0zY3N1qWyxPTYmYTFyYwUjN2YkOTYzY2J1p3Rypw0kNwpkNTU1OTIjODQ0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32305F31397D7B7331363531303333357D7B4335377D7B53643364334C6D6479595768686257786C5957526C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.114.218.27&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a1eb507f196&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.189&geoLong=6.5231&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
15962b0ca2b3713adfae63dadd6910cc873a09bde4771bc162141b6c4cc166e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.grahamleader.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
4693
liveView.php
live.primis.tech/live/
0
243 B
Image
General
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY3MTU1NTxlMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA3NTxlJaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5apzFbYW1fZWFxZXIhY29gJaN1YxyxPXq3ql5apzFbYW1fZWFxZXIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmEmMwJEMmImMDVGMmEmOTqEN0I3MmMkMmYmNTMkMmAmMmMmMmU3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZENwQ3OTU5NTp2ODY4NwI1Nmp4NxM1OTU3NTI2QmYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImMwM1N0Q3QwY2MmE3RDqCNEMmNmM4MmxmODqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0lMTphMTE0LwIkOC4lNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDthMC41MmU5LwElNCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwNuMWVvNTA3ZwE5NvZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwpkNTU1OTIjODI1JaVcZD1TZWgcozRiU1BfYXyypwYmYTFyYwUjOTFyNTMzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqlYWuuoWkyYWRypv5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-store
vid627c8f6716170581585530.jpg
video.primis.tech/uploads/cn4/video/users/converted/22235/video_5df2c67d5a683172725343/
16 KB
17 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn4/video/users/converted/22235/video_5df2c67d5a683172725343/vid627c8f6716170581585530.jpg?cbuster=1666108075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1f3a18a6c00447f9087a7ca15302029d29b45e09807e8cf0cc205614db571ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:52:43 GMT
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront), 1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, VIE50-C1
age
22357
x-cache
Hit from cloudfront
content-length
16440
last-modified
Thu, 12 May 2022 04:43:53 GMT
server
nginx
etag
"969caea99e916b180cff4e2af2e4eb55"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
9kSfQRMc-ou8N2XejrDaqVfac8f1769nSyFRqBGRTgob_XsyYtYkiA==
expires
Wed, 21 Dec 2022 10:52:43 GMT
liveView.php
live.primis.tech/live/ Frame 1760
84 KB
10 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNCUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2MwqwOGY2NmE2MTpjNTtkNTt1NTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnyF2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnxxmWXcboU5dY3uOnxUmTURVNE1UVTROVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx56RTBNREE0TURBp0NcQWqJQ0FcWyubq0ydo2qNVFxmTVRVNU9EWXyNQXA5LwRNV2kFnxEkVwqjNzR1ZXRFoV81MzJvnDV0N3cvU0g2QaU3VaVkUVRRqx0zqzyxX2NioaRyoaRsnWQ9MwIkMDp5MSZ2nWRsY29hqGVhqF9xZXNwPVBuoaRlrSgCpzVun2Zup3QeQ2Fmp2Vlo2kyJaZcZF9wo250ZW50X3RcqGkyPVBuoaRlrSgCpzVun2Zup3QeQ2Fmp2Vlo2kyJaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEkOTp1Jat9NTp4Jax9MmI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5apzFbYW1fZWFxZXIhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMkMmIlRDMlMmA1RwMkMmx3RDqCNmMmMTM2MmUmMTMjMmMmMmM1N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RDY0Nmx1OTU3Nwt2ODYlNTp3ODZDNTx1NmUlNxM2MmY5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTUkLwE4OSZaZW9Mo25aPTYhNTImMSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE4LwI3JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMDthMC41MmU5LwElNCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMmIyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0zY3N1qWyxPTYmYTFyYwUjN2YkOTYzY2J1p3Rypw0kNwpkNTU1OTIjODU0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32305F31397D7B7331363531303333357D7B4335377D7B53643364334C6D6479595768686257786C5957526C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.114.218.27&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a1eb507f196&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.189&geoLong=6.5231&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
2c18c1b74684e28b8ac0ae32947bff67ce1ffdeaae752a806ceadb9300a27dc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:20 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.grahamleader.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
10023
liveView.php
live.primis.tech/live/ Frame 1760
26 KB
5 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNCUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2MwqwOGY2NmE2MTpjNTtkNTt1NTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnyF2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnxxmWXcboU5dY3uOnxUmTURVNE1UVTROVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx56RTBNREE0TURBp0NcQWqJQ0FcWyubq0ydo2qNVFxmTVRVNU9EWXyNQXA5LwRNV2kFnxEkVwqjNzR1ZXRFoV81MzJvnDV0N3cvU0g2QaU3VaVkUVRRqx0zqzyxX2NioaRyoaRsnWQ9MwIkMDp5MSZ2nWRsY29hqGVhqF9xZXNwPVBuoaRlrSgCpzVun2Zup3QeQ2Fmp2Vlo2kyJaZcZF9wo250ZW50X3RcqGkyPVBuoaRlrSgCpzVun2Zup3QeQ2Fmp2Vlo2kyJaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEkOTp1Jat9NTp4Jax9MmI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5apzFbYW1fZWFxZXIhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMkMmIlRDMlMmA1RwMkMmx3RDqCNmMmMTM2MmUmMTMjMmMmMmM1N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RDY0Nmx1OTU3Nwt2ODYlNTp3ODZDNTx1NmUlNxM2MmY5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTUkLwE4OSZaZW9Mo25aPTYhNTImMSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE4LwI3JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMDthMC41MmU5LwElNCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMmIyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0zY3N1qWyxPTYmYTFyYwUjN2YkOTYzY2J1p3Rypw0kNwpkNTU1OTIjODU0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32305F31397D7B7331363531303333357D7B4335377D7B53643364334C6D6479595768686257786C5957526C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.114.218.27&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a1eb507f196&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.grahamleader.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.189&geoLong=6.5231&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
27d4b80a07ad402fb3ff450ecc72f36afa8fa001d773e08fe26bf56ec9fb0630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.grahamleader.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
4692
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grahamleader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:19:38 GMT
x-content-type-options
nosniff
age
467142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 07:19:38 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1760
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:16 GMT
x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
4
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PK3RJqedGyHiDljLtW6z_XyUfuOiD4PkoMOevzkMeNdfClSsZPkEDw==
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.grahamleader.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.grahamleader.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 20 Dec 2022 17:05:21 GMT
server
ATS/9.1.10.25
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 1760
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221220
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978230a62694198805bfdc23d0d28db658288950390703fca3f0e176b4e0a9ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 17:05:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3876
x-jsd-version
1.0.1561
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4546-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-pkWQvXA+B0WvtA2dpadSI/IDMlg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fneH9CivgmpdzOfdwBDkPyQfUSZlqC8u2B7lJQOgOg9zZZbmW71JQTLnPLLgIXzB68tJJhw%2FK5aUGUdJ6He6rgX211wvR3oOya8mQu7QTTt%2BmPSTegIjd1EaplWa7n9D640XoAEIW3TGPnOfO4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77c9f65a3da59968-FRA
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 1760
0
199 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grahamleader.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.grahamleader.com
date
Tue, 20 Dec 2022 17:05:21 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
translator
hbopenbid.pubmatic.com/ Frame 1760
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grahamleader.com
date
Tue, 20 Dec 2022 17:05:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 1760
67 B
612 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1671555920968&pKey=-40367213&_fw_gdpr_consent=undefined&_fw_gdpr=false&schain=1.0%2C1!americanhometownmedia.com%2C00032%2C1%2C7a17743e-3376-4bfb-a387-78cd4e1440f9%2C%2C!primis.tech%2C22235%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.grahamleader.com%2F&playerSize=578x325
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-50.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 17:05:21 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.grahamleader.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1671555921090081-334
Expires
Tue, 20 Dec 2022 17:05:21 GMT
vid627c8f6716170581585530.jpg
video.primis.tech/uploads/cn4/video/users/converted/22235/video_5df2c67d5a683172725343/
16 KB
17 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn4/video/users/converted/22235/video_5df2c67d5a683172725343/vid627c8f6716170581585530.jpg?cbuster=1666108075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1f3a18a6c00447f9087a7ca15302029d29b45e09807e8cf0cc205614db571ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:52:43 GMT
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront), 1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, VIE50-C1
age
22358
x-cache
Hit from cloudfront
content-length
16440
last-modified
Thu, 12 May 2022 04:43:53 GMT
server
nginx
etag
"969caea99e916b180cff4e2af2e4eb55"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
C5HLTglcTWVb0sPAkgQ-kZyNeVVX_j6Vod1kgGLbn_w422nYpbzLkQ==
expires
Wed, 21 Dec 2022 10:52:43 GMT
ccb-busad.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
8 KB
8 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/ccb-busad.png?itok=8AkABfi6
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
512eee29a2fd7e0bddd207a5fd4c1900a009a08c8f3a5b83c004c8f7299cb35f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:21 GMT
Last-Modified
Wed, 13 Apr 2022 14:24:00 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6256dd00-1eb3"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7859
Expires
Thu, 31 Dec 2037 23:55:55 GMT
throbber.gif
www.grahamleader.com/sites/all/themes/cni/images/
2 KB
2 KB
Image
General
Full URL
https://www.grahamleader.com/sites/all/themes/cni/images/throbber.gif
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/sites/grahamleader.com/files/css/css_V_qaDBtUDLDRSliw0u-nlDbSCEguwdZz7yXZ8ocuFsM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:21 GMT
Last-Modified
Thu, 14 Sep 2017 17:04:38 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"59bab6a6-739"
Content-Type
image/gif
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1849
Expires
Thu, 31 Dec 2037 23:55:55 GMT
windersauto-busad.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
7 KB
7 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/windersauto-busad.png?itok=H-BbuLq0
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0a5ae5dc3b794c6a33138334eb5cd43addd762bbdedcd309430272c92f19b6fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:21 GMT
Last-Modified
Fri, 11 Mar 2022 16:28:57 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"622b78c9-1afc"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6908
Expires
Thu, 31 Dec 2037 23:55:55 GMT
djpolaris-busad.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
9 KB
9 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/djpolaris-busad.png?itok=OSDQuEU5
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ade14c5de0a0b25efe5435ab9816cf8d87bee604dd50e9ddbd456b66d6cd074e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:21 GMT
Last-Modified
Fri, 11 Mar 2022 16:28:32 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"622b78b0-22d6"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8918
Expires
Thu, 31 Dec 2037 23:55:55 GMT
airsmart-busad2.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
9 KB
9 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/airsmart-busad2.png?itok=hrr1-zc0
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
562fae1d633ef308328aff9afd7017c509e413a77af15784d0374e7677e4af57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:21 GMT
Last-Modified
Fri, 11 Mar 2022 16:28:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"622b7897-22e3"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8931
Expires
Thu, 31 Dec 2037 23:55:55 GMT
image.png
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
4 KB
4 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/image.png?itok=lprnEO3C
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
66514a431926f8bfa1b7121208cd67001f8fd64d25cb9ef69e6db210a05962ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:21 GMT
Last-Modified
Fri, 02 Apr 2021 16:24:15 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6067452f-e33"
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3635
Expires
Thu, 31 Dec 2037 23:55:55 GMT
grmc.jpg
www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/
2 KB
3 KB
Image
General
Full URL
https://www.grahamleader.com/sites/grahamleader.com/files/styles/business_directory/public/business_directory/grmc.jpg?itok=_bI3sNBu
Requested by
Host: www.grahamleader.com
URL: https://www.grahamleader.com/sites/grahamleader.com/files/js/js_Sk-UAYgYnJ6Bjx_IwtL9Vufha7SZWgkeELoDZpWQ4Eg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.34.215.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1313e1fb60b40a4c9c483fb091ff9a8da60f1380d9afdae2c6b9197eabba2148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 17:05:22 GMT
Last-Modified
Fri, 18 Sep 2020 21:51:26 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f652bde-8e5"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2277
Expires
Thu, 31 Dec 2037 23:55:55 GMT
id
id.crwdcntrl.net/ Frame 1760
43 B
320 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.grahamleader.com
cache-control
no-cache
x-server
10.45.30.51
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 1760
63 B
393 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
924adf522db46bc005980733cff79aa8b6edf9713d330234a32bc262187f523c

Request headers

Referer
https://www.grahamleader.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 17:05:22 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grahamleader.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 19 Jan 2023 17:05:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B805
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.grahamleader.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=100776
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 20 Dec 2022 17:05:22 GMT
expires
Wed, 21 Dec 2022 21:04:58 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 1760
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=3590c071f19b1825b850ab9774a9817&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v1dfa_7179278018425725572&gdpr=0&gdpr_consent=undefined
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 17:05:22 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671555922595046-551
Expires
Tue, 20 Dec 2022 17:05:22 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B805
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44275212&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
658332e33e174b8d37490bcf8426bc172aab1f991725e938263047a47d1493db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
600rss75p70s5p08n147qqo58884or01-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/
1 MB
1 MB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/600rss75p70s5p08n147qqo58884or01-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.12.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-111.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3a64e6daf50a4cb98875ba3aa192f3d3bdf99234e95ca5d0dd73002c6192864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grahamleader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:23 GMT
via
1.1 11f2bbed05b5b40cdf20119c85254bce.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
1291184
last-modified
Wed, 14 Dec 2022 02:26:48 GMT
server
AmazonS3
etag
"4f0963ec080f5abf2f1419c474343cbc"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
vckv75SqvO5DL5lGFzBb1eT4ezTz5uTDSH8nbEJx53I92M0Wwmjx7g==
Pug
simage2.pubmatic.com/AdServer/ Frame 0C3B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:864263a1-eb53-4000-9556-4eeeae1aea65&gdpr=0&gdpr_consent=
42 B
402 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:864263a1-eb53-4000-9556-4eeeae1aea65&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 20 Dec 2022 17:05:23 GMT
Expires
Tue, 20 Dec 2022 17:05:22 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 254 34fcae8 master cdg-pixel-x13 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:864263a1-eb53-4000-9556-4eeeae1aea65&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame FEA9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
113 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 17:05:22 GMT
expires
Tue, 20 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1865810
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 0639
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2263923535633904067
42 B
195 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2263923535633904067
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2263923535633904067
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame 32A9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 20 Dec 2022 17:05:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
A1VRQD09CN5A3HDKX5Q4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Dec 2022 17:05:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ANABPN1CJE337Z9E3PV6
Pug
simage2.pubmatic.com/AdServer/ Frame 3635
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3312878613711376392&gdpr=0&gdpr_consent=
42 B
447 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3312878613711376392&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
9b653c27-9432-41fa-b637-dbc7c878aadf
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Dec 2022 17:05:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3312878613711376392&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame A80E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf
42 B
568 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 20 Dec 2022 17:05:22 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5BE7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179278018453895318&gdpr=0&gdpr_consent=
42 B
244 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179278018453895318&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 20 Dec 2022 17:05:22 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179278018453895318&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
image2.pubmatic.com/AdServer/ Frame EFDD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFQSjZVN0hROWNBQUItVHFMUzJFQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAPJ6U7HQ9cAAB-TqLS2EA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7549343533603586520&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAPJ6U7HQ9cAAB-TqLS2EA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7549343533603586520%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7549343533603586520&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAPJ6U7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAPJ6U7HQ9cAAB-TqLS2EA&gdpr=0&gdpr_consent=
42 B
278 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAPJ6U7HQ9cAAB-TqLS2EA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 20 Dec 2022 17:05:24 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAPJ6U7HQ9cAAB-TqLS2EA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D6A0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bzDed26TSZNLE1ZMYCu9c9ly2hs
42 B
377 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bzDed26TSZNLE1ZMYCu9c9ly2hs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Dec 2022 17:05:24 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bzDed26TSZNLE1ZMYCu9c9ly2hs
Pug
simage2.pubmatic.com/AdServer/ Frame 419E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6HrUgAFfQ-eHAAp&gdpr=0&gdpr_consent=&_test=Y6HrUgAFfQ-eHAAp
1 B
238 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6HrUgAFfQ-eHAAp&gdpr=0&gdpr_consent=&_test=Y6HrUgAFfQ-eHAAp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 20 Dec 2022 17:05:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6HrUgAFfQ-eHAAp&gdpr=0&gdpr_consent=&_test=Y6HrUgAFfQ-eHAAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220029-HHN
x-timer
S1671555923.886546,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame A9AA
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 17:05:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 20 Dec 2022 17:05:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 3B71
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
445 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77c9f666a81d910c-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77c9f6655d48910c-FRA
content-type
text/html
date
Tue, 20 Dec 2022 17:05:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
334
generic
match.adsrvr.org/track/cmf/ Frame B9BF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671555922804
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=233640809
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=233640809
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 20 Dec 2022 17:05:22 GMT
etag
RX843d8989989e4598b17fc8315da8ff77003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=233640809
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 7917
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 20 Dec 2022 17:05:22 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-21f2b38cfaeb@version_1.531
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame 821A
43 B
283 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 20 Dec 2022 17:05:22 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-3
pub
matching.truffle.bid/sync/ Frame 9582
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 20 Dec 2022 17:05:23 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d75ac233fe4e29fb/gdpr=0/ Frame BB6E
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d75ac233fe4e29fb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
264 B
Document
General
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d75ac233fe4e29fb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QTVgjXYYMnWnXRMh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.104.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-104-18.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Tue, 20 Dec 2022 17:05:23 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.26.27

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d75ac233fe4e29fb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QTVgjXYYMnWnXRMh
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B805
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2P95azv8S0G6xi_g17ewFQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:22 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=100776
accept-ranges
bytes
content-length
5554
expires
Wed, 21 Dec 2022 21:04:58 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B805
95 B
382 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:22 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77c9f66549949a41-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame B805
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.104.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-104-18.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.227
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame B805
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1634979679
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015
0
277 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:23 GMT
via
1.1 google
last-modified
Tue, 20 Dec 2022 17:05:23 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015
date
Tue, 20 Dec 2022 17:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame B805
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDhGRjc5NkItM0JGQy00QjQxLUJBQzYtMkZFMEQ3QjdCMDE1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B805
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELvXlqny3-grMM90Xuq-m1Q&google_cver=1
42 B
299 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELvXlqny3-grMM90Xuq-m1Q&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELvXlqny3-grMM90Xuq-m1Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B805
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 19 Dec 2022 17:05:22 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B805
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5710060861223055757
42 B
218 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5710060861223055757
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5710060861223055757
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame B805
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame B805
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=182b908e-6449-4321-b04c-80c37bfddd58&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1a943cd6-88b0-4310-93e7-7e22a3cd5906&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1a943cd6-88b0-4310-93e7-7e22a3cd5906&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 17:05:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1a943cd6-88b0-4310-93e7-7e22a3cd5906&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 20 Dec 2022 17:05:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B805
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:bab2:eed8:8214:ca90 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame B805
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-11w4nNRE2uXz1.67NVkcKzV8ZP_mFpA-~A&gdpr=0&gdpr_consent=
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-11w4nNRE2uXz1.67NVkcKzV8ZP_mFpA-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:05:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-11w4nNRE2uXz1.67NVkcKzV8ZP_mFpA-~A&gdpr=0&gdpr_consent=
date
Tue, 20 Dec 2022 17:05:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame B805
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 17:05:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B805
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B805
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2367f0bc-5abf-4cc8-89b4-a39f4fa24554&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2367f0bc-5abf-4cc8-89b4-a39f4fa24554&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2367f0bc-5abf-4cc8-89b4-a39f4fa24554&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 20 Dec 2022 17:05:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame B805
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2844603283690550710&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2844603283690550710&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 17:05:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2844603283690550710&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 20 Dec 2022 17:05:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame B805
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3312878613711376392
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3312878613711376392
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 17:05:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 20 Dec 2022 17:05:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bf9e2bf8-a39e-472d-9983-c73d060cf9ed
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3312878613711376392
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trends.revcontent.com
URL
https://trends.revcontent.com/sync
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13781

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontentvisibilityautostatechange undefined| $ function| jQuery object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| Drupal object| jQuery18301766031455388426 function| _simpelads_switch_form function| _simpelads_switch_block_settings function| _simpelads_load function| _simpelads_campaigns_switch_form string| GoogleAnalyticsObject function| ga string| basepath object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| dataLayer object| FB object| gaplugins object| gaData object| google_tag_manager function| postscribe object| google_tag_manager_external object| _snup function| ahmsll_release boolean| ahmsll number| ahmsllfail object| __buffer number| __mobxInstanceCount undefined| __mobxGlobals object| headertag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_306942 object| pbjs object| regeneratorRuntime object| ox_esp function| setImmediate function| clearImmediate function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 object| __uid2SecureSignalProvider object| __uid2 object| closure_lm_905549 object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget object| el_image object| el_url object| el_url_target object| el_flash object| el_text object| ad_rotation object| ad_rotation_delay object| el_impressions object| el_clicks object| el_days string| elem_id number| total_ads string| pagerLocation object| owpbjsChunk object| owpbjs object| PWT string| partnerName string| key function| dspCriteoRTUSCallback function| dspCMCallback object| GoogleGcLKhOms object| __pm_glbl object| __pm_glbl_uKttlCeYdDDb64YFZGZxkRqW object| __pm_ads_list string| AdScoreObject function| adScore object| google_image_requests string| ahm_tvx_placeId string| ahm_tcx_siteId string| ahm_tvx_templateId string| ahm_tvx_contentId number| cbuster string| puburl string| ahm_sChain string| ahm_sURL object| d string| s object| sParent boolean| ahm_tvx_oldLoaded number| ahm_spx object| sPlayer string| ahm_tdx_sURL object| sRotd string| myPropertyId object| clientSettings object| confiant function| initActiveTab object| activeTab object| ahm_config object| ahmpb object| pubgroup_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent685 object| ahmpbChunk object| freewheelssp_cache

56 Cookies

Domain/Path Name / Value
.www.grahamleader.com/ Name: _ga
Value: GA1.3.107924288.1671555915
.www.grahamleader.com/ Name: _gid
Value: GA1.3.380036729.1671555915
.www.grahamleader.com/ Name: _gat
Value: 1
.grahamleader.com/ Name: __gads
Value: ID=ed671e9d78687008:T=1671555915:S=ALNI_MZJQDd26VkEZr-5PqfWdcBbzFY9SQ
.grahamleader.com/ Name: __gpi
Value: UID=00000b95868d530f:T=1671555915:RT=1671555915:S=ALNI_MYWSqRN_fCuiV9Dq_98CJccMO9J1Q
.openx.net/ Name: i
Value: c0616603-81ea-4afe-8e22-0014b1bae4ff|1671555915
.grahamleader.com/ Name: lotame_domain_check
Value: grahamleader.com
.criteo.com/ Name: uid
Value: 7da8779c-d526-4bdf-b0e5-d0281e44e371
.doubleclick.net/ Name: IDE
Value: AHWqTUnE2i9gcQF_0Q9on7-jP4VML1OUU6o80-nN0Vr6444Qd3Knor4RRcZ_ue0Fq4s
www.grahamleader.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.grahamleader.com/ Name: _pubcid
Value: 83ba590d-8bf7-4171-916d-5cf5825e0e5d
js.ad-score.com/ Name: token
Value: GMxvOTHRiXEfO-lhlg-uhisPNlABcWwM
www.grahamleader.com/ Name: pmtimesig
Value: [[1671555918959,0]]
data.ad-score.com/ Name: token
Value: ZiTreZOGdvsQP-103j-uzvjjFivLKlwn
www.grahamleader.com/ Name: _lr_retry_request
Value: true
www.grahamleader.com/ Name: _lr_env_src_ats
Value: false
.grahamleader.com/ Name: cto_bundle
Value: CO11wl8lMkYzeXNSY3ZPa0FXQ0ZhZFlPVWZHOCUyQmVTQzBXJTJCbU1DMktkU1NEQ1pGSk9WUG5aeHNOZ1drcjFTMDMyb3Q1Rzk3eGFrZGN3bVlUUEVlSWdwJTJGbzVlRzZTZ3A2MUJaTDl1WG53JTJCRCUyQmpaSm1JNTNrenBQcVNlVDZCMkJHT1NaU2NhRkp3b1ZNRiUyQmR3aWx2VllTUmQlMkJ0RzdzcHFaenZlVlNxc2xNNzNnTVFMVSUyQnMlM0Q
.grahamleader.com/ Name: cto_bidid
Value: R6ADfF9rZjU4SFVLUGhzb09iQ3o4dk9YJTJCSEM2SmlzSXlSJTJCdHVvVTZtc3lSYmdEaXoyMGtOUnE1ZnNTQXM0JTJCRDR4OGZ6NXFOOTdwdDIxYU1BVnhSdiUyQlVKemtlR0w5WU5KRCUyRnQ1eTVPdWdha0wxSlUlMkZabXg2SzZLNGwlMkJLVGlyT2JmcXBU
.ads.stickyadstv.com/ Name: UID
Value: 3590c071f19b1825b850ab9774a9817
www.grahamleader.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-20T17%3A05%3A22%22%7D
www.grahamleader.com/ Name: pbjs-unifiedid_last
Value: Tue%2C%2020%20Dec%202022%2017%3A05%3A22%20GMT
.ads.pubmatic.com/ Name: KCCH
Value: YES
.fwmrm.net/ Name: _uid
Value: "v1dfa_7179278018425725572"
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156595:2
.pubmatic.com/ Name: DPSync3
Value: 1672704000%3A201_227_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1672704000%3A238_88_233_56_161_8_71_81_55_176_204_7_54_220_13_251_243_166_22_234_99_21_3_165%7C1672790400%3A35%7C1672358400%3A63%7C1674086400%3A203%7C1672099200%3A2_223_15
.adnxs.com/ Name: uuid2
Value: 3312878613711376392
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: v1dfa_7179278018425725572
.ads.stickyadstv.com/ Name: MRM_UID
Value: v1dfa_7179278018425725572
.quantserve.com/ Name: d
Value: EIoBCwHtJ_ijAA
.quantserve.com/ Name: mc
Value: 63a1eb52-acc77-9e858-687a7
.bidswitch.net/ Name: tuuid
Value: 1a943cd6-88b0-4310-93e7-7e22a3cd5906
.bidswitch.net/ Name: c
Value: 1671555922
.bidswitch.net/ Name: tuuid_lu
Value: 1671555922
.adfarm1.adition.com/ Name: UserID1
Value: 7179278018453895318
.weborama.fr/ Name: AFFICHE_W
Value: RW3@x0b7o01F95
.de17a.com/ Name: guid
Value: 1.2263923535633904067
.simpli.fi/ Name: suid
Value: CA90B1DE1D2F47548482281DABEF5CBD
.zeotap.com/ Name: zc
Value: 3ca31867-4b0e-4411-6b66-f7d2375eb7e9
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBFLroWMCEKDMkTWOEs9JOlPX6-WdC54FEgEBAQE8o2OrYwAAAAAA_eMAAA&S=AQAAApdDF82I7er7wuJHJQ7cwj8
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3312878613711376392&KRTB&23339-3312878613711376392
.pubmatic.com/ Name: PugT
Value: 1671555922
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7179278018453895318&KRTB&23278-7179278018453895318&KRTB&23369-7179278018453895318
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6HrUgAFfQ-eHAAp
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-843d8989-989e-4598-b17f-c8315da8ff77-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.amazon-adsystem.com/ Name: ad-id
Value: AxBB_qn-eU6FpXf8CMOgXJw|t
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf&KRTB&19420-tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf&KRTB&22979-tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf&KRTB&23403-tUYPtuYXW7WuFA3ktEJDvuZNW7-uQ1aw4kK0pQdf
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELvXlqny3-grMM90Xuq-m1Q&KRTB&16514-CAESELvXlqny3-grMM90Xuq-m1Q&KRTB&23025-CAESELvXlqny3-grMM90Xuq-m1Q&KRTB&23386-CAESELvXlqny3-grMM90Xuq-m1Q
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2263923535633904067
.adform.net/ Name: uid
Value: 5710060861223055757
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~28yh
.bidr.io/ Name: bito
Value: AAPJ6U7HQ9cAAB-TqLS2EA
.bidr.io/ Name: bitoIsSecure
Value: ok

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.grahamleader.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.grahamleader.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13781
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D8FF796B-3BFC-4B41-BAC6-2FE0D7B7B015&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d75ac233fe4e29fb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QTVgjXYYMnWnXRMh
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
2f98c381b06dabd5ad9d34d833b6f7f2.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
api.rlcdn.com
as-sec.casalemedia.com
assets.revcontent.com
bcp.crwdcntrl.net
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.resonate.com
cdn.revcontent.com
cdnjs.cloudflare.com
cdnres.willyweather.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
data.ad-score.com
dis.criteo.com
dsp.adfarm1.adition.com
embed.sendtonews.com
embedcdn.sendtonews.com
etypeproductionstorage1.blob.core.windows.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sv.rkdms.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
japfg-trending-content.appspot.com
js-sec.indexww.com
js.ad-score.com
lexicon.33across.com
lh3.googleusercontent.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
player.sendtonews.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
video.primis.tech
www.americanhometownmedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.grahamleader.com
www.justapinch.com
x.bidswitch.net
yeet.revcontent.com
api.rlcdn.com
trends.revcontent.com
104.103.79.50
104.18.13.242
104.96.145.246
108.138.17.115
108.138.189.122
108.138.4.10
13.32.121.37
130.211.10.17
130.211.115.4
141.94.170.64
141.94.242.206
141.95.98.64
142.250.184.194
15.197.193.217
151.101.2.49
151.139.128.10
159.65.194.197
172.64.151.162
172.64.154.237
173.231.181.122
178.250.0.157
178.250.0.163
18.195.37.151
18.66.147.2
18.66.23.210
18.66.97.88
185.29.134.244
185.64.189.112
185.64.190.78
185.64.190.80
185.86.137.131
185.94.180.124
194.146.38.23
195.5.165.20
198.148.27.139
198.47.127.20
2.18.36.193
20.150.38.36
2001:678:cb4:bbbb::11
213.155.156.169
213.19.147.44
23.216.77.50
2600:1901:0:8344::
2600:9000:206e:7400:1:6448:6d00:93a1
2600:9000:20d7:ba00:a:deb0:3380:93a1
2600:9000:2250:ea00:a:e047:752:5701
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:116b
2606:4700::6812:18ad
2606:4700:e2::ac40:850f
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2014
2a00:1450:4001:811::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:400d:803::2006
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2003
2a00:1450:400d:80e::200e
2a00:1450:4025:401::9c
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:12::1370
2a03:2880:f02d:12:face:b00c:0:3
2a05:d018:d29:3602:bab2:eed8:8214:ca90
3.123.145.89
3.126.56.137
3.69.181.173
34.102.146.192
34.102.253.54
34.111.129.221
34.111.131.239
34.120.107.143
34.120.133.55
34.120.58.62
34.246.104.18
35.204.158.49
35.214.223.115
35.244.159.8
37.157.6.248
37.252.171.52
37.252.171.84
44.206.165.148
5.161.54.172
52.213.165.172
52.28.203.152
52.54.111.192
52.86.222.203
54.162.152.214
54.194.226.232
54.73.211.146
54.93.177.113
54.93.182.184
67.220.224.150
69.173.144.165
8.34.215.179
85.114.159.93
98.98.134.243
99.84.160.111
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05df3743847ca8584db6100da5894f3b2b435295fe6f446dd2eccaef36556485
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0a5ae5dc3b794c6a33138334eb5cd43addd762bbdedcd309430272c92f19b6fe
0d57fe7d65da1f448fe8db69ef2f2c95b5303a6c451d94f916cf5f5b497ed20b
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
102a95c2ca58eb11e467a980d5536452e9e91280707c5dd8c7e91909f271603d
1194d191a23bdb0b0613448c98f844834357b13337cb734ceed30b1ac1feaf92
11c65b35a88ab5c8ccac646f4b11bce743d60ed02e8ca67f07240627f62bd8c2
129af70f60bb729750eb2b761c0a524a2469404733c3ebb95ee25dbbd0de6e76
1313e1fb60b40a4c9c483fb091ff9a8da60f1380d9afdae2c6b9197eabba2148
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
15962b0ca2b3713adfae63dadd6910cc873a09bde4771bc162141b6c4cc166e1
179a1f39ddbf0c91efa0464c8261face778eef8b93229b114b1a07038d96ff3a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19100716ab6be0b2a39e4c1e2c33ae44f4b82b52f39cc2ae189b753e68c01f2b
1b6bddca48a2f5c9314c729443b5e32959dba22d2bed4fd20a11faa99ff721fa
1bf9b7e79e159c7024906ad7633be1c3726450aa3bd8b59d2734fb310bf5e954
1f3a18a6c00447f9087a7ca15302029d29b45e09807e8cf0cc205614db571ba8
2040f33b181330e0ae272e71a038179e508b7d7751b50c6b2f6591c5f905c14a
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
21daf875d02bb37ca6037fc84719bedcbe525c723c6db168656a2c4a5daffaf2
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3
23adf4ca6a754efc3444567a81aa0154b3925795dace26be251ee01058befa88
26b2490197a8220973574029c3e74021ea0f740390c1dfeeab3f0f375a107f2f
26eb5ddefc0e32b728b3f40c2a6a97c554ed17bc9070667265c8ec711a4671cb
27d4b80a07ad402fb3ff450ecc72f36afa8fa001d773e08fe26bf56ec9fb0630
28210246ee119c6fe0b48e36744fa215b63f1ca0a0d00e33867bb77a9a7c8b5c
283e7fc6e0b49e31d0923fd2be29cbcb6cfd201816bf6c61c2608f9506c45e6f
28463660a31bf5420b5f3b42c5c939f1230c3e43561da75a446ce6434f7e40c9
285328c7f72249b5a62a49fa02be35847d707e7400c9a75413dbfcb5fcd1aaed
28b010620ed3054703156792b63290f4e471a1fb07715e5600033ad2e1d4c1a2
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2acadc67e0c0e8c8adc7f3c3299ff40d365b626dcb9e3af0427ceebfa88bdce2
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2c18c1b74684e28b8ac0ae32947bff67ce1ffdeaae752a806ceadb9300a27dc8
2d68e964474991f19656a6d03de9690d625af240e0647395b915464d25539d7c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e585886425c8d387a87d51630feca0d32d8c7f5e8e8913c17eba955a9d77b2b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
332f62f407e42c747bb49c045e5684c07ac6c7e90212c861e33c78afc2e0ff06
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
3917d956a053304b10a4e415ad25ac8c1dd02925948fd4ad26ea8b587851c3b6
3946e9023e6a145bf7185a86cfd6ec3237536926862032db05f8f5ab66474fc3
3a3be08a78b019b0ee92257ea3233a08c453ba41cad584d8c07df641c7fe772b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdc364eeb75f7f4a1a581857d0c5f2719e89939d9dd63bfe154f798edb81ab8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41cbd628590cc44d5d8ff8e18c390dcc24773d1381cc0fe7edb6a589da192b52
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
429bbec44f7db505908310b3a6ff2b4688f93cd1e47e7da93e33d411f5f0f254
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a4f940188189c9e818f1fc8c2d2fd56e7e16bb4995a091e10ba03669590e048
4a8aec1c2194a9fae11e2057c14dc7a7ee3c10b156efcf3f1a36b84250e5113d
4acf439c9ae114b6707b0b59036ced496e25670143d6c774bc7315dcff1a8c4e
4def67b37e52fd0020cfe07b8abc262da9ff78822d01595104f8c3e49b7f09e9
4e19ed11c4bbab751f603bdfeead5d591abb859145a835a66e59815960616058
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
50d83c1957cd3ab7130cee69d80f7e23502dcfbf7e72b79f855043eee50c8e65
512eee29a2fd7e0bddd207a5fd4c1900a009a08c8f3a5b83c004c8f7299cb35f
521cc807c765916486d3c1258f5552a182cc1b5f572ba9a83c818fddccee9675
53f8ace5f0afa3294ba9c0211df21a5e9311cf175f1ee551df1f6050811ddddd
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54fc7d547a2997ad062694a9b0d2f483a11beb5ab282eae2d77cfa26a6962f01
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c042ecfd0767d82efcf41c6b0b78a165c0d7a83532486dcce0086943d7670a
55c637789112daedc68027d87f33cc9959284b9989218d188814e75f31a082a5
562fae1d633ef308328aff9afd7017c509e413a77af15784d0374e7677e4af57
56d514af1c2c960a699597920f5e4527026bff866d82024a69b23c14e7ab25f9
57fa9a0c1b540cb0d14a58b0d2efa79436d208482ec1d673ef25d9f2872e16c3
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5acc99cb412b48a286bb8b2813722b922a549b502978c9da5764161d706e6722
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5f665a277997ba00203271543c76f305855a83b7d06b4c0188434769008e9274
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6484dbdbcc018ef0cc92a28a4ef391571c4651aaa1958a85a24439c6120f9606
658332e33e174b8d37490bcf8426bc172aab1f991725e938263047a47d1493db
66025ee4c27756db06e9e7926b5dbffb0dcd039a4a8c66115285c8a824f62de7
66514a431926f8bfa1b7121208cd67001f8fd64d25cb9ef69e6db210a05962ba
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b015c983d729633070daf6647a74892cefc427f5e32ff191aa97df82af5d2ed
6b11ff90bc785c7b57ba4cf4c76253687209aa3679a3afa0332be2cbea95d461
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcba42ed5e926520391de384965784522e9dbafe39337e45177aa94a5204b7a
70a0c01a487e1e53c7cb4a2f9d6126dbfecdde3128cf2d19954da4ba87fd3be4
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73d4bb2f6f06883f6195018f38067e4e60235f36ae40e1534b7177ec1187b424
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76c191cc727b0c9347b26c30df79e60db3375be6b72f0bd2029bf8099c7876a8
778c3fe7098b3f796e619f8e5eb09e637d1d0773dc6e7c279b3aeb4f62e4134a
7913b63f91c00f14c9ae5f862e4a699314322425d56c6fe07b2e556c1d357d05
797913478e7efc4b27319904b14e315bb6fe48ecae99744ec7a00f9e22b43ad5
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7d333d4f428354a6439a8c750fa1178805460bfc03e6ea38bf8d64b2067f4ce7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f7f5e7586727ecdae05fd4ee0f7a42f75e587e4c1a55c1bfa892e4f0a1fafd3
7f983dbe5d020d1c937263b46c8559df71c058bb666ad50c94290dacc9cb4edf
809efa47eb79062b56ddd469bb00b4556c7debae82e72e5b2634aa34b8d349b5
80c8a6d929b1ee0e502702ef1c609d58e74da0a0be05f51d51bbc8fb0a764ee5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
835e347cd1bf6ccfdbcf9fd51249ddc375bee11dcc3d1e175d24de2479cb9867
83eae12458d635e49408f15ed68e049d832a3885640259116d41741255651311
8584d5c9a31d20054ad641fde370b91d88763cb9666fb85ec9791fdf13d4cb84
88f49a24947c24e82eeaccaee6b65c793fbf23a897d10253fb45da34db6c9058
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd6e2982523c51e7455b1d6b41deb5b7ae5e4c67d7786b3a129e0e3f83feb07
913ddc00c89a38485e217406a64128fd8207b9ef72a982a70e6910db8dd98fed
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
924adf522db46bc005980733cff79aa8b6edf9713d330234a32bc262187f523c
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
958d318f762b075d55ab5afa1582d87b3af5e7725495b7fd2d0f75346b393940
95a343259e361e4ab7ee332ea9f4866b88057c1bd4050777d4fb488cf7ff3777
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
95ba03f26c476e21582b37469098bd26f1505891b20ac9735a370d8ef551dd7d
95fe4ff28318c7af9cb16eb9168bab3ece3eeae1f188595261dc86b58beae018
978230a62694198805bfdc23d0d28db658288950390703fca3f0e176b4e0a9ad
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98974757b02d2f2aeeb285e90da7ceb8c0cd133fd604528c22c7957fcbfc09f5
98a00cfcb80369c0f1f80c124396b9aaa565edb39828792d29fdedafe9655869
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ab773115247efc69e72c85c1a4b021261d013e1a475e32cc05fbbc03fbc610b
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a0e21267c6c9eaae680de6e21aaf72b07c50cd0c97b18abba548641ac63044bd
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a2a0282057083a2f8d7910150e82927ec2b212a7de17f144ee7b5378c8ed5a45
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50992b56ef7d2da60a48380671567cde65e2d11599d8d665c4502b54f31165d
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a79d5c03017851d73cb8ce6160b60992e52ca269d3bc4600f9a87c66bf89fdf9
a85d831490b283ed4adb2d3f76632d3552445d9fe3b8b0d854c91383967f22b0
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
aa2d180b6b78bcb16f9e4116b225324669a35aeb924f447ee7eed4602854c1dd
abb9ae44c3605c928d4925909a1f8e42385e5a2f6c6bd45ad64eb1d7380df50a
ac1b5891b39bfd1e02a15c3abb623b1166dda5b857c160ceb46a3b33804f87a5
ade14c5de0a0b25efe5435ab9816cf8d87bee604dd50e9ddbd456b66d6cd074e
ae5c3352accd59ea67c1a6e1a782c5a3ea29a0154f8a4befc56e62aa10752196
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41a06a242944bf868081b0e6fc315026407dd1bf4b65ddaba400f022111aa04
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5dd19a83ec735eed028fdc80b23c93cfee5f33b4386cbb5344c002df2fb5074
b7f138ce4a2e525d7bfbb6c5bbdc6b61e9543fd3e16b80ec72d9fde25073a76f
bb4c553d2d7102ed7be4d50c8d2a23134ee4600f18fc3f96bb67455221a7474d
bd69d2dbcb5cae02ecb65623eba66373afff15433c5cbf7ebb2d43af1f0a3ffd
bd9ff0acc43d3a0f983cfc5ad6ae2eb3737b0ec64c25afb5e234a11e046844da
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
c4ac58719dd6002299ead13a4e53d6eabb6355237250d251a59f7e76d432a503
c520d461604f9c508177dc7a7a66775e5c0a1d0438281b45b9517f6b9141ff1b
c557385648ce026ba1b834da2bd0d6a5f1b0b2ed301dba519944c7fc9fcd0962
c5bfdf0bb09c63cbf841745bcab75cb9c2eb59e6b04451b64a35eba16f0bbde1
c5df4848250963084f52150ea11e08ac47180dc1542a3c4c3184f6c1bdfd9fa4
c8ff41200039ad415f6e2e26e187d8f4a83efc446143b1b7330e0521e794a2cf
c9179c69366c10639a31e705e634afee6fbc08e907d7fab56ab883253dc491f3
caac0164ff0faa04e45e3ff043b9501b9d315739b9a4341584cb7c9df48dc4a9
cd83104524c44b5d5a14c4120c0083cfb466eef2cdf59614cf65e3fc50e448a4
ce7c0411f5e7492f9bf673924fc647af42544f785e3bcdfc7ca1ce210160bca7
ceb579d8c3f76bc446f2bb7fa1a6132daccc6b740d8dc354603b88cf49f24fb2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d13c0089f0ab0e532b03dffb14f864d87d4fec441a499ccd55bb2efbef2cbc97
d32dad4b50b91a13f6e4be3388e39d4f09faace0a68b7e8b550b0d13ab7a6717
d3c045f48d6ccd8f8e09e2c2a5062dfaf6c6e56e134358c33768e43f2f43c077
d3c209a49b4d7df2408b3113bb672b19bb33856afd5c59ddec72f146099928f1
d84ea754fb9f9efeeafcd22068b342d8a51bf2fb24c80febf497632ead8bc4ce
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
def755e450bfb81f91313f3a7869b6262a1b928051410ded42b508b5de705cdc
df91e52bd316564d39538aaab7912423405301e790a84d1d204313fff2526689
dfdf0c64f9007815d3ead2b68031a4ffbc0c4bb3493424faf70fd1f75ec405db
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5452483cc895d518d050093f76abaf9390212dfc6f69c771a21737765ab53e4
ec5efb267de93bb7ad3d755f966cdc78d79f98db94f61e73e7df56534c2f102d
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f2574d511f3613fad598fbde210dfcfc80805f725dce65df8451af826b84b4c7
f3a1c763bf07564c50b3737563ce43222419997853c7f8ca55dc0fb4ca03e28a
f3a64e6daf50a4cb98875ba3aa192f3d3bdf99234e95ca5d0dd73002c6192864
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f83d0b56a679e534cb7a63af97c9e0ba3dc17977995e2642f63ae5a112aac2c0
f87c1f229e6d3ec42c9a15cdfb2ea4ef02ec76fc16068c83cbf96d3b525b6bc2
fb2562dc537617fbee16840e9fa7c1ef12b55c330d9f3a3da928bb25f823d1e9
fd8d832726fd8dc49d8a8e791cd125b74270866ea1cce9c3012e4749ccd5da7d