r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3743
Expires: Fri, 23 Sep 2022 08:05:33 GMT
Date: Fri, 23 Sep 2022 07:03:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 06:12:49 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dJp_0Zx6rez4J0FR20SX85YLk8mN1vz2BMPIEjalvE5ym0PzKdodpA==
Age: 3021
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y9IUI8mRjDWFzZTtoInRCUliMfKxjydN2JaJiB3oKXQdGuFDY1JKhA==
age: 8876
X-Firefox-Spdy: h2
w1.mssxhb.com/prod/4f1e4636-b9b5-4180-84d3-f66f9fee2f1b/24d79a3e-3a3f-44e9-a70d-11bea3d5b638
3.223.208.36302 Found 200 B URL HTTP/1.1 w1.mssxhb.com/prod/4f1e4636-b9b5-4180-84d3-f66f9fee2f1b/24d79a3e-3a3f-44e9-a70d-11bea3d5b638
IP 3.223.208.36:0
File type HTML document, ASCII text, with no line terminators
Hash 8eaf5c774de9bdc62771644c40e3f5a6
7fe5d4dbcae784daba797ed4fef959826c724172
497cb6f3c497deec8b9af5f41d554fbea3bdb3ca28f2d39f5ce83861f84c7669
Analyzer Verdict Alert fortinet Phishing
GET /prod/4f1e4636-b9b5-4180-84d3-f66f9fee2f1b/24d79a3e-3a3f-44e9-a70d-11bea3d5b638 HTTP/1.1
Host: w1.mssxhb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 23 Sep 2022 07:03:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 200
Connection: keep-alive
X-Powered-By: Express
Location: http://www.grandwelcomefranchise.com?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Vary: Accept
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
104.196.136.213301 Moved Permanently 162 B URL HTTP/1.1 www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Sep 2022 07:03:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 06:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 06:24:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fXBnwli7CLThU-YNjHsdF5jiInuXGplAWqp5mqWhQcq8FEf5pkmDtQ==
Age: 3589
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2183
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:11 GMT
Last-Modified: Fri, 23 Sep 2022 06:26:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZANAMvnEU/Q4nvdFmZXhxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +7T2ZAIdJuVFzOgKfwGoc29k+Gc=
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
104.196.136.213200 OK 20 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format, TrueType, length 20076, version 1.0\012- data
Hash 1894afe039f117f2e31b5e04fc94221d
d546af9e2eca4ccbce33bad32c33a4e3cefc023b
129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c
GET /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: font/woff
content-length: 20076
last-modified: Thu, 26 May 2022 14:05:02 GMT
etag: "628f890e-4e6c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
104.196.136.213200 OK 13 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 13264, version 331.-31261\012- data
Hash 8eb1b3e8681657092171b6aa809493c2
aa6cc2d47049bc05505d6ec1cd5237558b04d6e3
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: font/woff2
content-length: 13264
last-modified: Thu, 26 May 2022 14:05:02 GMT
etag: "628f890e-33d0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/css/privacy.min.css?ver=5.7.1
104.196.136.213200 OK 578 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/css/privacy.min.css?ver=5.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash a76502497f80e15029fd2e901733b7f2
262d46f6fdfd94c15153df8d34c6618e66878ade
fa349bb7b9f2cbbcb5cbbad57426b6eeaaeafbc1dcdab56c694f2620e3d998bc
GET /wp-content/plugins/fusion-core/css/privacy.min.css?ver=5.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 14:05:11 GMT
etag: W/"628f8917-be"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
104.196.136.213200 OK 78 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 78212, version 331.-31261\012- data
Hash 8c4f474a3aaa695346196b1f33fab616
abc1ae262d760e104a5a5cb68614ac119fd0db18
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: font/woff2
content-length: 78212
last-modified: Thu, 26 May 2022 14:05:02 GMT
etag: "628f890e-13184"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
104.196.136.213200 OK 77 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31261\012- data
Hash 9ab1ccbf4c2b583b1d848018561da0a9
68ac09c5daef91dd2220ef3d063cd757989e0982
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: font/woff2
content-length: 76736
last-modified: Thu, 26 May 2022 14:05:02 GMT
etag: "628f890e-12bc0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
104.196.136.213200 OK 68 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: image/png
content-length: 68
last-modified: Tue, 23 Aug 2022 16:17:58 GMT
etag: "6304fdb6-44"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1
104.196.136.213200 OK 2.2 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (5691), with no line terminators
Hash 17ff70cbc07fa77eda7160e680cc232e
08096a025ca9400306871d84f26fba2f4ac7f7ff
76535c587005890e1572de100edac8063daf4a84f44be50dc26269a79baf8624
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-163b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2
104.196.136.213200 OK 1.5 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (2714), with no line terminators
Hash c2ad4f93c47b75f39b99d81d9eab9a32
e3205733b6308673acc068c1259515f84fafe9f2
23081dcb5fdb527f47798dbb1622e38cb6c74fc55446ad92ba38e077a0fa6dea
GET /wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-a9a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/?c=24bb11d37813091
104.26.9.50200 OK 39 kB URL HTTP/2 a.clickcertain.com/px/?c=24bb11d37813091
IP 104.26.9.50:0
File type ASCII text, with very long lines (2807)
Hash 149865898f6205fa52b1611631b7a29a
7c6e7c3feccb62121d8bf0ecc3420fa9da445d9f
48ea8ac6aca4f407a11b33f71b90860e3898c715183e8abf4149347195ca339c
GET /px/?c=24bb11d37813091 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcomefranchise.com/
Connection: keep-alive
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: text/javascript
set-cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:12 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx=24bb11d37813091; Expires=Sat, 23 Sep 2023 07:03:12 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_24bb11d37813091=1; Expires=Sat, 23 Sep 2023 07:03:12 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-dgxng:cc-nginx-f867f9bd7-dgxng
x-requestid: a6768b5a-0076-475d-8157-c611d80cf557
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTuBTiZF0RnaqWbengC8AcFGk3wOcOy5%2BBAgJJJN7YG145lDpJ%2FSVe%2BU70dF8xdP3y5c9ZZBclLnLmsRxeBG1%2Btu8EwI2fXl%2F4I%2FZTsHS2o5XTrweeqF3QFEzY3aqsaDpK2rLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b4d6dc0b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-custom-header.js?ver=7.7.1
104.196.136.213200 OK 76 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-custom-header.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash e909773dd7ace9c98224f3d462954dbc
99d701b6756b5393d9296495c614230cfafadcd5
dc2efb578afef140d8a7da443d0b6f186b1c008db436782a1d1efde246536c6a
GET /wp-content/themes/Avada/assets/min/js/general/avada-custom-header.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
etag: W/"628f890e-bd"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2aaec9cbe28343d60597d0371f8ed16b
4456dfef025ab6be775cf3fec5afb553dbfe28d7
7e2ae8341c557e5f590cab1a3ba0d1207ad4a039729b7552b48b40dbb6fc53c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1
104.196.136.213200 OK 688 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (496), with no line terminators
Hash 5ce5c208b6b0190a6d825075712347e6
3dafbaea6d77e5725f1be216deab47837dd6bdc1
d9cb9db97f0ca5c1c204b39d24307392cecaa99eec9818be63b2085ed002caaf
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-1f0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1
104.196.136.213200 OK 5.6 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (12991), with no line terminators
Hash 8275e064d31041cbce2f86fc16527bd4
d12112d639c28ee6140252396c4c6dbd9cb2e720
4f269e2b6720cf3777d6e4fb4c8432b3ff2a9cbf348f6c86ad8ce7ac6f924013
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-32bf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=7.7.1
104.196.136.213200 OK 45 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1017), with no line terminators
Hash d24ae0caaa584d002390a4f05990bd4c
cfe0d39fee323efe8e4cffead2c31f29b2abc662
525d150078f119114a12c033214ae2eb0a626e25bc37c9259365320b096621ea
GET /wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-3f9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
104.196.136.213200 OK 3.4 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (8290)
Hash f8dd0e9b5fe5315a573ecfc34812786a
7c6aa5af1891cf8aa0ad7961e29a221f9a80a6ab
a268425432c8d9e6a131a5198e20e46b562d0e99361edf33043faafd458db35b
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 20:54:42 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"630d2792-2063"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/uploads/2022/02/Verdana.ttf
104.196.136.213200 OK 129 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/uploads/2022/02/Verdana.ttf
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type TrueType Font data, 18 tables, 1st "LTSH", 39 names, Macintosh, Typeface and data \251 1996 Microsoft Corporation. All Rights ReservedVerdanaRegularMicrosoft:Ve\012- data
Size 129 kB (129118 bytes)
Hash aa63757afcdad9568e0c19861fa50d2c
69f252e12721e118ae4da195f0639656d6969516
71cd13f119d94a5c8bc5484aeb1d536c7510eeb9a5cfd8c46f005efc7aac8f97
GET /wp-content/uploads/2022/02/Verdana.ttf HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/octet-stream
content-length: 129118
last-modified: Thu, 26 May 2022 14:04:57 GMT
etag: "628f8909-1f85e"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1
104.196.136.213200 OK 786 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (695), with no line terminators
Hash 9d8d9094717b442b4f00f970ebbe4c30
68cb1134c67ec395e5c068e1c21c8e4a7105ef85
f2943c1e3735f0dfa64f444ca097a4640619a8560219dc91ff1a5338214aef29
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-2b7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/uploads/2022/02/verdanabold.ttf
104.196.136.213200 OK 156 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/uploads/2022/02/verdanabold.ttf
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type TrueType Font data, digitally signed, 21 tables, 1st "DSIG", 70 names, Macintosh, \251 2008 Microsoft Corporation. All Rights Reserved.VerdanaBoldMicrosoft:Verdana Bold:Version 5\012- data
Size 156 kB (156340 bytes)
Hash 4822ae379fe7b2e91c509e2551fbdb35
18d4219192ff3c8a721180d301c36c27bb769aac
bba4571a7cc83c0ccc8b96035e2b165526946b1d45baf73d1b402c65ed48de62
GET /wp-content/uploads/2022/02/verdanabold.ttf HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/octet-stream
content-length: 156340
last-modified: Thu, 26 May 2022 14:04:57 GMT
etag: "628f8909-262b4"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/css/portfolio.min.css?ver=5.7.1
104.196.136.213200 OK 2.8 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/css/portfolio.min.css?ver=5.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (7402), with no line terminators
Hash c2e7cf5f636e47a99f522558b2117eb3
68eb179287b1110864301d57a372bf32b704deab
951005fba7f083cf3f1b9fbe3fc5a75b0f93aa736cd2e3f14eb209c35b9f5ef9
GET /wp-content/plugins/fusion-core/css/portfolio.min.css?ver=5.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 14:05:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8917-1cea"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.touchSwipe.js?ver=1.6.6
104.196.136.213200 OK 4.1 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.touchSwipe.js?ver=1.6.6
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (9361), with no line terminators
Hash 8eb8f310a8e397f2cff95381ca946d50
c2a955c563f2784334dcfe74330acb01f4fe5f12
b4ef8e26b10499a979ae7418c9ee632af939dbffa2780add8bf8cad1974430e5
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.touchSwipe.js?ver=1.6.6 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-2491"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/awsm-team-pro/js/team.min.js?ver=1.11.0
104.196.136.213200 OK 17 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/awsm-team-pro/js/team.min.js?ver=1.11.0
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (56896), with no line terminators
Hash b617f51bd8c289fda7f3959d096bd587
acfd3b61bfb907d51b63a6d498fd0ed3afcb5d5d
edfc7e5d00fb73cabe5635404c17f4f84c047023fe8e9cc7242b989d42029154
GET /wp-content/plugins/awsm-team-pro/js/team.min.js?ver=1.11.0 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:16 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f891c-de40"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/usahtmlmap/static/css/map.css?ver=6.0.2
104.196.136.213200 OK 3.5 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/usahtmlmap/static/css/map.css?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 737fa46ff4760c85a1d69b621bdfd880
aa89f420066cfcfa9a3710961e0123a3acc8d5af
50f958d3e912031fac8387b39bfc815ac3e7d5ab2df24278da4ec53ba1310ca3
GET /wp-content/plugins/usahtmlmap/static/css/map.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 14:05:07 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8913-12d3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/css/comment-form.min.css?ver=5.7.1
104.196.136.213200 OK 1.8 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/css/comment-form.min.css?ver=5.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1002), with no line terminators
Hash e8e52287e1fb3c1c5d1f72c024e836fb
4c8610626b5dcb7ae3e37a6956fd15a01dce525e
4fe7175d620286a8e14703700198b579d534b26f3f618c7346c663ce21f5d119
GET /wp-content/plugins/fusion-core/css/comment-form.min.css?ver=5.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 14:05:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8917-3ea"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/css/faqs.min.css?ver=5.7.1
104.196.136.213200 OK 2.9 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/css/faqs.min.css?ver=5.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1380), with no line terminators
Hash 842dcbe00c6d5c58715b5196543e6cf8
5bdeb141d29d556419ea18caf74627a2a0d74d17
8f0fb51422924acb9bf1a1e3570b5f1d62ae61dc423d90cada725a8204deb2ea
GET /wp-content/plugins/fusion-core/css/faqs.min.css?ver=5.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 14:05:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8917-564"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/css/style.min.css?ver=7.7.1
104.196.136.213200 OK 24 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/css/style.min.css?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Hash d0dd16afc2865a7738e501bcc435dad4
d5efebd761de4728490b7f46b32933174ea387c0
1cb605785658db148a76eb064ba2825cecbd3ba77eed18af06af3bc41f99eefe
GET /wp-content/themes/Avada/assets/css/style.min.css?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 14:05:05 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8911-14a47"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b6b51846ec2b7d856b7dc12e4d720f4
5a69190a9a778a6979e11fafedd43e1031caf8e2
a497c04d1c9d0be88aa9c288423346e83c6a7b296295387b3b7b855c550492a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10927
x-amzn-requestid: ae562f19-3dd9-42b1-bb98-ab026140506e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YsqHOHguIAMFS7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632823c7-6d4bcabf6879463427e68a50;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 08:09:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u4DgvdhOG7agsl8-aoovMcR029kbfcAk9eoiUiHb-PZuq3RbbFg9Mw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:51 GMT
age: 33262
etag: "5a69190a9a778a6979e11fafedd43e1031caf8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 31906
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.hsleadflows.net/leadflows.js
104.17.234.204200 OK 100 kB URL HTTP/2 js.hsleadflows.net/leadflows.js
IP 104.17.234.204:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 100 kB (100124 bytes)
Hash 0243067fca976636e9f401da6976dd66
48f9d9f9a5a539f7d59e3fec5f7e0f8b5ac8c41a
fd66e2bff008692394408356edfc9ff98766983d6733607805bb97cb06ebdb05
GET /leadflows.js HTTP/1.1
Host: js.hsleadflows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
x-amz-server-side-encryption: AES256
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-cf-id: YXqT-eGSenkJnbwob4Q0oCyr39JrBZw4rKqw4QtXX4FNdq4mRXya7g==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=74eea80b5bca35b3-IAD
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 74f16b51cddfb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
104.196.136.213200 OK 19 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (43771)
Hash 63e3380cb6f4badf3d76b22a7fc29424
da9597007de0f504de1521ad98a4f2c040fc0604
182883cc7a0c48614eba109e470f34733b45b53d85eb39b6103da1880f2c29e8
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62c2d8bd-15b64"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b936e90-90ba-49d6-946e-b7cd524d23f9.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b936e90-90ba-49d6-946e-b7cd524d23f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6243782119c18721ebfb39448a079e32
6131afd540498e8ead1b9937bc953fadbdb164f9
9f70c0b851ea5039eee2edf8d37f447946e2d2783d6ce257c0ccbcf9f262d289
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b936e90-90ba-49d6-946e-b7cd524d23f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7180
x-amzn-requestid: c08a48fa-b734-4ac7-aa76-a1225135b792
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YsS2qHbcIAMFgEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6327fe90-4a5915de1b0da7a07efddf86;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 05:30:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6QVS_B0PlpAG7YSjavV2LBnC_hiHBza_hYkyA6MtdaN6iMYmVliMOg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 07:30:08 GMT
age: 84785
etag: "6131afd540498e8ead1b9937bc953fadbdb164f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=44727
date: Fri, 23 Sep 2022 07:03:13 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 498675
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1
104.196.136.213200 OK 592 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (849), with no line terminators
Size 592 kB (591787 bytes)
Hash ae9c159422312720096a7124169928a7
d6280931d03e406c6f96f0a2803d895272908f4b
05f2c34f11f42c70379605c1aba33125653eba9350efeb0f593a8675ced09341
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-351"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/uploads/2022/05/GW-house-logo-2-e1654007698366-66x66.png
104.196.136.213200 OK 5.1 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/uploads/2022/05/GW-house-logo-2-e1654007698366-66x66.png
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 950fbcaa168d5d1e62295a3b425b200f
9bc9acf6e60cd8c0de43b48f0a6c36d517c7fc28
e94e982c937e38141a1d7b493680dd930ce959d6bf85d35761351feb54b5690a
GET /wp-content/uploads/2022/05/GW-house-logo-2-e1654007698366-66x66.png HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:13 GMT
content-type: image/png
content-length: 5114
last-modified: Tue, 31 May 2022 14:34:58 GMT
etag: "62962792-13fa"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=4146084&time=1663916592458&url=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=4146084&time=1663916592458&url=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=4146084&time=1663916592458&url=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4146084%26time%3D1663916592458%26url%3Dhttps%253A%252F%252Fwww.grandwelcomefranchise.com%252F%253FmsID%253D24d79a3e-3a3f-44e9-a70d-11bea3d5b638%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLPDWpCCahngAAAAYNpKFCaQoYiBZrOFRoQxgvAWbDMSws_mKQYJsS9WC6UllvMSrSJe04BUYvPLw; Max-Age=2592000; Expires=Sun, 23 Oct 2022 07:03:13 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJ1-LYKp-LsFwAAAYNpKFCa6206iEB5NlbSO2mfD-e-wUJ28Th6cqkZv9OK3ZIf9NE0APdwA-g3OLrMZzlaFw; Max-Age=2592000; Expires=Sun, 23 Oct 2022 07:03:13 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&4148cb02-cb4a-4c98-825b-c79250dd2abf"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 23-Sep-2023 07:03:13 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2393:u=1:x=1:i=1663916593:t=1664002993:v=2:sig=AQHLyzGpyDuOXSD1aL5BCNbh2WbzMx5Q"; Expires=Sat, 24 Sep 2022 07:03:13 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpUsV6sA+WU/sU9rqMzw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1DD4EF69272E4D298042599DC0941E53 Ref B: OSL30EDGE0213 Ref C: 2022-09-23T07:03:13Z
date: Fri, 23 Sep 2022 07:03:12 GMT
content-length: 0
X-Firefox-Spdy: h2
js.hs-banner.com/cookie-banner-public/v1/domain-collection
172.64.154.85200 OK 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/domain-collection
IP 172.64.154.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /cookie-banner-public/v1/domain-collection HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.grandwelcomefranchise.com/
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:13 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://www.grandwelcomefranchise.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f16b53f8e50af6-OSL
X-Firefox-Spdy: h2
js.hs-banner.com/cookie-banner-public/v1/activity/view
172.64.154.85200 OK 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/activity/view
IP 172.64.154.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /cookie-banner-public/v1/activity/view HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.grandwelcomefranchise.com/
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:13 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://www.grandwelcomefranchise.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f16b5418fd0af6-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/uploads/2022/01/GW-High-Res-200x73.png
104.196.136.213200 OK 9.8 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/uploads/2022/01/GW-High-Res-200x73.png
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 200 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash 73a06a79fae8ea3def7cc866b352b836
44fc18cd35ddb4ab5835e4221c75c12034497d5c
b4e86a9abd0ed64f7c9a45d8aad1917a60695a74ca7c22e5923e0233c52a0bf1
GET /wp-content/uploads/2022/01/GW-High-Res-200x73.png HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:13 GMT
content-type: image/png
content-length: 9754
last-modified: Thu, 26 May 2022 14:04:57 GMT
etag: "628f8909-261a"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 52091eecf3a4f309ed6fa23ef4d151f4
2caf74248a409ebd9840aacc849035405711090a
3a76d1721c1b4b80108f229fdfa9a84f7578afb5b8a2ea674255202ca854aca0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A76D1721C1B4B80108F229FDFA9A84F7578AFB5B8A2EA674255202CA854ACA0"
Last-Modified: Wed, 21 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6655
Expires: Fri, 23 Sep 2022 08:54:08 GMT
Date: Fri, 23 Sep 2022 07:03:13 GMT
Connection: keep-alive
js.hs-banner.com/cookie-banner-public/v1/activity/view
172.64.154.85204 No Content 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/activity/view
IP 172.64.154.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cookie-banner-public/v1/activity/view HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 146
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 07:03:13 GMT
x-trace: 2B3D632BCFC415B58CECBC087855200F3166606E66000000000000000000
x-hubspot-correlation-id: ab11bfbb-0f51-4e38-bd6f-852a1624ed0e
access-control-allow-origin: https://www.grandwelcomefranchise.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f16b54c9940af6-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
104.196.136.213200 OK 102 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (64288)
Size 102 kB (102180 bytes)
Hash d40b5d3c25299d113591e98bbbba1f32
40a9f6c4cf4561a5de5f54b5d771c05283d904f2
1d309984dae90340d4889300a6d8fd8e762f1b9ac66b8f3da6c6445f8ea66bd1
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 16:17:58 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6304fdb6-5fa2e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1663916400000/7009096.js
104.17.69.176200 OK 20 kB URL HTTP/2 js.hs-analytics.net/analytics/1663916400000/7009096.js
IP 104.17.69.176:0
File type ASCII text, with very long lines (63804)
Hash 3615cba9436ac05bc82182c2d58f6d6b
6ff63d18d0a2174ef032f44de9745da55555eeb3
8f3a76a048a4c1a4ff2246f90fe64889dcfb7daba8c278654e7ff8ef4a029275
GET /analytics/1663916400000/7009096.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:13 GMT
content-type: text/javascript
x-amz-id-2: uhdhJ51/4BoXgliDHPxCJYflyzo8kN027moacmYiVEzTaH+SPAKQKPMl4F78hqrQafgXxlOtwwg=
x-amz-request-id: 221AXPAQMSFT4BZT
last-modified: Wed, 31 Aug 2022 12:23:23 GMT
etag: W/"d51bfac2a0b6c87e18847f856052bb96"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
expires: Fri, 23 Sep 2022 07:08:13 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f16b52dab5b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.theadslab.io/matomo.js
3.128.141.27200 OK 24 kB URL HTTP/1.1 app.theadslab.io/matomo.js
IP 3.128.141.27:0
File type ASCII text, with very long lines (1601)
Hash 2b3f60205881cef2baf0365f942c75bc
50c94dd6adc6d41697a57df3067471a0fd35563a
42cebab3a0aa33b330012dd8ae1a106594fbaa01cfad57027abfb7f90fc21b00
GET /matomo.js HTTP/1.1
Host: app.theadslab.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=3600, public, no-cache="set-cookie"
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Date: Fri, 23 Sep 2022 07:03:13 GMT
ETag: W/"632befe9-12f12"
Expires: Fri, 23 Sep 2022 08:03:13 GMT
Last-Modified: Thu, 22 Sep 2022 05:17:29 GMT
Pragma: public
Server: nginx
Set-Cookie: AWSELB=D7EDE3431806AF427FFFEFBB3065226A17F90E2F65CD7B4A91F648FDD22FE5896068FEE2BC425151CE53305BE6A31BD3C762E5D087C8351B8BBB3CB3B8484E89281B98C0F7;PATH=/;MAX-AGE=9000
AWSELBCORS=D7EDE3431806AF427FFFEFBB3065226A17F90E2F65CD7B4A91F648FDD22FE5896068FEE2BC425151CE53305BE6A31BD3C762E5D087C8351B8BBB3CB3B8484E89281B98C0F7;PATH=/;MAX-AGE=9000;SECURE;SAMESITE=None
Vary: Accept-Encoding
Content-Length: 23974
Connection: keep-alive
www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/assets/transparent.png
104.196.136.213200 OK 122 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/assets/transparent.png
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 200, 1-bit grayscale, non-interlaced\012- data
Hash 86c58b484b48eac285e131e8b55d2ce7
3d3ee4c137a6f36e5fbee31e21a4d08f2c38d20e
9603ffeb6772f1cf745e0097d5d6c046eaf16151e5bc521f20764bba5ddb7713
GET /wp-content/plugins/revslider/public/assets/assets/transparent.png HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Cookie: _gcl_au=1.1.1720334691.1663916593; ct_traffic_source_cookie=NOBASE64-%7B%22traffic_source%22%3A%22Direct%22%7D; ct_user_journey_cookie=NOBASE64-%7B%22uid%22%3A%22WWWGRANDWELCOMEFRANCHISECOM632d5888acf1f2.27159586%22%2C%22expires%22%3A30%2C%22posts_id%22%3A%5B%7B%22ID%22%3A-1%2C%22slug%22%3A%22%2F%22%2C%22title%22%3A%22Home%22%2C%22content_type%22%3A%22Home%20Page%22%2C%22timestamp%22%3A1663916592%7D%5D%7D; _omappvp=KzO1GkYJgGysMbeX19cNjVOcfIWoauwd2GfcY3ekbLAYbAhNZazYgodAEhxmXrgEBh1oka95SnSwtAf3yoRVuFSF6hBYrxn9; _omappvs=1663916592892; _ga_BTR45C4CVS=GS1.1.1663916592.1.0.1663916592.0.0.0; _ga=GA1.1.469746507.1663916593; calltrk_referrer=direct; calltrk_landing=https%3A//www.grandwelcomefranchise.com/%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638; _pk_id.244.bfed=c72c014d84be09b1.1663916593.; _pk_ses.244.bfed=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:14 GMT
content-type: image/png
content-length: 122
last-modified: Tue, 23 Aug 2022 16:17:58 GMT
etag: "6304fdb6-7a"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f08468f742203b67cafd4eb9d919877c
0ab9c6875fa317315e2e7dcdb1ba8c5d28bfef68
b66d3243be1a67a813352f3c2efa4259d4e0c7960b2206a381b52ee97dc3ff23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-BTR45C4CVS>m=2oe9l0&_p=175452213&cid=469746507.1663916593&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663916592&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&dt=Grand%20Welcome%20Vacation%20Rental%20Property%20Management%20Franchise&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-BTR45C4CVS>m=2oe9l0&_p=175452213&cid=469746507.1663916593&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663916592&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&dt=Grand%20Welcome%20Vacation%20Rental%20Property%20Management%20Franchise&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-BTR45C4CVS>m=2oe9l0&_p=175452213&cid=469746507.1663916593&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663916592&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&dt=Grand%20Welcome%20Vacation%20Rental%20Property%20Management%20Franchise&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.grandwelcomefranchise.com
date: Fri, 23 Sep 2022 07:03:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
forms.hubspot.com/collected-forms/v1/config/json?portalId=7009096&utk=
104.19.155.83200 OK 382 B URL HTTP/2 forms.hubspot.com/collected-forms/v1/config/json?portalId=7009096&utk=
IP 104.19.155.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 522620c53cde427bb706d6d1daddb60b
c632eef274d48eb114a0e4ddac7f9d5819b216e2
04a8e1a10f20152ae0fd98567bbad949d20d1c5d28e54ad298faec6742fbaaa1
GET /collected-forms/v1/config/json?portalId=7009096&utk= HTTP/1.1
Host: forms.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:14 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-hubspot-correlation-id: 8bce995e-f52a-491d-a5de-7b08a6a6ccfe
access-control-allow-credentials: false
access-control-allow-origin: https://www.grandwelcomefranchise.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=QNiMYgvOtNRTBRDu3DIU8yxXmw6XJFF1gzV7PLgYMIY-1663916594-0-AQT8g29wAFYK7IvmQ+ChvNdNKEgMEOLgEYLnSBooo7jYpLmGkIPfmHUhjblVwsDGh4GmesHBEssxVpOggspU5X4=; path=/; expires=Fri, 23-Sep-22 07:33:14 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIZ8ZWTeNAqAqty%2Fv39bR20qJshFKptpdZz6Uo9KhXeAR1Zy%2F1geJCoB5nedV68ULte4v94HPfaT%2BWyIHmAObS4AGw1h96YdcILIvoStLaeqSGp%2FGY12Axt1phJeRTCfuDad"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f16b5a2a8db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/uploads/2022/02/6.png
104.196.136.213200 OK 403 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/uploads/2022/02/6.png
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 1366 x 881, 8-bit/color RGBA, non-interlaced\012- data
Size 403 kB (403400 bytes)
Hash cd62ff538145ab2bb7a8544ff9147949
a73c88bcb35b71dbf4918502a9e208dd84e299bf
4ff0f376447ac5516bd872f7838e8d1ebb9de6f90591d5dd83b8dd4a362a258f
GET /wp-content/uploads/2022/02/6.png HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Cookie: _gcl_au=1.1.1720334691.1663916593; ct_traffic_source_cookie=NOBASE64-%7B%22traffic_source%22%3A%22Direct%22%7D; ct_user_journey_cookie=NOBASE64-%7B%22uid%22%3A%22WWWGRANDWELCOMEFRANCHISECOM632d5888acf1f2.27159586%22%2C%22expires%22%3A30%2C%22posts_id%22%3A%5B%7B%22ID%22%3A-1%2C%22slug%22%3A%22%2F%22%2C%22title%22%3A%22Home%22%2C%22content_type%22%3A%22Home%20Page%22%2C%22timestamp%22%3A1663916592%7D%5D%7D; _omappvp=KzO1GkYJgGysMbeX19cNjVOcfIWoauwd2GfcY3ekbLAYbAhNZazYgodAEhxmXrgEBh1oka95SnSwtAf3yoRVuFSF6hBYrxn9; _omappvs=1663916592892; _ga_BTR45C4CVS=GS1.1.1663916592.1.0.1663916592.0.0.0; _ga=GA1.1.469746507.1663916593; calltrk_referrer=direct; calltrk_landing=https%3A//www.grandwelcomefranchise.com/%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638; _pk_id.244.bfed=c72c014d84be09b1.1663916593.; _pk_ses.244.bfed=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:14 GMT
content-type: image/png
content-length: 403400
last-modified: Thu, 26 May 2022 14:04:57 GMT
etag: "628f8909-627c8"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1
104.196.136.213200 OK 4.8 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (3544), with no line terminators
Hash c49ba07a0f2eda7da215fdcf1222aef4
fcfd7bfe89574bcf6f7f60999fcb6dc9d74b478c
439bd975dd08bf20e67506c125a5ca4b14834599befaff96940f04291879c53d
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-dd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 088fd54c49c3761d7537bd8ceadf8af4
c450a99446fadeaa81f2426367b7d200d11ef67d
9e171b74ae7c3f96a03cf14f423b05ab0ad7329844061b9200d81f6bc381a561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Last-Modified: Fri, 23 Sep 2022 05:54:11 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b4d862ff620a280f30bb70f595305d8
4dc5bda7a8e489e0791e678ad95050fee092988f
9b5d56d0c7204d221a2d3bb88d44ee5e8a8fd37d8e294bd6bfd78cca56cf9d86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4146084%26time%3D1663916592458%26url%3Dhttps%253A%252F%252Fwww.grandwelcomefranchise.com%252F%253FmsID%253D24d79a3e-3a3f-44e9-a70d-11bea3d5b638%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4146084%26time%3D1663916592458%26url%3Dhttps%253A%252F%252Fwww.grandwelcomefranchise.com%252F%253FmsID%253D24d79a3e-3a3f-44e9-a70d-11bea3d5b638%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4146084%26time%3D1663916592458%26url%3Dhttps%253A%252F%252Fwww.grandwelcomefranchise.com%252F%253FmsID%253D24d79a3e-3a3f-44e9-a70d-11bea3d5b638%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcomefranchise.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4146084&time=1663916592458&url=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&e5ac4e5a-0132-4a4d-8fe5-bfbf1033774f"; Domain=.linkedin.com; Expires=Sat, 23-Sep-2023 07:03:14 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2022092307031443bfa06a-f6eb-47a8-848b-7561d3b0785bAQFS8H7Wl8I8NiKCUTgbfeL6p3yTJkC5"; Domain=.www.linkedin.com; Expires=Sat, 23-Sep-2023 07:03:14 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjM5MTY1OTQ7MjswMjGTm7F7gauTfiTOU8HV63GV1zoQ4O9Pb9KWb2zTQKBVVA==; Domain=.linkedin.com; Expires=Wed, 22 Mar 2023 07:03:14 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2388:u=1:x=1:i=1663916594:t=1664002994:v=2:sig=AQHHKug-3L_DzXBMkFLUfEcDcUIq_2fC"; Expires=Sat, 24 Sep 2022 07:03:14 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpUsWUPAkrumvGFj4GgQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7859DA212C19412FB234727A28A3B388 Ref B: OSL30EDGE0213 Ref C: 2022-09-23T07:03:14Z
date: Fri, 23 Sep 2022 07:03:14 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 000559ce2b1244972d10d65d7b6651c6
ad14437bb48197c59f1170a0537615281b7ec899
b0d6f0803c162e4588efb588c710d4bcc238bc64b6a7c331158b355c89d0be04
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6041
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Last-Modified: Fri, 23 Sep 2022 05:22:34 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab9170d59e1c01422d2c55356248b569
0df99ca360de0b69a7e79d8e79b6383fec4a5453
7747cc09f59efbc03c3663c9be6bb63248a43f8f310c1bae1466255e83a72455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab9170d59e1c01422d2c55356248b569
0df99ca360de0b69a7e79d8e79b6383fec4a5453
7747cc09f59efbc03c3663c9be6bb63248a43f8f310c1bae1466255e83a72455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=090CD08723A76ABA2748C2AF22F06BE5; domain=.bing.com; expires=Wed, 18-Oct-2023 07:03:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B2A09600B004F839139F7CCDE481C7C Ref B: OSL30EDGE0319 Ref C: 2022-09-23T07:03:15Z
date: Fri, 23 Sep 2022 07:03:14 GMT
X-Firefox-Spdy: h2
www.google.com/js/th/7f2HzU_eRiWxv--cAX3t_q7u4Wt7MOcmPwwdepX4QRg.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/7f2HzU_eRiWxv--cAX3t_q7u4Wt7MOcmPwwdepX4QRg.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36070)
Hash 28927abcfde9bc160e5533df57badd7e
2ff255edc304fe9acd5d8453f58e5614b02bd770
a4a7d879f3ebc1659299d5f08fef4b4bd4c5a67940191d3a871fd60b77e1105c
GET /js/th/7f2HzU_eRiWxv--cAX3t_q7u4Wt7MOcmPwwdepX4QRg.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14287
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:04:49 GMT
expires: Thu, 21 Sep 2023 05:04:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
content-type: text/javascript
age: 179906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1
104.196.136.213200 OK 28 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, ASCII text, with very long lines (1767), with no line terminators
Hash bcf936e2f64c86f30ef8c3dde9f3801f
37b19834d63ffcf8fd2a123022a4f2b44efac83e
38b1aea5db9bc24727a353ec90f2edbe14b1ab9e3ea1b64c7ef9fb9afc11f292
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-6e7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1
104.196.136.213200 OK 647 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (2069), with no line terminators
Hash e54e4135b2875aabca6d01c0a98c60d1
866f2bd8f7251506ddbaa135ec14edbe6115232f
fabdf5a3eee830bddb321265ef5b421d415a2beb1c47d59e5e2b265afb87a5a3
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:13 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8919-815"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 07:03:04 GMT
expires: Fri, 23 Sep 2022 07:18:04 GMT
cache-control: public, max-age=900
age: 11
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/ppPWSl0Z7XE/maxresdefault.webp
216.58.211.22200 OK 28 kB URL HTTP/2 i.ytimg.com/vi_webp/ppPWSl0Z7XE/maxresdefault.webp
IP 216.58.211.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d84b17706a865384f29436cd852e243
4e6ff3b5f80c378c31a8f0765b66ba86c7cc1c9d
cf0197dabce1b88a51d5552c68464600411e05be1d743abc1e9f3bfd7b3f2406
GET /vi_webp/ppPWSl0Z7XE/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 28518
date: Fri, 23 Sep 2022 07:03:15 GMT
expires: Fri, 23 Sep 2022 09:03:15 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.callrail.com/companies/241318654/c20a061e718b5d7881f9/12/swap.js
143.204.55.59200 OK 36 kB URL HTTP/2 cdn.callrail.com/companies/241318654/c20a061e718b5d7881f9/12/swap.js
IP 143.204.55.59:0
File type C source, Unicode text, UTF-8 text, with very long lines (32850)
Hash 6b85db85a9b7dae9c5778525619b6d92
8f522faed0f012e2ed7ed8f8e301c3976a0f2ded
f5de68c1b723576835f1fa24a4e976cb20a56e2b73c8ac51bfa8c3cb0eec5015
GET /companies/241318654/c20a061e718b5d7881f9/12/swap.js HTTP/1.1
Host: cdn.callrail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Fri, 23 Sep 2022 07:03:13 GMT
cache-control: max-age=3600, public
etag: W/"f5de68c1b723576835f1fa24a4e976cb"
timing-allow-origin: *
x-request-id: af58319d-8adf-44c1-a777-38d4e9cc797e
x-runtime: 0.006556
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BjXfpgXp_d5QkMhztVEuDt6uX1mFrba8Q6d3LE_6BplH6iWJS1IGwg==
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 23 Sep 2022 07:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 088fd54c49c3761d7537bd8ceadf8af4
c450a99446fadeaa81f2426367b7d200d11ef67d
9e171b74ae7c3f96a03cf14f423b05ab0ad7329844061b9200d81f6bc381a561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Last-Modified: Fri, 23 Sep 2022 05:54:11 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 30 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0a03055b9eb61e00bc39626d534ef399
79048d78bcb6ae09b42eaef35733136ac7b4e319
2a45d01c633951d7dbc6c3aea63691ebd846d56635c14e03c82c743967efb2da
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 23 Sep 2022 07:03:15 GMT
server: ESF
cache-control: private
content-length: 30534
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu8G4UJVP9gynFdoglS61wpL8Ev2AnnZVB52tqmO=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.9 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8G4UJVP9gynFdoglS61wpL8Ev2AnnZVB52tqmO=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 879e90ba218c76a30c3d7917b0f790ff
118dfc9b7ca25bc05cb11df63af5599417ae55ca
f78536e0d0802853ca41aa5d24df85c70f85aa26c48f4a3d9a48018ccd5c7145
GET /ytc/AMLnZu8G4UJVP9gynFdoglS61wpL8Ev2AnnZVB52tqmO=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v33"
expires: Sat, 24 Sep 2022 07:03:15 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 23 Sep 2022 07:03:15 GMT
server: fife
content-length: 1861
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grandwelcomefranchise.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
104.196.136.213200 OK 7.4 kB URL HTTP/2 www.grandwelcomefranchise.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (11126)
Hash ad53c5c06b78f4f9d0bb5ff16bb3b04a
311ec73cc1b623cb86b38ac561f251da4df5b8eb
203cddc96d54140156736e38bb8b3a79c2b2818a80cb3eb366b0ad562beb48a0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"5fb4e3fe-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 7b05e3f79ec2b938964d031da2e673d7
05a56cc7134aaacc64a6833ce1419a23c82adcc4
090a8dfbc2a2f276ec963c52e9870689e82272e47492a594a788856b35e37409
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 07:03:15 GMT
Last-Modified: Fri, 23 Sep 2022 05:26:17 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nPzlswfs39A_VkAP1u67-Myc96n2hAX6XynUtjE8eBmW_eewc8Wd7g==
Age: 5818
googleads.g.doubleclick.net/pagead/id?slf_rd=1
172.217.21.162200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 172.217.21.162:0
Hash 4e30398c7bf4dac75b3bed8ec303ed24
20b64d574b413c01b7f4af38c7135e5dc304350c
081157d243e629e2ba99d2bb5194ffcbe75c0bee63b0d81a13b2aed7fb30db46
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Fri, 23 Sep 2022 07:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab9170d59e1c01422d2c55356248b569
0df99ca360de0b69a7e79d8e79b6383fec4a5453
7747cc09f59efbc03c3663c9be6bb63248a43f8f310c1bae1466255e83a72455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 000559ce2b1244972d10d65d7b6651c6
ad14437bb48197c59f1170a0537615281b7ec899
b0d6f0803c162e4588efb588c710d4bcc238bc64b6a7c331158b355c89d0be04
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6404
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Last-Modified: Fri, 23 Sep 2022 05:16:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b4d862ff620a280f30bb70f595305d8
4dc5bda7a8e489e0791e678ad95050fee092988f
9b5d56d0c7204d221a2d3bb88d44ee5e8a8fd37d8e294bd6bfd78cca56cf9d86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=2ac52792-aafd-4170-87b4-b8345ba3873f&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=2ac52792-aafd-4170-87b4-b8345ba3873f&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive/check?partner_id=3318&partner_device_id=2ac52792-aafd-4170-87b4-b8345ba3873f&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 07:03:15 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1663916595311;Expires=Tue, 22 Nov 2022 07:03:15 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=a4a35363-1169-4ea8-939d-9ba7499c082f;Expires=Tue, 22 Nov 2022 07:03:15 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Tue, 22 Nov 2022 07:03:15 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=a4a35363-1169-4ea8-939d-9ba7499c082f
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/680158150/wcm?cc=ZZ&dn=18888700102&cl=yyz-CKj2_LgBEMbHqcQC&ct_eid=2
172.217.21.162302 Found 0 B URL HTTP/2 www.googleadservices.com/pagead/conversion/680158150/wcm?cc=ZZ&dn=18888700102&cl=yyz-CKj2_LgBEMbHqcQC&ct_eid=2
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/conversion/680158150/wcm?cc=ZZ&dn=18888700102&cl=yyz-CKj2_LgBEMbHqcQC&ct_eid=2 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://www.google.no/pagead/attribution/wcm?cc=ZZ&dn=18888700102&cl=yyz-CKj2_LgBEMbHqcQC
access-control-allow-origin: https://www.grandwelcomefranchise.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Sep 2022 07:03:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eaffb1303f1cf16589ef5de8c20980df
5ca1e702ecc9c9e485407252fca563633d848a7f
f44614ed6a6a74247f83b13926c04f7e596bb9661bcc199e2e834e253ad791be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=2ac52792-aafd-4170-87b4-b8345ba3873f&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d2ac52792%25252daafd%25252d4170%25252d87b4%25252db8345ba3873f%252526anx_uId%25253d%252524UID
34.195.237.112303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=2ac52792-aafd-4170-87b4-b8345ba3873f&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d2ac52792%25252daafd%25252d4170%25252d87b4%25252db8345ba3873f%252526anx_uId%25253d%252524UID
IP 34.195.237.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?bidder_id=200441&bidder_uuid=2ac52792-aafd-4170-87b4-b8345ba3873f&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d2ac52792%25252daafd%25252d4170%25252d87b4%25252db8345ba3873f%252526anx_uId%25253d%252524UID HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 23 Sep 2022 07:03:15 GMT
Content-Length: 0
Connection: keep-alive
Location: /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d2ac52792%25252daafd%25252d4170%25252d87b4%25252db8345ba3873f%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=2ac52792-aafd-4170-87b4-b8345ba3873f&_li_chk=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&previous_uuid=d9fb6e28d8fd4e0d8897e07e88ea53b9
Set-Cookie: lidid=d9fb6e28-d8fd-4e0d-8897-e07e88ea53b9; Max-Age=63072000; Expires=Sun, 22 Sep 2024 07:03:15 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8ec1540e8ec974c8f6edcedfe7dd807f
920b0ea678361a34b5508dee6c6f556a47586562
5749ded70372335a59fbf3f405a3330d8fb4ba6ae1df1417e8197a723abc46cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.clickcertain.com/px/ta/?done=true&ta_id=a4a35363-1169-4ea8-939d-9ba7499c082f
104.26.9.50204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/ta/?done=true&ta_id=a4a35363-1169-4ea8-939d-9ba7499c082f
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?done=true&ta_id=a4a35363-1169-4ea8-939d-9ba7499c082f HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; _ccpx=24bb11d37813091; _ccpx_24bb11d37813091=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 07:03:15 GMT
set-cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:15 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-sthpl:cc-nginx-f867f9bd7-sthpl
x-requestid: fa03dce1-278b-441b-8ecc-e019293e0629
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKrEh2hOu1jo2SsHN2710gomCHNQDdsRi4H1xAcwEjpauopZ%2BSSjkmY5gQtB0QJwJmeubX4bvpjyuX3d5JDymFdkWWf43%2FBhL1IMO9iB89USkkV%2FEgsBQnLTmX5G9sTOvXvDhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b60ed70b4fa-OSL
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=56008597&tm=gtm002&Ver=2&mid=4ecad84c-086d-42f2-be0d-fc70b879049b&sid=cb1ecc803b0d11edae136939cc589fae&vid=cb1edb203b0d11ed9195a170bf02d0ef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Grand%20Welcome%20Vacation%20Rental%20Property%20Management%20Franchise&p=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&r=<=2379&evt=pageLoad&sv=1&rn=803782
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=56008597&tm=gtm002&Ver=2&mid=4ecad84c-086d-42f2-be0d-fc70b879049b&sid=cb1ecc803b0d11edae136939cc589fae&vid=cb1edb203b0d11ed9195a170bf02d0ef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Grand%20Welcome%20Vacation%20Rental%20Property%20Management%20Franchise&p=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&r=<=2379&evt=pageLoad&sv=1&rn=803782
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=56008597&tm=gtm002&Ver=2&mid=4ecad84c-086d-42f2-be0d-fc70b879049b&sid=cb1ecc803b0d11edae136939cc589fae&vid=cb1edb203b0d11ed9195a170bf02d0ef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Grand%20Welcome%20Vacation%20Rental%20Property%20Management%20Franchise&p=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&r=<=2379&evt=pageLoad&sv=1&rn=803782 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=25C22D19859D63060FD63F3184CA628F; domain=.bing.com; expires=Wed, 18-Oct-2023 07:03:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09604EA103EC4209BF60860B52F3E9F2 Ref B: OSL30EDGE0319 Ref C: 2022-09-23T07:03:15Z
date: Fri, 23 Sep 2022 07:03:14 GMT
X-Firefox-Spdy: h2
i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d2ac52792%25252daafd%25252d4170%25252d87b4%25252db8345ba3873f%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=2ac52792-aafd-4170-87b4-b8345ba3873f&_li_chk=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&previous_uuid=d9fb6e28d8fd4e0d8897e07e88ea53b9
34.195.237.112303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d2ac52792%25252daafd%25252d4170%25252d87b4%25252db8345ba3873f%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=2ac52792-aafd-4170-87b4-b8345ba3873f&_li_chk=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&previous_uuid=d9fb6e28d8fd4e0d8897e07e88ea53b9
IP 34.195.237.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d2ac52792%25252daafd%25252d4170%25252d87b4%25252db8345ba3873f%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=2ac52792-aafd-4170-87b4-b8345ba3873f&_li_chk=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&previous_uuid=d9fb6e28d8fd4e0d8897e07e88ea53b9 HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 23 Sep 2022 07:03:15 GMT
Content-Length: 0
Connection: keep-alive
Location: https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d2ac52792%252daafd%252d4170%252d87b4%252db8345ba3873f%2526anx_uId%253d%2524UID&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f
Set-Cookie: _li_ss=MgYIkgEQmRM; Max-Age=2592000; Expires=Sun, 23 Oct 2022 07:03:15 GMT; SameSite=None; Path=/s; Secure
lidid=130707bb-539a-42cb-b38a-f29409d56404; Max-Age=63072000; Expires=Sun, 22 Sep 2024 07:03:15 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-118744554-2&cid=469746507.1663916593&jid=435318926&gjid=1792310743&_gid=1646044207.1663916594&_u=YADAAEAAAAAAAC~&z=682660635
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-118744554-2&cid=469746507.1663916593&jid=435318926&gjid=1792310743&_gid=1646044207.1663916594&_u=YADAAEAAAAAAAC~&z=682660635
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-118744554-2&cid=469746507.1663916593&jid=435318926&gjid=1792310743&_gid=1646044207.1663916594&_u=YADAAEAAAAAAAC~&z=682660635 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.grandwelcomefranchise.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Sep 2022 07:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 23 Sep 2022 07:03:15 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/attribution/wcm?cc=ZZ&dn=18888700102&cl=yyz-CKj2_LgBEMbHqcQC
142.250.74.3200 OK 87 B URL HTTP/2 www.google.no/pagead/attribution/wcm?cc=ZZ&dn=18888700102&cl=yyz-CKj2_LgBEMbHqcQC
IP 142.250.74.3:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 36d9ec9a38ee63b6e93115603d96f7a1
efb8de49ffe231ec8a1266a8ca3a97901356a846
30f732c37c76fae3bcf6bcb7c39492d86abc6c3fbf53dadc4533f89df05c71b2
GET /pagead/attribution/wcm?cc=ZZ&dn=18888700102&cl=yyz-CKj2_LgBEMbHqcQC HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://www.grandwelcomefranchise.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
access-control-allow-credentials: true
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 07:03:15 GMT
server: cafe
cache-control: private
content-length: 87
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/56008597.js
204.79.197.200200 OK 667 B URL HTTP/2 bat.bing.com/p/action/56008597.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 551fdc29ee7bed42a24ba48ef7ff0d04
e05b26c99a934f2c2d3ce9c96ba4f140e2a8e202
3d307f5264c6fa6d818306fa0ca04c15fc601c01b46250b979bfc255574408de
GET /p/action/56008597.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 667
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=18EF055AA04F6FC20A351772A1186EC7; domain=.bing.com; expires=Wed, 18-Oct-2023 07:03:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B02263C44AB146839601989C16ED8CAD Ref B: OSL30EDGE0319 Ref C: 2022-09-23T07:03:15Z
date: Fri, 23 Sep 2022 07:03:14 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f%26anx_uId%3d%24UID
216.58.207.194302 Found 509 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f%26anx_uId%3d%24UID
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (332), with CRLF, LF line terminators
Hash 185285892185664be3ad6eda4c930421
ed4274858bd40eda17a1bf2cb6d4248806c99a82
3dc62b7f68a6a556f471145bebb2760f02ac4f9663dcaee16b3d4a2a45a91baa
GET /pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f%26anx_uId%3d%24UID HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792%2Daafd%2D4170%2D87b4%2Db8345ba3873f%26anx_uId%3D%24UID&google_tc=
date: Fri, 23 Sep 2022 07:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 509
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Sep-2022 07:18:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792%2Daafd%2D4170%2D87b4%2Db8345ba3873f%26anx_uId%3D%24UID&google_tc=
216.58.207.194302 Found 455 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792%2Daafd%2D4170%2D87b4%2Db8345ba3873f%26anx_uId%3D%24UID&google_tc=
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 68a83846076fa669f6a6a51ea9d75ede
6c075d6a001a5a8a98232492ae4c841d8785f4ae
72ddb7d45ba1a7e04d6c9fe926c8529bc09b1652644f7818784355a50d4ae6cd
GET /pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792%2Daafd%2D4170%2D87b4%2Db8345ba3873f%26anx_uId%3D%24UID&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792%2Daafd%2D4170%2D87b4%2Db8345ba3873f%26anx_uId%3D%24UID&google_error=3
date: Fri, 23 Sep 2022 07:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3110093199215166&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&rl=&if=false&ts=1663916594909&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663916594908.831279819&it=1663916594457&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3110093199215166&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&rl=&if=false&ts=1663916594909&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663916594908.831279819&it=1663916594457&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3110093199215166&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&rl=&if=false&ts=1663916594909&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663916594908.831279819&it=1663916594457&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 23 Sep 2022 07:03:15 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3110093199215166&ev=Other&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&rl=&if=false&ts=1663916594912&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663916594908.831279819&it=1663916594457&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3110093199215166&ev=Other&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&rl=&if=false&ts=1663916594912&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663916594908.831279819&it=1663916594457&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3110093199215166&ev=Other&dl=https%3A%2F%2Fwww.grandwelcomefranchise.com%2F%3FmsID%3D24d79a3e-3a3f-44e9-a70d-11bea3d5b638&rl=&if=false&ts=1663916594912&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663916594908.831279819&it=1663916594457&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 23 Sep 2022 07:03:15 GMT
X-Firefox-Spdy: h2
secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&anx_uId=$UID
185.89.210.82307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&anx_uId=$UID
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&anx_uId=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 23 Sep 2022 07:03:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792-aafd-4170-87b4-b8345ba3873f%26anx_uId%3D%24UID
AN-X-Request-Uuid: 9f3f7707-26bf-43d4-a804-6c9f87b0a395
Set-Cookie: uuid2=8507494291629554868; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Dec-2022 07:03:16 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.clarity.ms/tag/uet/56008597
13.107.246.53200 OK 88 kB URL HTTP/2 www.clarity.ms/tag/uet/56008597
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type gzip compressed data, from Unix\012- data
Hash 02c81e3c2f089669d9300683139862bb
d3a651b16c40a4304d628f0f99276cbb6b35e2fe
092a15e21a5e003c6ce1981ee19483cc5a91649722a98bb4cbef738838618411
GET /tag/uet/56008597 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=8b552124418d4fe4bfaba72e4754b773.20220923.20230923; expires=Sat, 23 Sep 2023 07:03:16 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0NFotYwAAAAD0mGzPLLbZT5WxF/K85USYQU1TMDRFREdFMTkxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 23 Sep 2022 07:03:16 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.41/clarity.js
13.107.246.53200 OK 24 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.41/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54809)
Hash 1a7d206cf77e52160f7d49ab1c167fe5
08d824c483c1a2428bdc4e583d61a5ca8d1afb74
5404eb1ed3f4542d873f4e0610572ad480353446ea8e6f7e2bb76034cf051652
GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 23509
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8ccdebe9ad570"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0NFotYwAAAAAl50UBlGBDQqruUeyl5WXtQU1TMDRFREdFMTkxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 23 Sep 2022 07:03:16 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 07:03:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=369811,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f16b6b6a0e0b02-OSL
x.bidswitch.net/sync?dsp_id=179&user_id=2ac52792-aafd-4170-87b4-b8345ba3873f&expires=5&user_group=0
3.122.47.104302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=179&user_id=2ac52792-aafd-4170-87b4-b8345ba3873f&expires=5&user_group=0
IP 3.122.47.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=179&user_id=2ac52792-aafd-4170-87b4-b8345ba3873f&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Fri, 23 Sep 2022 07:03:17 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=2ac52792-aafd-4170-87b4-b8345ba3873f&expires=5&user_group=0
Set-Cookie: tuuid=f1e643a1-b15e-46ca-8b97-7ba690b2b4c2; path=/; expires=Sat, 23-Sep-2023 07:03:17 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663916597; path=/; expires=Sat, 23-Sep-2023 07:03:17 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663916597; path=/; expires=Sat, 23-Sep-2023 07:03:17 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663916597; path=/; expires=Sat, 23-Sep-2023 07:03:17 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=2ac52792-aafd-4170-87b4-b8345ba3873f&expires=5&user_group=0
3.122.47.104200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=2ac52792-aafd-4170-87b4-b8345ba3873f&expires=5&user_group=0
IP 3.122.47.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=179&user_id=2ac52792-aafd-4170-87b4-b8345ba3873f&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Fri, 23 Sep 2022 07:03:17 GMT
Content-Length: 43
Connection: keep-alive
a.clickcertain.com/px/img/bidswitch/?done=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&anx_uId=0
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/bidswitch/?done=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&anx_uId=0
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/img/bidswitch/?done=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&anx_uId=0 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; _ccpx=24bb11d37813091; _ccpx_24bb11d37813091=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 07:03:16 GMT
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=2ac52792-aafd-4170-87b4-b8345ba3873f&expires=5&user_group=0
set-cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:16 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-r42r9:cc-nginx-f867f9bd7-r42r9
x-requestid: 7432ed9d-4fe1-4564-bf39-798c3b715688
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ik7t0w3D9KmUToatzioq6Wy25t03C4ghkXI7siTxzN2vmGSbKfm4b8vY1whUqETMdKwfW84iEu1nFGeTYQBpiC3PHWOz7B%2Fr5UEEBgudD2DNvv4g%2FX1NTaR9OWXUsmf9BxRkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b69793db4fa-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/uploads/2022/05/HEADER-GIF-V2-NEW-1.gif
104.196.136.213200 OK 62 MB URL HTTP/2 www.grandwelcomefranchise.com/wp-content/uploads/2022/05/HEADER-GIF-V2-NEW-1.gif
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1366 x 600\012- data
Size 62 MB (62033464 bytes)
Hash 08c5c73b0f2c7dd38c8b69c04fe98751
c27a2c2845176d2244b74384973768ecebb0bc8e
07acc9c0cd0c86a597240bf3d84324b291fb8e1d48ad91d5459269547bedf8b6
GET /wp-content/uploads/2022/05/HEADER-GIF-V2-NEW-1.gif HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:13 GMT
content-type: image/gif
content-length: 62033464
last-modified: Thu, 26 May 2022 14:04:55 GMT
etag: "628f8907-3b28e38"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6048e0ac-15db1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 16:17:59 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6304fdb7-e8bd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-menu.js?ver=1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-menu.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-menu.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:14 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f891a-24bc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-34d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-57ca"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-crossfade-images.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-crossfade-images.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-crossfade-images.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-1a2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/cont/?c=24bb11d37813091&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&cn=NO
104.26.9.50200 OK 0 B URL HTTP/2 a.clickcertain.com/px/cont/?c=24bb11d37813091&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&cn=NO
IP 104.26.9.50:0
GET /px/cont/?c=24bb11d37813091&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&cn=NO HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; _ccpx=24bb11d37813091; _ccpx_24bb11d37813091=2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:14 GMT
content-type: text/html
etag: W/"MmFjNTI3OTJnYWFmZGc0MTcwZzg3YjRnYjgzNDViYTM4NzNmLXow"
set-cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:14 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-dgxng:cc-nginx-f867f9bd7-dgxng
x-requestid: e2286ab6-7882-4cef-b4e5-5004aeaf6723
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjPJ0VMPxe%2FmeBHa1VQ4zIoeus7AnbrEhYO4zF2nrCVMhqMe4s6yF%2BAXB3omq%2BORDqXiD9gJd%2BGSNCVkzUXD%2FARz%2F1RWDoLEdfee58PV0BGbAzVp%2FfSJGHcV55V80%2BwG%2F%2BbMfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b58dbe4b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:13 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8919-1717"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:13 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8919-29a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792%2Daafd%2D4170%2D87b4%2Db8345ba3873f%26anx_uId%3D%24UID&google_error=3
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792%2Daafd%2D4170%2D87b4%2Db8345ba3873f%26anx_uId%3D%24UID&google_error=3
IP 104.26.9.50:0
GET /px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D2ac52792%2Daafd%2D4170%2D87b4%2Db8345ba3873f%26anx_uId%3D%24UID&google_error=3 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; _ccpx=24bb11d37813091; _ccpx_24bb11d37813091=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 07:03:15 GMT
content-type: text/html
location: https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&anx_uId=$UID
x-frontend: cc-nginx-f867f9bd7-74j7z:cc-nginx-f867f9bd7-74j7z
x-requestid: bcb1235a-ca99-4b3e-b50a-ccab21f4b424
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCgy4FIlxnm9ARf2xohiSN0aVDCC4PXSSo3Ka309FxHDZ0DL6Dcrcklyv6SpKHe7NElng84Pcpi2G8oqbY4D0SW4ermdSJEeEmFuMFqSmDeVvVpofIk6N6w0G7t44QfFqUbgPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b63e9dcb4fa-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-1420c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-40bd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/lazysizes.js?ver=6.0.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/lazysizes.js?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/lazysizes.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-1e01"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-376"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=6.0.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-104"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?c=24bb11d37813091
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/smart/a/?c=24bb11d37813091
IP 104.26.9.50:0
GET /px/smart/a/?c=24bb11d37813091 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcomefranchise.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24bb11d37813091
set-cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:12 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-74j7z:cc-nginx-f867f9bd7-74j7z
x-requestid: 68ac4c80-6fd1-4df3-8dc3-0c046c59bcc5
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvsEtmXtQTmr%2BfX2%2F7qTAVg5fcGuUd2wLXHLOf0JOjPrxW8wZDyP0k2st94nZwRVhRQ%2By5nXzE1HxZwANALMhZvnQl869dGhPDvVuGWOJtCl8QrtRQ1EAvhcRJZ3cmKBjqM86g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b4c2c4db4fa-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-2a6e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-17d5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-bfd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-gravity-forms.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-gravity-forms.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-gravity-forms.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-8a0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-11b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?c=24bb11d37813091
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/smart/a/?c=24bb11d37813091
IP 104.26.9.50:0
GET /px/smart/a/?c=24bb11d37813091 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcomefranchise.com/
Connection: keep-alive
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; _ccpx=24bb11d37813091; _ccpx_24bb11d37813091=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 07:03:13 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24bb11d37813091
set-cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:13 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-kt46c:cc-nginx-f867f9bd7-kt46c
x-requestid: 7fed785c-cafc-46ed-9366-2cb17c55c9ba
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D6Hapy3JPQcFQ6WOsG949iSXxL7HDa7o2Qpuw5s8sMtnmGQ8pdMGzI9rgURWEHz%2BHAHmTlhsZxo02zYVNU6jL%2FNgTtueIrZ2jFj7AcC3CkuNfBGL8NvHvopov7Xnw5DktH6Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b55a80eb4fa-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=6.0.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
etag: W/"628f890e-ec"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=6.0.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-195e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-carousel.js?ver=6.0.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-carousel.js?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-carousel.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:04 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8910-151d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/embed/ppPWSl0Z7XE?t=1?wmode=transparent&autoplay=0&rel=0
216.58.207.238200 OK 0 B URL HTTP/2 www.youtube.com/embed/ppPWSl0Z7XE?t=1?wmode=transparent&autoplay=0&rel=0
IP 216.58.207.238:0
GET /embed/ppPWSl0Z7XE?t=1?wmode=transparent&autoplay=0&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Sep 2022 07:03:12 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=40y0rDbI3vQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=2m-ya9UiYLw; Domain=.youtube.com; Expires=Wed, 22-Mar-2023 07:03:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+471; expires=Sun, 22-Sep-2024 07:03:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://www.grandwelcomefranchise.com/wp-json/>; rel="https://api.w.org/", <https://www.grandwelcomefranchise.com/wp-json/wp/v2/pages/35>; rel="alternate"; type="application/json", <https://www.grandwelcomefranchise.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 5
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/awsm-team-pro/css/team.min.css?ver=1.11.0
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/awsm-team-pro/css/team.min.css?ver=1.11.0
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/awsm-team-pro/css/team.min.css?ver=1.11.0 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 14:05:16 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f891c-208dd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-2e5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-8eb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
js.hscollectedforms.net/collectedforms.js
104.17.131.171200 OK 0 B URL HTTP/2 js.hscollectedforms.net/collectedforms.js
IP 104.17.131.171:0
GET /collectedforms.js HTTP/1.1
Host: js.hscollectedforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.grandwelcomefranchise.com
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
etag: W/"7a468b833be86c01bc8dfd455308f792"
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 5d1a51a1eb09caa5b28051dd961c7c40.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-cf-id: tzQVyoVnKgmADWklf6Lc4_IvIRNJBnXSTV7TewbnA1Kr0vwCrAQ4DA==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74eea80b595135a7-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 74f16b51d8d50b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.remarketstats.com/px/smart/?c=24bb11d37813091
104.26.2.122302 Found 0 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24bb11d37813091
IP 104.26.2.122:0
GET /px/smart/?c=24bb11d37813091 HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?c=24bb11d37813091
x-frontend: cc-nginx-f867f9bd7-2jt5l:cc-nginx-f867f9bd7-2jt5l
x-requestid: 092bef20-6d9f-4f39-9237-649ffd613ce0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6c8SyGpwPPm6ggFecVD41Y7kErHzkiEV4xP3Ezjt7ErAh2uWf2zz4ufK7fYeflp0Rk9COWsYnOD8V2IAHu9POkGmGmI76CAnWhAxNvtSs7QkOKFQfpepO4kAiz0VpnQGduhN6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b4b480e1c0a-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.carouFredSel.js?ver=6.2.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.carouFredSel.js?ver=6.2.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.carouFredSel.js?ver=6.2.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-d3b0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-rev-styles.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-ad6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=6.0.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:13 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8919-e85"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/?c=24bb11d37813091
104.26.9.50200 OK 0 B URL HTTP/2 a.clickcertain.com/px/?c=24bb11d37813091
IP 104.26.9.50:0
GET /px/?c=24bb11d37813091 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcomefranchise.com/
Connection: keep-alive
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; _ccpx=24bb11d37813091; _ccpx_24bb11d37813091=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:14 GMT
content-type: text/javascript
set-cookie: _ccpx_24bb11d37813091=2; Expires=Sat, 23 Sep 2023 07:03:13 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:13 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx=24bb11d37813091; Expires=Sat, 23 Sep 2023 07:03:13 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-77djh:cc-nginx-f867f9bd7-77djh
x-requestid: 868a832f-560d-4757-97f4-52ed758730d3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIU5jechVOyHgtviD8OBLD3L0Dt5ctyLvc1zKBu31XakV5B12l5b7CDCyj2pUPLYuLFoIfyuAMQI%2FLdHYZtRH4A51oHBz1kk75hxhjdNyDk2eKYIm9lg4NMJMWclhJiWnSAqaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b57aa78b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/campaign-tracker/js/ct-front.js?ver=1657122758
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/campaign-tracker/js/ct-front.js?ver=1657122758
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/campaign-tracker/js/ct-front.js?ver=1657122758 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 15:52:38 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62c5afc6-21e5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 16:17:58 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6304fdb6-1f725"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-19d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:03 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890f-7b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/awb-off-canvas.js?ver=3.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/awb-off-canvas.js?ver=3.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/fusion-builder/assets/js/min/general/awb-off-canvas.js?ver=3.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:13 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8919-2bd5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/campaign-tracker/js/jquery.cookie.js?ver=1657122758
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/campaign-tracker/js/jquery.cookie.js?ver=1657122758
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/campaign-tracker/js/jquery.cookie.js?ver=1657122758 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:11 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 15:52:38 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62c5afc6-c44"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-d10"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
js.hs-scripts.com/7009096.js?integration=WordPress&ver=8.16.28
104.17.213.204200 OK 0 B URL HTTP/2 js.hs-scripts.com/7009096.js?integration=WordPress&ver=8.16.28
IP 104.17.213.204:0
GET /7009096.js?integration=WordPress&ver=8.16.28 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B3F0D15B8661CAD54FD3689BD5748B213D8804C42000000000000000000
cache-control: public, max-age=60
vary: Accept-Encoding
x-hubspot-correlation-id: 3f00ff7a-cff5-4454-a890-90ba2af12fe8
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.grandwelcomefranchise.com
last-modified: Fri, 23 Sep 2022 02:05:10 GMT
cf-cache-status: EXPIRED
expires: Fri, 23 Sep 2022 07:04:12 GMT
server: cloudflare
cf-ray: 74f16b4cfd23fac8-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/r/?ccid=2ac52792-aafd-4170-87b4-b8345ba3873f
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/r/?ccid=2ac52792-aafd-4170-87b4-b8345ba3873f
IP 104.26.9.50:0
GET /px/r/?ccid=2ac52792-aafd-4170-87b4-b8345ba3873f HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24bb11d37813091&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&cn=NO
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; _ccpx=24bb11d37813091; _ccpx_24bb11d37813091=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 07:03:14 GMT
content-type: text/html
location: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=2ac52792-aafd-4170-87b4-b8345ba3873f&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d2ac52792%25252daafd%25252d4170%25252d87b4%25252db8345ba3873f%252526anx_uId%25253d%252524UID
set-cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:14 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-2khjm:cc-nginx-f867f9bd7-2khjm
x-requestid: 41bc7910-7d80-4983-9800-0f4af2ef3c32
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FOIWqtGP9uOjaDzxfU5c40QndLoV9xnXoElViRb8xu4kcgzUa3eaRrydfncDofsAZnDhsdQlYcohCFiW8cJbpUJIEkmUwXwAr%2B9GJyBJ5bOBIjPKxCGUAkz0RVDEVp6FLK9nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b5b6f36b4fa-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-17b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.css
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:03:13 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"632c9c26-464c"
last-modified: Thu, 22 Sep 2022 17:32:22 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 459
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/22/2022 17:32:51
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a6d92c6458205a423d0993ad85641555
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d2ac52792%252daafd%252d4170%252d87b4%252db8345ba3873f%2526anx_uId%253d%2524UID&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d2ac52792%252daafd%252d4170%252d87b4%252db8345ba3873f%2526anx_uId%253d%2524UID&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f
IP 104.26.9.50:0
GET /px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d2ac52792%252daafd%252d4170%252d87b4%252db8345ba3873f%2526anx_uId%253d%2524UID&ccid=2ac52792-aafd-4170-87b4-b8345ba3873f HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; _ccpx=24bb11d37813091; _ccpx_24bb11d37813091=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 07:03:15 GMT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f%26anx_uId%3d%24UID
set-cookie: _ccpx_u=2ac52792%2daafd%2d4170%2d87b4%2db8345ba3873f; Expires=Sat, 23 Sep 2023 07:03:15 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-f867f9bd7-nv82k:cc-nginx-f867f9bd7-nv82k
x-requestid: 67675e2b-bb7a-4797-97b6-51e9e4b4695f
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riXsVSLf5lnyKhNST80i4llck2pbS3r%2BqLfIa05bkDd%2BHL9xKxPFO91H3EzJfJcLDNpgoMwNaHzjB3h2jhvOve56n5cVRr%2BqcON49GdAQ42eSSIa%2BQnTNIiKhXGDRzJ4%2FKpH3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f16b622f64b4fa-OSL
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-3b1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-youtube.js?ver=2.2.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-youtube.js?ver=2.2.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-youtube.js?ver=2.2.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-10c3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f890e-1f7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.7.1
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.7.1
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.7.1 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:10 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f8916-5c0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=6.0.2
104.196.136.213200 OK 0 B URL HTTP/2 www.grandwelcomefranchise.com/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=6.0.2
IP 104.196.136.213:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcomefranchise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcomefranchise.com/?msID=24d79a3e-3a3f-44e9-a70d-11bea3d5b638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:03:12 GMT
content-type: application/javascript
last-modified: Thu, 26 May 2022 14:05:14 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"628f891a-70c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2