firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 00:15:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lT4ud6uO4_ZnQpIrO-WhPhrJUHYOmRxO0vrzCTeaDAVLq-earObHag==
Age: 2945
w1.mssxhb.com/prod/e56683ce-fb04-41d6-9018-1972bcc0a201/9cd466f3-ab9b-48e7-9439-28781a5dea4a
34.204.222.45302 Found 182 B URL HTTP/1.1 w1.mssxhb.com/prod/e56683ce-fb04-41d6-9018-1972bcc0a201/9cd466f3-ab9b-48e7-9439-28781a5dea4a
IP 34.204.222.45:0
File type HTML document, ASCII text, with no line terminators
Hash b48236440d8cbabcf197bbb73ddfec15
3fc798ee13416077ed7ea309e1826dee42bc3ad1
ec57b14cd07e270f97af0108505352b98c8942285b935bb2938e577d685039d9
Analyzer Verdict Alert fortinet Phishing
GET /prod/e56683ce-fb04-41d6-9018-1972bcc0a201/9cd466f3-ab9b-48e7-9439-28781a5dea4a HTTP/1.1
Host: w1.mssxhb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 28 Sep 2022 01:04:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 182
Connection: keep-alive
X-Powered-By: Express
Location: http://www.grandwelcome.com?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Vary: Accept
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2382
Expires: Wed, 28 Sep 2022 01:44:22 GMT
Date: Wed, 28 Sep 2022 01:04:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x4K9Yfl9hEE31QSOF-AY2ryw3V43YukSQGmPlpF6wLupEh_8PFFsnA==
age: 56427
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
35.229.52.16301 Moved Permanently 162 B URL HTTP/1.1 www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
IP 35.229.52.16:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 01:04:41 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 00:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 00:12:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L_mrrKLDW8pPfbKBeOuY1plRgHw3ah16q4bcPt-Swt2fhFLMTgUrug==
Age: 3235
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:41 GMT
Last-Modified: Tue, 27 Sep 2022 23:18:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js?ver=6.0.2
151.101.85.229200 OK 7.4 kB URL HTTP/2 cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js?ver=6.0.2
IP 151.101.85.229:0
File type ASCII text, with very long lines (32269)
Hash 287abfa083ebe2026a7202466bf9d5fb
539b66f7fd1f648756615ebd58e740e3eab658ea
5ff9892257544a8b12ae475dd5e65fb99004f8b94cbc784566eb46c7f3ff2c90
GET /npm/daterangepicker/daterangepicker.min.js?ver=6.0.2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.1.0
x-jsd-version-type: version
etag: W/"7f60-yn4DlHkED3KaP/biww3JCbN4kvM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 01:04:41 GMT
age: 7716
x-served-by: cache-fra19138-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7409
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css?ver=6.0.2
151.101.85.229200 OK 1.6 kB URL HTTP/2 cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css?ver=6.0.2
IP 151.101.85.229:0
File type ASCII text, with CRLF line terminators
Hash f4635bd71bfbcd97a6080b4aa529979a
36e94cac9540fde52845762ec820c2f84fe111d4
495596f0c3d2598399fb68b56afefa93538a412398eca989e66fdd259279969f
GET /npm/daterangepicker/daterangepicker.css?ver=6.0.2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.1.0
x-jsd-version-type: version
etag: W/"1f85-jqRIojRLzDZKkujJKC/BWFh0US4"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 01:04:41 GMT
age: 40775
x-served-by: cache-fra19152-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1621
X-Firefox-Spdy: h2
cdn.jsdelivr.net/momentjs/latest/moment.min.js?ver=6.0.2
151.101.85.229200 OK 17 kB URL HTTP/2 cdn.jsdelivr.net/momentjs/latest/moment.min.js?ver=6.0.2
IP 151.101.85.229:0
File type ASCII text, with very long lines (32013)
Hash 7c2a985aa04f3f6c9cec051590ecc2e8
197f27554cd3f0cf6622f51a68f992d331a394e4
056d13be13f0210141b3933d1b8805fa2b80870429aab81dbb2f0ce73c2bb797
GET /momentjs/latest/moment.min.js?ver=6.0.2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"c909-Mv32cwvjRTjgk3jsbMVSKdmnAVE"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 01:04:41 GMT
age: 10085238
x-served-by: cache-fra19162-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17022
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tMj4xVMdaJObOr5JLVVRrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kHskp6vYsOKv/SvVARQt5ABJjkE=
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 5da2ae9a3c13aab4665d07d2f2d55c32
acced449330a7c08e42c047b049844b912c1dd2d
d0bbeef585a192d51153f2058d4096950f81b2b8a28ad283fcbd5af78ecb92fb
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:04:42 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FAB6895B9BC2B0E6FA826B67657E9F0EB893437F"
Expires: Wed, 28 Sep 2022 12:00:00 GMT
Last-Modified: Wed, 28 Sep 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 283
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751891068f530afe-OSL
maps.googleapis.com/maps/api/js?key=AIzaSyDndmshcnPIQRztCwnbTGqGPuWvwIJ9BD8&ver=6.0.2
142.250.74.138200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyDndmshcnPIQRztCwnbTGqGPuWvwIJ9BD8&ver=6.0.2
IP 142.250.74.138:0
File type ASCII text, with very long lines (2453)
Hash a71f27355683f4159d6935b0c9b39234
d3f1cd957f52e0f3cf6f316a48b28159e2dbd0ab
2e5a4e6b78642a1ca6a8f784d9142269e51bf1419e61fb8832cbb89fce7e6aa6
GET /maps/api/js?key=AIzaSyDndmshcnPIQRztCwnbTGqGPuWvwIJ9BD8&ver=6.0.2 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Wed, 28 Sep 2022 01:04:41 GMT
expires: Wed, 28 Sep 2022 01:34:41 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54037
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mypopups.com/api/embed/element?sub=46a78cee-23ca-11ed-a5c3-005056008dab-gqiqgmlpik
104.21.31.95200 OK 0 B URL HTTP/2 mypopups.com/api/embed/element?sub=46a78cee-23ca-11ed-a5c3-005056008dab-gqiqgmlpik
IP 104.21.31.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/embed/element?sub=46a78cee-23ca-11ed-a5c3-005056008dab-gqiqgmlpik HTTP/1.1
Host: mypopups.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private, max-age=31536000
set-cookie: XSRF-TOKEN=eyJpdiI6IlRROXJwbHFhTVNxV01TQXh1NTJwXC9BPT0iLCJ2YWx1ZSI6IjVtRDRSUHZ1TmFPOVFnV3AwQ2h6cHVSUU5ZekJ4aWZGTXBvRTJ0eW5iQW1jTkluV1hVck1Sb29zV1V4UEpSa3QiLCJtYWMiOiI0ZGVlOTkwYWNjNzMzNDU5MDc5ZjZiNjg4ZWZiNDQxM2I0YmMzOWI3YjJjMDY4MGNkZmNiNzkxZTBmMTljZWMyIn0%3D; expires=Wed, 28-Sep-2022 13:04:42 GMT; Max-Age=43200; path=/; secure; samesite=none
mypopups_session=yIaAvs3Td4nihNV4MQKJazlugMvSxdIlY6KR7obz; expires=Wed, 28-Sep-2022 13:04:42 GMT; Max-Age=43200; path=/; secure; samesite=none
expires: Thu, 28 Sep 2023 01:04:42 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJ5OsZu6AFFM6LZT%2BX6vo5mzm9Wx3dxGNR143bOQBdeGduYP4ZwUV%2FKwY4dFtMjBK9lOuGGtveghJ2Ydj6zh0%2FptAGGzWw91YjKzECaSqCfzrzv%2BWLeXIEV7unV5ybE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75189105fb00b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash c3002e9ed3cb68e4c88f2fcee5b44b8c
18da94f67ebfe69160edbebd47033098cefc74cc
e492935394c8a2d98df8494e00c941de0ca49618ef91bdb7a853f11c7a8b2a04
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 01:04:42 GMT
Last-Modified: Tue, 27 Sep 2022 23:25:03 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1FASWVHa847jwgNMYvlugZvzS-YZXjgtqRBzmDu6ayTPCf7ozy0Kmg==
Age: 5979
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 68e722fd326e121489fe9fe2b7bb5c88
0f4a9c9fc16470dfeaacde72051aacbfedae0b5b
497c169a82b367009bd3cf1b06a79aa2a46687702f0d0cef00d292d053949092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 01:04:42 GMT
Last-Modified: Wed, 28 Sep 2022 00:07:46 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fsXVizP7OP3KDAR2Xpjzshc-MQZrTHv-ixvVlRMo8o9iY_8fHy0fEg==
Age: 3416
media.campaigner.com/csb/app_themes/lightning/common/fonticons.css
23.36.77.202200 OK 4.2 kB URL HTTP/1.1 media.campaigner.com/csb/app_themes/lightning/common/fonticons.css
IP 23.36.77.202:0
ASN #20940 Akamai International B.V.
Hash b0dd472b68b0d1c7f6372a47fbd1725e
54c59160d1b1ff4d2098f98629a69b8e60184b9d
27ff5a17e0f8c7de89794d31ba1129255b11ba5784503aff400a1aa9fdec1a97
GET /csb/app_themes/lightning/common/fonticons.css HTTP/1.1
Host: media.campaigner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 27 Jul 2022 09:54:58 GMT
Accept-Ranges: bytes
ETag: "f9e996ee9ea1d81:0"
Server: 6666
Access-Control-Allow-Headers: content-type,soapaction,x-requested-with
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, POST
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Date: Wed, 28 Sep 2022 01:04:42 GMT
Content-Length: 4195
Connection: keep-alive
unpkg.com/@google/markerclustererplus@4.0.1/dist/markerclustererplus.min.js
104.16.124.175200 OK 6.3 kB URL HTTP/2 unpkg.com/@google/markerclustererplus@4.0.1/dist/markerclustererplus.min.js
IP 104.16.124.175:0
File type ASCII text, with very long lines (18023)
Hash 4fbadadd110bc78a89088b4ee36cf00b
65e36e8a3d106a1f6b86d19fa783b63ec38d4b1a
7c22f20e53ea9c91e8f328e72e81fd523926fa38684079480b81ca10be7271c3
GET /@google/markerclustererplus@4.0.1/dist/markerclustererplus.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"469c-uGih++XXwjeaG8JIcjP81dlS6Vo"
via: 1.1 fly.io
fly-request-id: 01G2E58KM2YCWKCMJDTF4YA23Q-fra
cf-cache-status: HIT
age: 12436903
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75189105fc011c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
img.trackhs.com/x1080/https://track-pm.s3.amazonaws.com/gw/image/3988bafa-b962-45bf-9944-7d0050f3a38e
54.230.111.9200 OK 491 kB URL HTTP/2 img.trackhs.com/x1080/https://track-pm.s3.amazonaws.com/gw/image/3988bafa-b962-45bf-9944-7d0050f3a38e
IP 54.230.111.9:0
File type JPEG image data, baseline, precision 8, 1623x1080, components 3\012- data
Size 491 kB (491231 bytes)
Hash 90e986d4c309a4e040d46f3cff5e7ebb
0919e8443998d3c8fc8d2521ac8684bdbe650740
f51ef47ad9d34fedd71dc98bb9b1e09571a59a265a3cef8511aeacff48e280c3
GET /x1080/https://track-pm.s3.amazonaws.com/gw/image/3988bafa-b962-45bf-9944-7d0050f3a38e HTTP/1.1
Host: img.trackhs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 491231
date: Fri, 19 Aug 2022 09:27:11 GMT
access-control-allow-origin: *
content-security-policy: script-src 'none'
etag: "8a424923f3163ceb68bc8eb17189a14f"
last-modified: Mon, 24 Jan 2022 18:06:17 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f6_Z-y_9eLc4SNRlxtFkEWQsxQONks6DqQ1oH7xqCdPRmJwxNOtn5A==
age: 3425851
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.trackhs.com/x1080/https://track-pm.s3.amazonaws.com/gw/image/afad06b9-8848-47ff-ba73-1526902dcf50
54.230.111.9200 OK 680 kB URL HTTP/2 img.trackhs.com/x1080/https://track-pm.s3.amazonaws.com/gw/image/afad06b9-8848-47ff-ba73-1526902dcf50
IP 54.230.111.9:0
File type JPEG image data, baseline, precision 8, 1621x1080, components 3\012- data
Size 680 kB (679566 bytes)
Hash 5b02be9bd84569415d05559e855efc1b
711f9413b4a0fa616942c23b214d45a329e3abc2
7f775274a68d5aa180afc61fd422365c99ed5e9050ce3e2ea6ae6beb046e1a81
GET /x1080/https://track-pm.s3.amazonaws.com/gw/image/afad06b9-8848-47ff-ba73-1526902dcf50 HTTP/1.1
Host: img.trackhs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 679566
date: Mon, 29 Aug 2022 09:48:15 GMT
access-control-allow-origin: *
content-security-policy: script-src 'none'
etag: "9855763b8a30bfc776ff3d403e295061"
last-modified: Tue, 05 Apr 2022 19:38:29 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UOIXqUiCf24Z1HflwNyiw8W2LCTdamIBKbpx0Pc7F_dqLqnEWE2IPg==
age: 2560587
X-Firefox-Spdy: h2
img.trackhs.com/x1080/https://track-pm.s3.amazonaws.com/gw/image/52a23a8a-8b31-42ff-a294-3d73c48e8742
54.230.111.9200 OK 863 kB URL HTTP/2 img.trackhs.com/x1080/https://track-pm.s3.amazonaws.com/gw/image/52a23a8a-8b31-42ff-a294-3d73c48e8742
IP 54.230.111.9:0
File type JPEG image data, baseline, precision 8, 1619x1080, components 3\012- data
Size 863 kB (862944 bytes)
Hash c380106239ecd3151b8cfdbb3bfbb212
43158e14253dfc6b5d0ececa88e2b3067564f695
933b3b7155f70a9ac4108af146b6a70a1dea75e5361be700412b4c1f86503a6a
GET /x1080/https://track-pm.s3.amazonaws.com/gw/image/52a23a8a-8b31-42ff-a294-3d73c48e8742 HTTP/1.1
Host: img.trackhs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 862944
date: Mon, 29 Aug 2022 09:48:14 GMT
access-control-allow-origin: *
content-security-policy: script-src 'none'
etag: "96add503a425cf78da0d39cb725654cc"
last-modified: Sat, 21 May 2022 00:50:25 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KMSxXADsBZksiXQkz3-eBNE0-j_HmW1NqC80tfVUzqDyIAfeR7dAZQ==
age: 2560588
X-Firefox-Spdy: h2
img.trackhs.com/x1080/https://track-pm.s3.amazonaws.com/gw/image/3b92296f-4b51-4bbe-8a8b-7b2bc57bddfe
54.230.111.9200 OK 1.3 MB URL HTTP/2 img.trackhs.com/x1080/https://track-pm.s3.amazonaws.com/gw/image/3b92296f-4b51-4bbe-8a8b-7b2bc57bddfe
IP 54.230.111.9:0
File type JPEG image data, baseline, precision 8, 1440x1080, components 3\012- data
Size 1.3 MB (1272646 bytes)
Hash 27f96ed78b2a8a390098acadc385586d
6077ffdc16f9e271a5404e0f9b9da583b827c505
ae826fe2d338819519812ba5305e3e602f86dcab9ba7ccc113d4bc1e3e411c9a
GET /x1080/https://track-pm.s3.amazonaws.com/gw/image/3b92296f-4b51-4bbe-8a8b-7b2bc57bddfe HTTP/1.1
Host: img.trackhs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1272646
date: Mon, 29 Aug 2022 11:40:52 GMT
access-control-allow-origin: *
content-security-policy: script-src 'none'
etag: "9b35c4695743e925a7ba09bbd2b092ee"
last-modified: Fri, 17 Jun 2022 16:07:25 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Idwu7igfmSbLAeAOQfzjunEUD2YyKPe8UHalK5Xj-f6DxkxjznWQNg==
age: 2553830
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/07/affirm-logo.png
35.229.52.16200 OK 576 B URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/07/affirm-logo.png
IP 35.229.52.16:0
File type PNG image data, 61 x 25, 8-bit colormap, non-interlaced\012- data
Hash 0d56bbfbb5427dc357425b7279c4676f
780a7af38618f9cbac71f46bbe06e598eec4e883
bb370a44293abb22b1fbf64469555b7634d6f5b54a080800279cfb9f747ae9ad
GET /wp-content/uploads/2021/07/affirm-logo.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: image/png
content-length: 576
last-modified: Thu, 22 Sep 2022 15:25:41 GMT
etag: "632c7e75-240"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2022/08/Austin-Texas-Waterfall-600x400.jpg
35.229.52.16200 OK 63 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/08/Austin-Texas-Waterfall-600x400.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash a8dc3b0c8e9f6cbf352ed079e4174c59
ec4b59ae17d5dafceb034244223f8c1d1e32822a
1f77615bbb8f1fd6d546c540b6a50e9e200b9a5f379f6ed4ce3004d841287a99
GET /wp-content/uploads/2022/08/Austin-Texas-Waterfall-600x400.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: image/jpeg
content-length: 62821
last-modified: Thu, 22 Sep 2022 15:25:03 GMT
etag: "632c7e4f-f565"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 68e722fd326e121489fe9fe2b7bb5c88
0f4a9c9fc16470dfeaacde72051aacbfedae0b5b
497c169a82b367009bd3cf1b06a79aa2a46687702f0d0cef00d292d053949092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 01:04:42 GMT
Etag: "63323be0-1d7"
Server: ECS (dcb/7FA8)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Db_hqpgGGhi1JmPX2wTJbfrYNzbVgQVHt6PT8Xgak-7qmMJijeihcw==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 68e722fd326e121489fe9fe2b7bb5c88
0f4a9c9fc16470dfeaacde72051aacbfedae0b5b
497c169a82b367009bd3cf1b06a79aa2a46687702f0d0cef00d292d053949092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 01:04:42 GMT
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gYp2tzrJphyM5TvAoyjG_11eidPrbVVpMCFVa0L_DDFzODgHnaw_Ew==
www.google.com/recaptcha/api.js?render=6LdUfOkcAAAAANtnQAMz9ovgcRu1bLYdlbsOeFd3&ver=3.0
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdUfOkcAAAAANtnQAMz9ovgcRu1bLYdlbsOeFd3&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 04ed9e0cc104cc99d7482dc7ebf3b7c1
30c3244b1c3025cb20daf2f9569aaf51726fe0d0
38f38950423db76ebf58d564e16e1170616cb11cff996a32a0a21faff8a843d1
GET /recaptcha/api.js?render=6LdUfOkcAAAAANtnQAMz9ovgcRu1bLYdlbsOeFd3&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 01:04:42 GMT
date: Wed, 28 Sep 2022 01:04:42 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 68e722fd326e121489fe9fe2b7bb5c88
0f4a9c9fc16470dfeaacde72051aacbfedae0b5b
497c169a82b367009bd3cf1b06a79aa2a46687702f0d0cef00d292d053949092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 01:04:42 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u379M6wNyAOLDWuKt8bYIVWvm92ot7hHit6gzh5rhza-gtCsqnZD_g==
www.grandwelcome.com/wp-content/uploads/2022/07/Tampa-Vacation-Home-Rentals-600x400.jpg
35.229.52.16200 OK 50 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/07/Tampa-Vacation-Home-Rentals-600x400.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 0debe9982f127c20814f2328b70bbb21
4464cab259ec93d6c8cdc4a283f09d61e3c2f522
e73910d051bac95565d8d13b96d75ee7fbba8c4cad6b680c3dd5d1a5f07232b4
GET /wp-content/uploads/2022/07/Tampa-Vacation-Home-Rentals-600x400.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: image/jpeg
content-length: 49727
last-modified: Thu, 22 Sep 2022 15:24:28 GMT
etag: "632c7e2c-c23f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/Property-Management-Tips-5-Ways-to-Make-Your-Nashville-TN-Rental-Stand-Out-img.jpg
35.229.52.16200 OK 59 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/Property-Management-Tips-5-Ways-to-Make-Your-Nashville-TN-Rental-Stand-Out-img.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x288, components 3\012- data
Hash e979d9ed6a7556d9e6d796a8595645cd
ed6f80b24672d69b3d7d01987d2f4de12d97c4e4
66e590b18cd5179de1e956990143ebecd54aa4d950204249e1a13a521c572c97
GET /wp-content/uploads/2021/08/Property-Management-Tips-5-Ways-to-Make-Your-Nashville-TN-Rental-Stand-Out-img.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 59164
last-modified: Fri, 27 Aug 2021 16:30:41 GMT
etag: "61291331-e71c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/Discover-the-Best-Places-to-Go-Whale-Watching-near-Newport-Beach-img.jpg
35.229.52.16200 OK 48 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/Discover-the-Best-Places-to-Go-Whale-Watching-near-Newport-Beach-img.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x342, components 3\012- data
Hash e628a993877ed4c2b90770a7d5b752a1
f2a5b3a602d8acb3a2edced8af8851e982233ed7
837c3e591ebf5c217db99c2588e6c3ee1cb2824370c46d8ba7020a431405aaac
GET /wp-content/uploads/2021/08/Discover-the-Best-Places-to-Go-Whale-Watching-near-Newport-Beach-img.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 48146
last-modified: Fri, 27 Aug 2021 16:26:25 GMT
etag: "61291231-bc12"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2022/03/l1GZNvJ0.png
35.229.52.16200 OK 26 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/03/l1GZNvJ0.png
IP 35.229.52.16:0
File type PNG image data, 556 x 466, 8-bit/color RGBA, non-interlaced\012- data
Hash d10aaf90a435e05edaa576cff4b3f968
5703c8d9d138921d646db29b0c9b3cd495104910
a21b19b471ce23b4674a432c9828b00c8ad8e729f61de6cdb849f0e5144e7961
GET /wp-content/uploads/2022/03/l1GZNvJ0.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/png
content-length: 26439
last-modified: Tue, 29 Mar 2022 14:50:05 GMT
etag: "62431c9d-6747"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/austin.png
35.229.52.16200 OK 129 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/austin.png
IP 35.229.52.16:0
File type PNG image data, 631 x 400, 8-bit colormap, non-interlaced\012- data
Size 129 kB (128868 bytes)
Hash fabf958fbf732fe9baa44fc61b037450
ce960b36be7c7d84ca625f86e7b3bacd45ac0b03
4859e458da70f340d216552f1c526ea4bd56e23a6288ac51a65f4155ecab2897
GET /wp-content/uploads/2021/08/austin.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: image/png
content-length: 128868
last-modified: Fri, 13 Aug 2021 16:49:05 GMT
etag: "6116a281-1f764"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 107a19f3cc476ecb8cf8a7ceea68b77d
0e81e3a9f72d7323732be05545597bc629b5b06d
2b3dc8df7e1b70c9e777e396e626d9d9dd474478da6efb88b9955678ae34c274
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:04:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:02:33 GMT
Expires: Mon, 03 Oct 2022 06:02:32 GMT
Etag: "0e81e3a9f72d7323732be05545597bc629b5b06d"
Cache-Control: max-age=449269,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75189108984db51d-OSL
www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_01.jpg
35.229.52.16200 OK 11 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_01.jpg
IP 35.229.52.16:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 341x130, components 3\012- data
Hash a7522ae9f4cef124882ab77dcd6d9f49
ce36717f48f2d79f5946ce22e9c109799dc7b90e
7ee6fb27e069d1c825dce154db8e66b13a650cba2637da909d6fc738aa179d13
GET /wp-content/uploads/2021/08/proof-logos_01.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 10770
last-modified: Tue, 24 Aug 2021 14:13:07 GMT
etag: "6124fe73-2a12"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_02.jpg
35.229.52.16200 OK 6.3 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_02.jpg
IP 35.229.52.16:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 341x130, components 3\012- data
Hash eed445b93bfb2bdf956c33e9b2102824
5bf35f4784693160d858b92f259acab299cb6acc
aac13a554b3adc5cdd8a7cdfd8d7c9cf6de3a7f37283159d9130c8839e432fd2
GET /wp-content/uploads/2021/08/proof-logos_02.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 6310
last-modified: Tue, 24 Aug 2021 14:13:08 GMT
etag: "6124fe74-18a6"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_03.jpg
35.229.52.16200 OK 6.1 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_03.jpg
IP 35.229.52.16:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 342x130, components 3\012- data
Hash 8c63013c746753cfbb19517ebcae3743
c86455e1680f392d89df23335c4fa009f46f5ee2
9af34ad905a2ef201d13a0c785a8d617bf8ccbdc2eebbf720d7024e078392e51
GET /wp-content/uploads/2021/08/proof-logos_03.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 6062
last-modified: Tue, 24 Aug 2021 14:13:08 GMT
etag: "6124fe74-17ae"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_05.jpg
35.229.52.16200 OK 6.3 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_05.jpg
IP 35.229.52.16:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 341x130, components 3\012- data
Hash 525c4322b560fdb8dbc1cd9d39126f1b
411cf4d6b74bed20f20c90e7c71b06eeabd311d6
1da7ee30ba273a3df971051b9e66d0120f000ce0d8ec9b088c728993a66740ad
GET /wp-content/uploads/2021/08/proof-logos_05.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 6345
last-modified: Tue, 24 Aug 2021 14:13:10 GMT
etag: "6124fe76-18c9"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2022/08/Museums-in-Tampa.jpg
35.229.52.16200 OK 92 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/08/Museums-in-Tampa.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3\012- data
Hash a86a2b29b8bf5fb394ce1ba33c89d95b
b16d43253963b626f2ff36ea3669fe7d3d8cfee3
655d69113d68bb24beb81b0362e4fc97c8611cb5baa5434068cd253399b520ba
GET /wp-content/uploads/2022/08/Museums-in-Tampa.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 91474
last-modified: Mon, 08 Aug 2022 14:16:16 GMT
etag: "62f11ab0-16552"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2022/08/Austin-Texas-Waterfall.jpg
35.229.52.16200 OK 152 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/08/Austin-Texas-Waterfall.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3\012- data
Size 152 kB (151828 bytes)
Hash 5bd0244eead1c2e8a314c9a6cffa878a
7147b8dece7191d4ebfa7d71dc53a1abed6f0c19
350ea01deae2c2d68eb2ac162987fb017ddc6c2e845103259b4feb88b3d2fb8e
GET /wp-content/uploads/2022/08/Austin-Texas-Waterfall.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 151828
last-modified: Mon, 08 Aug 2022 14:09:44 GMT
etag: "62f11928-25114"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2022/07/Tampa-Vacation-Home-Rentals.jpg
35.229.52.16200 OK 127 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/07/Tampa-Vacation-Home-Rentals.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3\012- data
Size 127 kB (127235 bytes)
Hash 5a6b14edea588c7ed5a50e25227ed3cb
179d7076120f8990ff68ee3be803177e740fa900
2b7393e9804f248de4b10760c3d28d6989553b868ba3220bb9bbf9183e61c2e0
GET /wp-content/uploads/2022/07/Tampa-Vacation-Home-Rentals.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 127235
last-modified: Tue, 12 Jul 2022 13:46:40 GMT
etag: "62cd7b40-1f103"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn1.affirm.com/js/v2/affirm.js
151.101.130.133200 OK 92 kB URL HTTP/2 cdn1.affirm.com/js/v2/affirm.js
IP 151.101.130.133:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8de37082e5dc3a120b12998f70487dc4
c531dd3ced6bb297dd861169e465de9306fb03b8
328407d8264da44e8cc76c9e34071865983c77c1e8d4d960029474c37c80df19
GET /js/v2/affirm.js HTTP/1.1
Host: cdn1.affirm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: istio-envoy
last-modified: Tue, 19 Jul 2022 20:59:34 GMT
etag: W/"56a1dbb3367b8ddb6d30c622ef60c0b6"
cache-control: max-age=1800, stale-while-revalidate=259200, public
x-affirm-request-id: 0c94d5f4-3122-44a3-c41b-e62fb4cc37d6
x-affirm-cache-status: HIT
link: <https://cdn1.affirm.com>; rel=preconnect; crossorigin, <https://cdn1.affirm.com>; rel=preconnect, <https://cdn-assets.affirm.com>; rel=preconnect; crossorigin, <https://cdn-assets.affirm.com>; rel=preconnect, <https://cdnjs.cloudflare.com>; rel=preconnect; crossorigin, <https://cdnjs.cloudflare.com>; rel=preconnect
access-control-allow-origin: *
timing-allow-origin: *
content-encoding: br
x-envoy-upstream-service-time: 449
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 Sep 2022 01:04:42 GMT
age: 764
x-served-by: cache-iad-kcgs7200129-IAD, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 9
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 92546
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2022/01/Untitled-design-5.png
35.229.52.16200 OK 387 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/01/Untitled-design-5.png
IP 35.229.52.16:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 387 kB (387382 bytes)
Hash 39c2c2b6452e6323426fe14ed5449d02
eba27cadf42c68f2721ef0724721737d08032752
bac4141fa20a01ae6ba5f770c4569927dda263d23f96630f5d965e5784f41609
GET /wp-content/uploads/2022/01/Untitled-design-5.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/png
content-length: 387382
last-modified: Tue, 04 Jan 2022 22:00:17 GMT
etag: "61d4c371-5e936"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
conversiontracking.campaigner.com/js.min.js
216.24.224.82200 OK 2.2 kB URL HTTP/1.1 conversiontracking.campaigner.com/js.min.js
IP 216.24.224.82:0
File type C source, ASCII text, with very long lines (6842), with no line terminators
Hash c1317c2875f51d627dd345a45d77c999
8195c24213d1ac94a0e0d12241921d6490b472eb
015758e34f5bb0e9728730e74619971a24c11b48ce1bfef71bc625ac0b806a7b
GET /js.min.js HTTP/1.1
Host: conversiontracking.campaigner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.2
Date: Wed, 28 Sep 2022 01:04:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=86400
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
media.campaigner.com/media/76/769839/Website%20Images%20%20(2)%20copy.jpg?g=1661377240791
23.36.77.202200 OK 44 kB URL HTTP/1.1 media.campaigner.com/media/76/769839/Website%20Images%20%20(2)%20copy.jpg?g=1661377240791
IP 23.36.77.202:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Canva], baseline, precision 8, 934x415, components 3\012- data
Hash c8e50f3e8fca7f9d1e3af2d44d46bbf8
7934f207a36d67a63e233beb2ac848cc0a9b5ce1
8ca9489cc95e3e1492bfdebb16e2ad51a91db0f82b55edfd1ca069d0331167f9
GET /media/76/769839/Website%20Images%20%20(2)%20copy.jpg?g=1661377240791 HTTP/1.1
Host: media.campaigner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 24 Aug 2022 21:40:27 GMT
Accept-Ranges: bytes
ETag: "311efb1f2b8d81:0"
Server: 2222
Access-Control-Allow-Headers: content-type,soapaction,x-requested-with
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, POST
Access-Control-Allow-Origin: *
Content-Length: 43644
Strict-Transport-Security: max-age=157680000
Cache-Control: max-age=3600
Date: Wed, 28 Sep 2022 01:04:42 GMT
Connection: keep-alive
www.grandwelcome.com/wp-content/uploads/2021/08/Untitled-design-9.png
35.229.52.16200 OK 541 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/Untitled-design-9.png
IP 35.229.52.16:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 541 kB (541231 bytes)
Hash e20288348ccddb6bbb9920c10cfaab7a
7cc579ff8b8e08d37a64657de67b12b6d32ca001
66d057aab32cae2be906ec5552110d754148a8febc9f3009928808eb370b560d
GET /wp-content/uploads/2021/08/Untitled-design-9.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: image/png
content-length: 541231
last-modified: Thu, 10 Mar 2022 16:35:16 GMT
etag: "622a28c4-8422f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grandwelcome.com/wp-content/uploads/2022/03/AChangingBranson_AerialShot_CO_BransonLakesArea.original.jpg
35.229.52.16200 OK 724 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/03/AChangingBranson_AerialShot_CO_BransonLakesArea.original.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1099, components 3\012- data
Size 724 kB (724135 bytes)
Hash f229a23ea35d029ede185168fa9cf2a0
d9800b49bd59e607a6944d75d8b46cb584eb0d0a
1e7057c30c397c3318c3c2cd0977ab2b13ed6cfb95755a73491128ee37176fce
GET /wp-content/uploads/2022/03/AChangingBranson_AerialShot_CO_BransonLakesArea.original.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: image/jpeg
content-length: 724135
last-modified: Wed, 30 Mar 2022 19:12:23 GMT
etag: "6244ab97-b0ca7"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/genesis-blocks/dist/blocks.style.build.css?ver=1663859338
35.229.52.16200 OK 549 kB URL HTTP/2 www.grandwelcome.com/wp-content/plugins/genesis-blocks/dist/blocks.style.build.css?ver=1663859338
IP 35.229.52.16:0
File type ASCII text, with very long lines (7559)
Size 549 kB (549250 bytes)
Hash fdeb49c93df7fa769ff586a844a06ede
8ddaaec71788078c2204945cbfd35f62261ddc18
d76c26bd9bcbd2dfe4fbeb5b6b10fecf6bbeb19efb3c7809c1d160467c208df3
GET /wp-content/plugins/genesis-blocks/dist/blocks.style.build.css?ver=1663859338 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 15:08:58 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a8a-b21f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/Ft.Myers2_.jpg
35.229.52.16200 OK 1.0 MB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/Ft.Myers2_.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 2500x1500, components 3\012- data
Size 1.0 MB (1028131 bytes)
Hash 4c4fa5ae0046639e684b6c59ae565db4
50fc95845e2a8fad17579a5f34d9d4cdb4865d71
09e39e70d6177e1b760e521b67ed2cf55d1c431cb613cee1362c29f2f7475b37
GET /wp-content/uploads/2021/08/Ft.Myers2_.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: image/jpeg
content-length: 1028131
last-modified: Fri, 27 Aug 2021 21:58:30 GMT
etag: "61296006-fb023"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=e122aaff
35.229.52.16200 OK 28 kB URL HTTP/2 www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=e122aaff
IP 35.229.52.16:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f1974381a011f96691cd4c56f1fd0bf2
d6007be4c23a41be23e44282d435a4b7e45ccb1c
0cc4fae8eb698d47934327603309db94d068e2b14874b7bd54524f069d187aa1
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=e122aaff HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:08:38 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a76-1bb0d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/js/home.js?ver=1.0.0
35.229.52.16200 OK 685 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/js/home.js?ver=1.0.0
IP 35.229.52.16:0
File type ASCII text, with CRLF line terminators
Hash cf894bba4dbb4baf60a7af64ef68bfdf
dd18041c3af37fc16db404ddacc30982bf1aedf7
3789b57c1ee2865904c4041b7b559b1ae75730991406caa1c9b59f7b77fde9bf
GET /wp-content/themes/altitude-pro/js/home.js?ver=1.0.0 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:48:14 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88bde-1ce"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.grandwelcome.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 538423
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_04.jpg
35.229.52.16200 OK 7.7 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/proof-logos_04.jpg
IP 35.229.52.16:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /wp-content/uploads/2021/08/proof-logos_04.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 5937
last-modified: Tue, 24 Aug 2021 14:13:09 GMT
etag: "6124fe75-1731"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grandwelcome.com/wp-content/uploads/2021/11/MicrosoftTeams-image.jpeg
35.229.52.16200 OK 1.5 MB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/11/MicrosoftTeams-image.jpeg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, software=Windows Photo Editor 10.0.10011.16384, datetime=2022:02:23 10:44:43], baseline, precision 8, 2500x1667, components 3\012- data
Size 1.5 MB (1459122 bytes)
Hash 0d0886413dd088e565a33dba613d6d2a
3d8ce804213bf51cc7140c70568eea4c935e9e49
1c3f51675657fbd2f968268d82ce1e79349bbe5a57ba299c904a8d0cd579dbce
GET /wp-content/uploads/2021/11/MicrosoftTeams-image.jpeg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 1459122
last-modified: Fri, 25 Feb 2022 17:54:23 GMT
etag: "621917cf-1643b2"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/css/fonts/Verdana.woff2
35.229.52.16200 OK 104 kB URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/css/fonts/Verdana.woff2
IP 35.229.52.16:0
File type Web Open Font Format (Version 2), TrueType, length 104460, version 1.0\012- data
Size 104 kB (104460 bytes)
Hash 4b8e54294ffbdb4ecb4461fb69fe2415
2d2b4db360a39a05f2cd3db7db0be113311d9525
244e182bded77ccafb59d9e92675a7be2e15662569969aa89d05271351bb989f
GET /wp-content/themes/altitude-pro/css/fonts/Verdana.woff2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.grandwelcome.com/wp-content/themes/altitude-pro/style.css?ver=1.0.0
Cookie: _ccCt=null
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: font/woff2
content-length: 104460
last-modified: Wed, 28 Jul 2021 07:18:52 GMT
etag: "610104dc-1980c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.grandwelcome.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 538423
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/webfonts/fa-solid-900.woff2
35.229.52.16200 OK 62 kB URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/webfonts/fa-solid-900.woff2
IP 35.229.52.16:0
File type Web Open Font Format (Version 2), TrueType, length 62472, version 1.0\012- data
Hash b75b4bfe0d58faeced5006c785eaae23
92da6e3c7121e21cdfde25ef08797a3937a683e1
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
GET /wp-content/themes/altitude-pro/vrp/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/font-awesome.min.css?ver=6.0.2
Cookie: _ccCt=null
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: font/woff2
content-length: 62472
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
etag: "60e88c96-f408"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/webfonts/fa-brands-400.woff2
35.229.52.16200 OK 77 kB URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/webfonts/fa-brands-400.woff2
IP 35.229.52.16:0
File type Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196\012- data
Hash ed311c7a0ade9a75bb3ebf5a7670f31d
0613c7ebba55ee47ef302c0f7766324692f899a7
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
GET /wp-content/themes/altitude-pro/vrp/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/font-awesome.min.css?ver=6.0.2
Cookie: _ccCt=null
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: font/woff2
content-length: 76736
last-modified: Fri, 10 Sep 2021 09:46:44 GMT
etag: "613b2984-12bc0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/07/Oceanfront_-min.jpg
35.229.52.16200 OK 258 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/07/Oceanfront_-min.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Size 258 kB (258500 bytes)
Hash e0b6fffe9501d4db96b5e1cf7b045b70
e786285a96eac48ba0c4917e183997dbc936eb55
6c193237e25edcd61db3e3dae873fff690159c055ac23acf2005244f01e9f84e
GET /wp-content/uploads/2021/07/Oceanfront_-min.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 258500
last-modified: Wed, 25 Aug 2021 18:54:24 GMT
etag: "612691e0-3f1c4"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/07/Pet_Friendly-min.jpg
35.229.52.16200 OK 126 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/07/Pet_Friendly-min.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Size 126 kB (125895 bytes)
Hash eba004f07bcb9769a6ae5c321fe71d07
c5492d2eb6e4ba51d22318f848f3cd39247a3908
a1d30ca765d755a85cca53c1d6f88a23f649a7ce82f9dffd9d724f7e6f07911f
GET /wp-content/uploads/2021/07/Pet_Friendly-min.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 125895
last-modified: Wed, 25 Aug 2021 18:53:34 GMT
etag: "612691ae-1ebc7"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/07/Ski_On__Off-min.jpg
35.229.52.16200 OK 228 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/07/Ski_On__Off-min.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Size 228 kB (227712 bytes)
Hash a3528191f9cadea4bab1049e4383ab26
c828d33efff8f6f663bc3c4e01a8cd2c35b8d64c
bfbc86b373abf33433162a0adf39e4c0e50ffbac70ad3657719437e6fcf5ca2f
GET /wp-content/uploads/2021/07/Ski_On__Off-min.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 227712
last-modified: Wed, 25 Aug 2021 18:52:23 GMT
etag: "61269167-37980"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/Lakefront-min.jpg
35.229.52.16200 OK 288 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/Lakefront-min.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Size 288 kB (287496 bytes)
Hash bef8502e4eeba29013d39e2d062707b3
e4e15bfb9f927b3694353b2e9f080ce44259017c
15ceb59c1f7c99a6f3f05b3b51a7d2ee5876223ae7c11d8138d64ffd5f6be8f5
GET /wp-content/uploads/2021/08/Lakefront-min.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/jpeg
content-length: 287496
last-modified: Wed, 25 Aug 2021 19:00:46 GMT
etag: "6126935e-46308"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/07/list-your-property.png
35.229.52.16200 OK 226 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/07/list-your-property.png
IP 35.229.52.16:0
File type PNG image data, 790 x 545, 8-bit colormap, non-interlaced\012- data
Size 226 kB (226496 bytes)
Hash f1e5e75d542142de06458db603523bf7
891f1124cf7989c9e62b53d024c818c053597f02
13132a36f2a24554baaab2e8b736bd72caa2930b4b68bed1fb99c9cf7405d2d0
GET /wp-content/uploads/2021/07/list-your-property.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/wp-content/themes/altitude-pro/css/grand-welcome.css?ver=5.7.1
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/png
content-length: 226496
last-modified: Tue, 13 Jul 2021 15:26:30 GMT
etag: "60edb0a6-374c0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/Lake-Tahoe-Web-Image-500-x-342-px-1.png
35.229.52.16200 OK 323 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/Lake-Tahoe-Web-Image-500-x-342-px-1.png
IP 35.229.52.16:0
File type PNG image data, 500 x 342, 8-bit/color RGBA, non-interlaced\012- data
Size 323 kB (322792 bytes)
Hash 1641a2c319103e4b63de1f10569f6e93
b1c633764b8fbf4b843d8b848a543c186f394097
0af240614d371b32aa9bffd66840384de54e6c0c3e3ee2e09b5faa13029563a1
GET /wp-content/uploads/2021/08/Lake-Tahoe-Web-Image-500-x-342-px-1.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/png
content-length: 322792
last-modified: Tue, 11 Jan 2022 23:23:14 GMT
etag: "61de1162-4ece8"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/images/logo-desktop.svg
35.229.52.16200 OK 2.5 kB URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/images/logo-desktop.svg
IP 35.229.52.16:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a22ffedaa538b4dc5faf09f4dfca3ead
70dfd8b08383e3d7335266dbdfe7ee25c9876b28
d3aff7bf7ca51a18444c8271a2d78790fe2c5e0659dd8af333def76e32a3be9c
GET /wp-content/themes/altitude-pro/images/logo-desktop.svg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/wp-content/themes/altitude-pro/style.css?ver=1.0.0
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: image/svg+xml
last-modified: Fri, 20 Aug 2021 16:31:45 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"611fd8f1-141d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9033
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:04:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9033
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:04:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9033
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:04:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9033
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:04:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9033
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:04:43 GMT
Connection: keep-alive
www.grandwelcome.com/wp-content/plugins/the-post-grid/assets/vendor/font-awesome/css/font-awesome.min.css?ver=4.2.3
35.229.52.16200 OK 20 kB URL HTTP/2 www.grandwelcome.com/wp-content/plugins/the-post-grid/assets/vendor/font-awesome/css/font-awesome.min.css?ver=4.2.3
IP 35.229.52.16:0
File type ASCII text, with very long lines (59068), with CRLF line terminators
Hash 53a1339cabd23805b3a1cfec387075dc
cdf80f93433d70b982e63da670dd9d094d46fadc
d81653d55c75f53a7212a4dde4bee0bafbe9089358df5aac3e32f9f5e49ac180
GET /wp-content/plugins/the-post-grid/assets/vendor/font-awesome/css/font-awesome.min.css?ver=4.2.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 15:08:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a52-e77a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59163c799f3d48e74abdd285ee615119
883e61d46ef6c09013724aa7b8f560272ee08574
e1bafc575ff4274b210bee481a8e73c065de5bc14ddf46c269ef91eda0df8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8621
x-amzn-requestid: 5a828651-41c2-4aa0-931d-6522098a8438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASUWEYvIAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffdb5-5ace75523a98a9237fabca8f;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:05:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2a-Ip86QEcmn31zRYLuD9dtCXduTOd0OZO0JdpfbTvJK7Z7wRGxEaQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 9788
etag: "883e61d46ef6c09013724aa7b8f560272ee08574"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9646ccba-7fc2-470a-b04e-5cef02e234cd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9646ccba-7fc2-470a-b04e-5cef02e234cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e49757d877a437a57f39d458862e8369
7d8b30445dadc44a17e5a26301212fced3aaa2af
e8b481bd5fe7ce92aa614cb77c9318ef8b763e71a178126805a4c363e6f91a9b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9646ccba-7fc2-470a-b04e-5cef02e234cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13058
x-amzn-requestid: 2ce70ac3-0451-41f4-bd82-596a92582a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EiiIAMFQLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-25deabef6235856b6d9bb19f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oGmQtgwLy_unp2_L3WP10HsyeCSgao4_37Kf6K8JeeVgz8YXbDvDWQ==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:53 GMT
age: 11210
etag: "7d8b30445dadc44a17e5a26301212fced3aaa2af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b255b252ceed088d6f505e7e9acfcb55
a6b1c3e0d506ac1c66405e061e9910fafb176a7d
b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:16:33 GMT
age: 64090
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c761355e3b9bdf64113c92591306b959
5dcf4fbd065e0850c2602a5e8791ba7af1999d9f
03464d30ae3a3199bb3b19e1c730385fc8f68444d41eb0099542bd83108e6ed5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9710
x-amzn-requestid: 34553ef5-773c-4c06-835f-0382202b706d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCWDE74IAMF0xA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63311759-3a8cc99a4d529adc23d1dfc1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:07:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6WtNGTt-HH__-2fhF-DwduAIhqNW2D0nB24FIIwmSuNVLsQuLDQy1g==
via: 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 05:04:56 GMT
age: 71987
etag: "5dcf4fbd065e0850c2602a5e8791ba7af1999d9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
35.229.52.16200 OK 60 kB URL HTTP/2 www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
IP 35.229.52.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 903aa48073cc11f7395b1f31f3c249eb
0140658b480b040c52a72a01c42777f0ecc51b3f
6faeeedff40001561bc4c99fdc01d2fd0a85f4e0721fa77b33622cc049587cec
GET /?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
link: <https://www.grandwelcome.com/wp-json/>; rel="https://api.w.org/", <https://www.grandwelcome.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://www.grandwelcome.com/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://www.grandwelcome.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.grandwelcome.com
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 5
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/ajax-loader.gif
35.229.52.16200 OK 4.2 kB URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/ajax-loader.gif
IP 35.229.52.16:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /wp-content/themes/altitude-pro/slickslider/ajax-loader.gif HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/slick-theme.css?ver=6.0.2
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: image/gif
content-length: 4178
last-modified: Fri, 09 Jul 2021 19:59:12 GMT
etag: "60e8aa90-1052"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/07/predslide.png
35.229.52.16200 OK 966 B URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/07/predslide.png
IP 35.229.52.16:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 80818344700f8e1d4f998c683fbae1b3
94fea0285240434dd3c6a0c54bd56d648c9b5512
9f9a30e209ac03e4e51a7877e01a552d2acc7f59f98dc522de212bc2a8cb9af0
GET /wp-content/uploads/2021/07/predslide.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/wp-content/themes/altitude-pro/css/grand-welcome.css?ver=5.7.1
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: image/png
content-length: 966
last-modified: Thu, 22 Sep 2022 15:25:53 GMT
etag: "632c7e81-3c6"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ed190f8c9d661216cfae4b7a202e459f
4878b4bc2b3db2b9dbda8d745e20b12ee7109bac
4ce842471a9fc1a95cfd680e6f2f08209bad6529accc5c233dbb6d87d6966df1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CE842471A9FC1A95CFD680E6F2F08209BAD6529ACCC5C233DBB6D87D6966DF1"
Last-Modified: Mon, 26 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17724
Expires: Wed, 28 Sep 2022 06:00:07 GMT
Date: Wed, 28 Sep 2022 01:04:43 GMT
Connection: keep-alive
www.grandwelcome.com/wp-content/uploads/2021/07/nextslide.png
35.229.52.16200 OK 997 B URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/07/nextslide.png
IP 35.229.52.16:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 6df7d34fa78816e19b6cc8cbbf819e1f
c2a47eba1148e7ff2be7fae9e43a9aa9172bb3e2
cd75693c131e4e6143abae19886db87a383d409236769a4f4d2a06474b40c4ba
GET /wp-content/uploads/2021/07/nextslide.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/wp-content/themes/altitude-pro/css/grand-welcome.css?ver=5.7.1
Cookie: _ccCt=null
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: image/png
content-length: 997
last-modified: Thu, 22 Sep 2022 15:25:52 GMT
etag: "632c7e80-3e5"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d35193e9ec9d6ce8f397cea01fde4fa
30017b45b20b3ecbe1b6ff8a02e2730a2c62029a
7eeb48260543a450e3c294ba4081f807d07bccc5d0eb82eda21fcc95f730b085
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EEB48260543A450E3C294BA4081F807D07BCCC5D0EB82EDA21FCC95F730B085"
Last-Modified: Mon, 26 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7943
Expires: Wed, 28 Sep 2022 03:17:06 GMT
Date: Wed, 28 Sep 2022 01:04:43 GMT
Connection: keep-alive
js.hs-scripts.com/5016044.js
104.17.210.204200 OK 775 B URL HTTP/2 js.hs-scripts.com/5016044.js
IP 104.17.210.204:0
File type ASCII text, with very long lines (524)
Hash 2c5bc3758b31563f45bf5bb299db156e
8302cda9efd9d1346e799110f191a6091d580ffa
f307287d4dcb927c20d2674029a6c826ab0720e990ce9bf643162a163c20d488
GET /5016044.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B385C91C91B0AA79F77558EA37E9EF0A773C44BB3000000000000000000
cache-control: public, max-age=60
vary: Accept-Encoding
x-hubspot-correlation-id: 8e3d539b-592c-43ca-9ac0-04c639a84bfb
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.grandwelcome.com
last-modified: Wed, 28 Sep 2022 01:04:43 GMT
cf-cache-status: MISS
expires: Wed, 28 Sep 2022 01:05:43 GMT
server: cloudflare
cf-ray: 7518910dccbeb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 8b353f697d56190751227a2d1ab61d29
7431a3de06e78d7a88e212967c5f328c688bc386
7571eeb111f460763c3a24e0610ad0495187ce15290f3afe45885fb935cbaef5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 01:04:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:16:12 GMT
Expires: Wed, 28 Sep 2022 22:16:12 GMT
ETag: "7431a3de06e78d7a88e212967c5f328c688bc386"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.cartstack.com/js/customer-tracking/www.grandwelcome.com_31827e6d2609457e4538e8a0441c736f.js
54.245.27.248200 OK 839 B URL HTTP/1.1 api.cartstack.com/js/customer-tracking/www.grandwelcome.com_31827e6d2609457e4538e8a0441c736f.js
IP 54.245.27.248:0
File type ASCII text, with very long lines (609), with CRLF line terminators
Hash d1080f8aec81e347fa93adf6bc70e278
5e632cfeb6c17ee8943e746d147b85f6ce99c7c9
a889395fbcf0a9da2d7137a85deabfc52002775cdabf99790949022eac6d13bc
GET /js/customer-tracking/www.grandwelcome.com_31827e6d2609457e4538e8a0441c736f.js HTTP/1.1
Host: api.cartstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: application/javascript
Date: Wed, 28 Sep 2022 01:04:43 GMT
ETag: "ac1-58f78d6330d2c-gzip"
Expires: Fri, 28 Oct 2022 01:04:43 GMT
Last-Modified: Tue, 06 Aug 2019 20:40:36 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
Vary: Accept-Encoding
Content-Length: 839
Connection: keep-alive
www.grandwelcome.com/?exchange_rates=1
35.229.52.16200 OK 498 B URL HTTP/2 www.grandwelcome.com/?exchange_rates=1
IP 35.229.52.16:0
Hash c0ff5506ca36abcf1b2cb910d07a79dd
fa1cb30bf588c60152ac6b4da22a9d91b6f2d758
413994e88a537ccbfbed48b6697d7555910748c472d48f8cec37df68456ac1f7
GET /?exchange_rates=1 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null; _omappvp=UZoso2eY7OE36MvmEWoy0NbhnP1MeAYEOnKj37Dcbry8wkNRlenW6MABKShO8nmuxS59l7XiwuLKdqt9gZAB8Nnxs6rQlXJT; _omappvs=1664327080992
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: application/json
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 9
x-cache-group: normal
content-encoding: gzip
X-Firefox-Spdy: h2
www.grandwelcome.com/?vrpjax=1&act=getUnitBookedDates&par=undefined
35.229.52.16200 OK 158 kB URL HTTP/2 www.grandwelcome.com/?vrpjax=1&act=getUnitBookedDates&par=undefined
IP 35.229.52.16:0
File type JSON data\012- , ASCII text, with no line terminators
Size 158 kB (158452 bytes)
Hash 0fdfeffa7c170b9b53c0214fa1c77020
a9a7298c5c22fe644de58983e3fc1926e1fc204f
b487bb3f010ca48fc3e7d3fd8b80107f39529e540c3b436d44a34c4f77f1c116
GET /?vrpjax=1&act=getUnitBookedDates&par=undefined HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null; _omappvp=UZoso2eY7OE36MvmEWoy0NbhnP1MeAYEOnKj37Dcbry8wkNRlenW6MABKShO8nmuxS59l7XiwuLKdqt9gZAB8Nnxs6rQlXJT; _omappvs=1664327080992
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding, Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5796
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:44 GMT
Last-Modified: Tue, 27 Sep 2022 23:28:08 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 00:41:09 GMT
expires: Wed, 28 Sep 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 1415
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.affirm.com/api/v2/cookie_sent
143.204.55.126200 OK 17 kB URL HTTP/2 www.affirm.com/api/v2/cookie_sent
IP 143.204.55.126:0
File type JSON data\012- , ASCII text, with very long lines (61518)
Hash a50ba2501679f24f51f01c41115bb488
de92fd7bb00947680015d9aa310f6fb1aa563813
91e8e57189809b93ee1cd4fbcb0f61ad7ecf9ad3df4a060a6599b572baeeafc5
GET /api/v2/cookie_sent HTTP/1.1
Host: www.affirm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcome.com/
Origin: https://www.grandwelcome.com
Connection: keep-alive
Cookie: DUMMY_COOKIE=DUMMY_VALUE; tracker_device=bafde837-b7b7-4c85-82ee-5f21a3a8184c; t_v2_s=eyIgYiI6IlltRm1aR1U0TXpjdFlqZGlOeTAwWXpnMUxUZ3laV1V0TldZeU1XRXpZVGd4T0RSaiJ9.FhUvKg.EE3G6p6l6DE6iSECDXYE9QJuWew; 3060738.3440491=bafde837-b7b7-4c85-82ee-5f21a3a8184c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Wed, 28 Sep 2022 00:33:05 GMT
server: istio-envoy
set-cookie: DUMMY_COOKIE=DUMMY_VALUE; Domain=.affirm.com; Secure; Path=/; SameSite=None
cache-control: max-age=3600
access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://www.grandwelcome.com
access-control-allow-methods: GET, OPTIONS
x-affirm-request-id: b6e52ae2-82de-4a1c-ca2d-8f6979c5f537
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 6
vary: Accept-Encoding,cookie,Origin,Origin
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: L_Ly2l1CABZm_CV08kUWcbMX2gyhjk6kAFeqoaY_lQK_9-gD81nwtA==
age: 1898
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: +/5xrnlf92qVT+L7TXLa/zkRdvl9OcZRrbRWw9tZsuV+Sxro7Ghz+sbREJG1AZnYl7Pyskpoa4yTavp8rsmfUw==
content-length: 26840
x-fb-trip-id: 1679558926
date: Wed, 28 Sep 2022 01:04:44 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5796
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:44 GMT
Last-Modified: Tue, 27 Sep 2022 23:28:08 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
142.250.74.163200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
IP 142.250.74.163:0
File type ASCII text, with very long lines (52762), with no line terminators
Hash f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:33:30 GMT
expires: Mon, 25 Sep 2023 08:33:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/css
age: 232274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/12/1018905148-huge-min-scaled.jpg
35.229.52.16200 OK 403 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/12/1018905148-huge-min-scaled.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1004, components 3\012- data
Size 403 kB (402620 bytes)
Hash e3acc9998cbb3976796584889c18f964
cec0617b0bd980d771b0123d62961ea96a4cf0ab
a4204243c2519c10c51a0eb421d4639b169172790d5cc11f2465f7772215f40f
GET /wp-content/uploads/2021/12/1018905148-huge-min-scaled.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null; _omappvp=UZoso2eY7OE36MvmEWoy0NbhnP1MeAYEOnKj37Dcbry8wkNRlenW6MABKShO8nmuxS59l7XiwuLKdqt9gZAB8Nnxs6rQlXJT; _omappvs=1664327080992; tracker_device=bafde837-b7b7-4c85-82ee-5f21a3a8184c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:44 GMT
content-type: image/jpeg
content-length: 402620
last-modified: Thu, 22 Sep 2022 15:22:23 GMT
etag: "632c7daf-624bc"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/07/Celebrity-Beachfront-Villa.jpg
35.229.52.16200 OK 246 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/07/Celebrity-Beachfront-Villa.jpg
IP 35.229.52.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2117x1752, components 3\012- data
Size 246 kB (245829 bytes)
Hash 705b96e0cf12f95f80a1b886c27e7d57
c9e8db0315ce44d10046a768d5bdcdea1582927e
90533786df2a4eb62e5dfb288e4f5ac01c804d327ae70ec2ff7275073cc24423
GET /wp-content/uploads/2021/07/Celebrity-Beachfront-Villa.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null; _omappvp=UZoso2eY7OE36MvmEWoy0NbhnP1MeAYEOnKj37Dcbry8wkNRlenW6MABKShO8nmuxS59l7XiwuLKdqt9gZAB8Nnxs6rQlXJT; _omappvs=1664327080992; tracker_device=bafde837-b7b7-4c85-82ee-5f21a3a8184c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:44 GMT
content-type: image/jpeg
content-length: 245829
last-modified: Wed, 14 Jul 2021 16:03:53 GMT
etag: "60ef0ae9-3c045"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 304366
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 432973
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.hs-banner.com/cookie-banner-public/v1/domain-collection
104.18.33.171200 OK 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/domain-collection
IP 104.18.33.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /cookie-banner-public/v1/domain-collection HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.grandwelcome.com/
Origin: https://www.grandwelcome.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:44 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://www.grandwelcome.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751891163d271c12-OSL
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2021/08/Header-Image.jpg
35.229.52.16200 OK 723 kB URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2021/08/Header-Image.jpg
IP 35.229.52.16:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Copyright (c) 2020 pikselstock/Shutterstock. No use without permission.], baseline, precision 8, 2560x1707, components 3\012- data
Size 723 kB (723318 bytes)
Hash d6b22ab2aa24c408fcb1bd552d7bb69d
3d1af6a2eee4213ed7ffc30eff682a4870ba9d29
eb6db1b05096a6047d0fbd131e90564f75d6524b015be2f9162f1ee83c471fa7
GET /wp-content/uploads/2021/08/Header-Image.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null; _omappvp=UZoso2eY7OE36MvmEWoy0NbhnP1MeAYEOnKj37Dcbry8wkNRlenW6MABKShO8nmuxS59l7XiwuLKdqt9gZAB8Nnxs6rQlXJT; _omappvs=1664327080992; tracker_device=bafde837-b7b7-4c85-82ee-5f21a3a8184c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:44 GMT
content-type: image/jpeg
content-length: 723318
last-modified: Wed, 25 Aug 2021 18:26:00 GMT
etag: "61268b38-b0976"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
js.hs-banner.com/cookie-banner-public/v1/domain-collection
104.18.33.171204 No Content 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/domain-collection
IP 104.18.33.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cookie-banner-public/v1/domain-collection HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.grandwelcome.com
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 01:04:44 GMT
x-trace: 2B583D6CFFDD23FAD3462797FAA20643D6E49A3F41000000000000000000
x-hubspot-correlation-id: 7d646188-e533-4ea5-b83d-00fe1a14fa92
access-control-allow-origin: https://www.grandwelcome.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75189116ed8c1c12-OSL
X-Firefox-Spdy: h2
cdn.mouseflow.com/projects/fce6f195-a842-4b51-b883-de3c1195c583_eu.js
151.139.128.11200 OK 17 kB URL HTTP/2 cdn.mouseflow.com/projects/fce6f195-a842-4b51-b883-de3c1195c583_eu.js
IP 151.139.128.11:0
File type ASCII text, with very long lines (61517), with no line terminators
Hash 1ef5a7f2575435345015c9db8eb0c58c
5fe8aeda2b0e57d53d74234988664569d56d2359
1ffd745e53a3d996e51d930170639b040e6dcfa1ee3ef25f8cba9e85507502cc
GET /projects/fce6f195-a842-4b51-b883-de3c1195c583_eu.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcome.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:44 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 17367
content-type: application/javascript; charset=utf-8
last-modified: Thu, 25 Aug 2022 16:22:16 GMT
accept-ranges: bytes
etag: "acdd44d79eb8d81:0"
server:
x-hw: 1664327084.cds009.sk1.hn,1664327084.cds249.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.hs-banner.com/cookie-banner-public/v1/activity/view
104.18.33.171200 OK 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/activity/view
IP 104.18.33.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /cookie-banner-public/v1/activity/view HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.grandwelcome.com/
Origin: https://www.grandwelcome.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:44 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://www.grandwelcome.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751891163d291c12-OSL
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 87 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
Hash 1b72ddce00bf32d2dff423d454c4104c
28def3b2aba6cc273e54feb94360940a6ed68601
49655f2f47116679f2199def0b4776df67b77a8865d9a6d62ff79ad4f8e96678
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 182329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-118744554-1&cid=590071388.1664327082&jid=1585256806&gjid=1549300533&_gid=856423104.1664327082&_u=YGBACEAABAAAAC~&z=1279524546
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-118744554-1&cid=590071388.1664327082&jid=1585256806&gjid=1549300533&_gid=856423104.1664327082&_u=YGBACEAABAAAAC~&z=1279524546
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-118744554-1&cid=590071388.1664327082&jid=1585256806&gjid=1549300533&_gid=856423104.1664327082&_u=YGBACEAABAAAAC~&z=1279524546 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.grandwelcome.com
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.grandwelcome.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 01:04:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.hs-banner.com/cookie-banner-public/v1/activity/view
104.18.33.171204 No Content 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/activity/view
IP 104.18.33.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cookie-banner-public/v1/activity/view HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 136
Origin: https://www.grandwelcome.com
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 01:04:45 GMT
x-trace: 2BA863BB66DB7743ADF7E6B1A85BF45FFCC563AFDC000000000000000000
x-hubspot-correlation-id: 4bffc661-53a6-49de-b01e-0ed030151910
access-control-allow-origin: https://www.grandwelcome.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75189118ce531c12-OSL
X-Firefox-Spdy: h2
www.affirm.com/api/v2/cookie_sent
143.204.55.126200 OK 514 B URL HTTP/2 www.affirm.com/api/v2/cookie_sent
IP 143.204.55.126:0
Hash ecadec7210cb23cbacd187cf21fe555b
66796a7881f906fad17754a57a73382186bb63f7
f75afabc5b5a2b68d2f382b762272a04e2a6c2cae7e6a3445789dddb269ed08a
GET /api/v2/cookie_sent HTTP/1.1
Host: www.affirm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcome.com/
Origin: https://www.grandwelcome.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Wed, 28 Sep 2022 00:33:04 GMT
server: istio-envoy
set-cookie: DUMMY_COOKIE=DUMMY_VALUE; Domain=.affirm.com; Secure; Path=/; SameSite=None
cache-control: max-age=3600
access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://www.grandwelcome.com
access-control-allow-methods: GET, OPTIONS
x-affirm-request-id: 55888b82-c3a3-4545-c538-3b22c0e4642c
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 12
vary: Accept-Encoding,cookie,Origin,Origin
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: teU0LMpnI5EJff8EZecfbH89FvN2QlaXeV4DqBwwRcOdjQT3wWhVWw==
age: 1898
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=493728741043254&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3FmsID%3D9cd466f3-ab9b-48e7-9439-28781a5dea4a&rl=&if=false&ts=1664327082695&sw=1280&sh=1024&v=2.9.84&r=stable&a=wordpress-6.0.2-3.0.7&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22594313195351768%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221049836659071516%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22752944599383282%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22401651088668058%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1664327082694.1984892679&it=1664327082055&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=493728741043254&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3FmsID%3D9cd466f3-ab9b-48e7-9439-28781a5dea4a&rl=&if=false&ts=1664327082695&sw=1280&sh=1024&v=2.9.84&r=stable&a=wordpress-6.0.2-3.0.7&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22594313195351768%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221049836659071516%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22752944599383282%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22401651088668058%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1664327082694.1984892679&it=1664327082055&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=493728741043254&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3FmsID%3D9cd466f3-ab9b-48e7-9439-28781a5dea4a&rl=&if=false&ts=1664327082695&sw=1280&sh=1024&v=2.9.84&r=stable&a=wordpress-6.0.2-3.0.7&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22594313195351768%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221049836659071516%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22752944599383282%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22401651088668058%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1664327082694.1984892679&it=1664327082055&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 01:04:45 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-118744554-1&cid=590071388.1664327082&jid=1585256806&_u=YGBACEAABAAAAC~&z=933413402
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-118744554-1&cid=590071388.1664327082&jid=1585256806&_u=YGBACEAABAAAAC~&z=933413402
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-118744554-1&cid=590071388.1664327082&jid=1585256806&_u=YGBACEAABAAAAC~&z=933413402 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 01:04:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ffea69c84211317f7c9609da0bd9f418
341416a300e593263a0ae44ea5ecef6f6d94d7fd
9a21fe75308a41c6372f402ca9ea91dd4b694b21d70de4bbf645d6c7997dd43d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5154
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:45 GMT
Last-Modified: Tue, 27 Sep 2022 23:38:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=5016044&rcu=https%3A%2F%2Fwww.grandwelcome.com%2F&pu=https%3A%2F%2Fwww.grandwelcome.com%2F%3FmsID%3D9cd466f3-ab9b-48e7-9439-28781a5dea4a&t=Grand+Welcome+%7C+Luxury+Vacation+Rentals+and+Vacation+Rental+Management&cts=1664327083079&vi=f7f348b093c1d4c42460c308e35cb917&nc=true&ce=false&pt=1&cc=0
104.19.155.83200 OK 45 B URL HTTP/2 track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=5016044&rcu=https%3A%2F%2Fwww.grandwelcome.com%2F&pu=https%3A%2F%2Fwww.grandwelcome.com%2F%3FmsID%3D9cd466f3-ab9b-48e7-9439-28781a5dea4a&t=Grand+Welcome+%7C+Luxury+Vacation+Rentals+and+Vacation+Rental+Management&cts=1664327083079&vi=f7f348b093c1d4c42460c308e35cb917&nc=true&ce=false&pt=1&cc=0
IP 104.19.155.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=5016044&rcu=https%3A%2F%2Fwww.grandwelcome.com%2F&pu=https%3A%2F%2Fwww.grandwelcome.com%2F%3FmsID%3D9cd466f3-ab9b-48e7-9439-28781a5dea4a&t=Grand+Welcome+%7C+Luxury+Vacation+Rentals+and+Vacation+Rental+Management&cts=1664327083079&vi=f7f348b093c1d4c42460c308e35cb917&nc=true&ce=false&pt=1&cc=0 HTTP/1.1
Host: track.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:45 GMT
content-type: image/gif
content-length: 45
cf-ray: 7518911c0ba1b4f9-OSL
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: e715298b-bcf0-4fac-b033-ef84f33230e6
x-robots-tag: none
set-cookie: __cf_bm=v7Fw3n9lrIlfGkp33D.MKonRXSCq_.jnK5GpaxpN_w0-1664327085-0-AVI8/lcKPd82tKY1IOT8syUDymv3ciCd/LpSxq1quRFI9IqZano8wkh80NMNsaIlPJ4KYxZ3IVdSCwxTr17Dk30=; path=/; expires=Wed, 28-Sep-22 01:34:45 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE%2BCeOXME%2BaV2vWGBdjRcWZOEcNjMXbn7dHUy9pOAwUpz79QnUwKqSAtawgQVv0iS8kyL2NtMx4rfX3gYCo4bO33VruuvwgDSJuP2EZn%2FgA8qhI6qhJrw2G2zIN0KF%2F5jprX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ffea69c84211317f7c9609da0bd9f418
341416a300e593263a0ae44ea5ecef6f6d94d7fd
9a21fe75308a41c6372f402ca9ea91dd4b694b21d70de4bbf645d6c7997dd43d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5154
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:04:45 GMT
Last-Modified: Tue, 27 Sep 2022 23:38:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
www.grandwelcome.com/wp-content/plugins/popup-builder/public/img/theme_6/close.png
35.229.52.16200 OK 17 kB URL HTTP/2 www.grandwelcome.com/wp-content/plugins/popup-builder/public/img/theme_6/close.png
IP 35.229.52.16:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d2a8fdc55e868a8af3ded895b7dff65f
a3a923e34c61415381609bc151e688f542ad311d
22da23ee6f306964547b881d2d3c5894794437c3fd45c009d6f294cad3789874
GET /wp-content/plugins/popup-builder/public/img/theme_6/close.png HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null; _omappvp=UZoso2eY7OE36MvmEWoy0NbhnP1MeAYEOnKj37Dcbry8wkNRlenW6MABKShO8nmuxS59l7XiwuLKdqt9gZAB8Nnxs6rQlXJT; _omappvs=1664327080992; tracker_device=bafde837-b7b7-4c85-82ee-5f21a3a8184c; _ga=GA1.2.590071388.1664327082; _gid=GA1.2.856423104.1664327082; _gat_UA-118744554-1=1; _fbp=fb.1.1664327082694.1984892679
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:46 GMT
content-type: image/png
content-length: 17273
last-modified: Thu, 25 Aug 2022 19:17:46 GMT
etag: "6307cada-4379"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-admin/admin-ajax.php
35.229.52.16200 OK 86 kB URL HTTP/2 www.grandwelcome.com/wp-admin/admin-ajax.php
IP 35.229.52.16:0
File type gzip compressed data, from Unix\012- data
Hash 39d25bca43ecef0b0105e3b33be27a38
10908a594ec07b80b925bca6d112c12eae093e65
619f08996fa321d259059090085c3b8c74b6ea4607d06af6ff8671e20dde7fea
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 91
Origin: https://www.grandwelcome.com
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null; _omappvp=UZoso2eY7OE36MvmEWoy0NbhnP1MeAYEOnKj37Dcbry8wkNRlenW6MABKShO8nmuxS59l7XiwuLKdqt9gZAB8Nnxs6rQlXJT; _omappvs=1664327080992; tracker_device=bafde837-b7b7-4c85-82ee-5f21a3a8184c; _ga=GA1.2.590071388.1664327082; _gid=GA1.2.856423104.1664327082; _gat_UA-118744554-1=1; _fbp=fb.1.1664327082694.1984892679; SGPBShowingLimitationDomain892={"openingCount":1,"openingPage":""}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:46 GMT
content-type: text/html; charset=UTF-8
content-length: 1
vary: X-NR-SAMPLE-PERCENT
set-cookie: PHPSESSID=a2dc5181f9e92011a611b6d01526c94b; path=/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-origin: https://www.grandwelcome.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07f06c54e3b1431203308e4134e7efcb
e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49
2814f21c6a21623c189163672867272eb24f754d3d22a8285349e5dd9f6b49f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: 0ac9a228-b6ce-4695-b269-f6a5ba959576
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4HTsoAMF8dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-1d1cacef2608d5820b2bc1b1;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kqeQV7wIw3SgSUFs3Nd3ZOV_0b9ETAw1X1_c40UXEjLZAT-JTqIQhQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
age: 11685
etag: "e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/slick.min.js?ver=1
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/slick.min.js?ver=1
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/slickslider/slick.min.js?ver=1 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 19:59:14 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e8aa92-a770"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62c2d8bd-15b64"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/jquery-ui-1.12.1.custom/jquery-ui.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/jquery-ui-1.12.1.custom/jquery-ui.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/css/jquery-ui-1.12.1.custom/jquery-ui.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-91bd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/js.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/js.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/js.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 03 Dec 2021 00:59:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"61a96bf9-4b80"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
js.hsleadflows.net/leadflows.js
104.17.230.204200 OK 0 B URL HTTP/2 js.hsleadflows.net/leadflows.js
IP 104.17.230.204:0
GET /leadflows.js HTTP/1.1
Host: js.hsleadflows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.grandwelcome.com
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: pQzzBtmUcXrdxDnNY-aRftXrkgNSy61W0TSkmeP7W09-LPCZkvAgKA==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=7515757d9e7c3595-IAD
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 751891125b8ab506-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 35.229.52.16:0
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"5ee520a7-15fd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 35.229.52.16:0
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 15:09:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a95-aab"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.1.13
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.1.13
IP 35.229.52.16:0
GET /wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.1.13 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 19:17:46 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6307cada-97db"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/weglot/dist/front-js.js?ver=3.7.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/weglot/dist/front-js.js?ver=3.7.3
IP 35.229.52.16:0
GET /wp-content/plugins/weglot/dist/front-js.js?ver=3.7.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:09:44 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7ab8-1080"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62551487-48b9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
api-cf.affirm.com/api/v2/session/touch_track
54.230.111.51200 OK 0 B URL HTTP/2 api-cf.affirm.com/api/v2/session/touch_track
IP 54.230.111.51:0
GET /api/v2/session/touch_track HTTP/1.1
Host: api-cf.affirm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.grandwelcome.com/
Origin: https://www.grandwelcome.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Wed, 28 Sep 2022 01:04:42 GMT
server: istio-envoy
vary: Accept-Encoding,Origin
access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://www.grandwelcome.com
access-control-allow-methods: GET, OPTIONS
set-cookie: tracker_device=bafde837-b7b7-4c85-82ee-5f21a3a8184c; Domain=.affirm.com; Expires=Fri, 27-Sep-2024 01:04:42 GMT; Max-Age=63072000; Secure; Path=/; SameSite=None
t_v2_s=eyIgYiI6IlltRm1aR1U0TXpjdFlqZGlOeTAwWXpnMUxUZ3laV1V0TldZeU1XRXpZVGd4T0RSaiJ9.FhUvKg.EE3G6p6l6DE6iSECDXYE9QJuWew; Domain=.affirm.com; Expires=Fri, 27-Sep-2024 01:04:42 GMT; Max-Age=63072000; Secure; HttpOnly; Path=/; SameSite=None
3060738.3440491=bafde837-b7b7-4c85-82ee-5f21a3a8184c; Domain=.affirm.com; Expires=Fri, 27-Sep-2024 01:04:42 GMT; Max-Age=63072000; Secure; Path=/; SameSite=None
cache-control: private, no-cache, no-store, must-revalidate
x-affirm-request-id: ccb33bc4-6615-4f48-cfe0-63b2514a9b74
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 22
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xaXdstuYXHv4QLn0aduc-6MVU674XRlDMwZU2m6Mz5jS2ULw67L1sg==
X-Firefox-Spdy: h2
js.hs-banner.com/5016044.js
104.18.33.171200 OK 0 B URL HTTP/2 js.hs-banner.com/5016044.js
IP 104.18.33.171:0
GET /5016044.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:44 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: vzLTC6bel4BKW2vHxfequZJfRhnTElyqdizgY+T6GpCueUu9WtFCvMoLz5wpnLLU12XFUItC3qw=
x-amz-request-id: KD1R76CT1YPAY8D8
last-modified: Tue, 30 Aug 2022 21:05:43 GMT
etag: W/"7b8648d659d60f919285028ff6e4e1b7"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: 1ANYSLq9FzUFBbDuqUerIkUSkDJFueZa
access-control-allow-origin: https://join.grandwelcome.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Wed, 28 Sep 2022 01:09:44 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 751891126b4b0af6-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@500;600;700;800&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@500;600;700;800&display=swap
IP 142.250.74.10:0
GET /css2?family=Poppins:wght@500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 01:04:42 GMT
date: Wed, 28 Sep 2022 01:04:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.namespace.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.namespace.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.namespace.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-4c6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
chat.trackhs.com/chat/track-webchat-boot.js
54.230.111.85200 OK 0 B URL HTTP/2 chat.trackhs.com/chat/track-webchat-boot.js
IP 54.230.111.85:0
GET /chat/track-webchat-boot.js HTTP/1.1
Host: chat.trackhs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Tue, 27 Mar 2018 21:18:13 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 28 Sep 2022 01:04:43 GMT
cache-control: max-age=60
etag: W/"457342914f10c02cc1da1255a7ee1f33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f-tvVicaQJgpy3PnHcJwnMvW0rhxJyrqAWNNh83jsFEana70Xh21gg==
age: 53
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 35.229.52.16:0
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6254194e-4ac6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.css
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"632df018-464c"
last-modified: Fri, 23 Sep 2022 17:42:48 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 151
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/24/2022 05:35:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 06e868735934a64c7f34c0184816906d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/css.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/css.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/css/css.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 14:13:24 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"63233304-10599"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins%3Awght%40500%3B600%3B700&ver=1.0.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins%3Awght%40500%3B600%3B700&ver=1.0.0
IP 142.250.74.10:0
GET /css2?family=Poppins%3Awght%40500%3B600%3B700&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 01:04:41 GMT
date: Wed, 28 Sep 2022 01:04:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.1.13
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.1.13
IP 35.229.52.16:0
GET /wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.1.13 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 19:17:46 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6307cada-13557"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=e122aaff
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=e122aaff
IP 35.229.52.16:0
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=e122aaff HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:08:38 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a76-4e0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/the-post-grid/assets/js/rttpg.js?ver=4.2.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/the-post-grid/assets/js/rttpg.js?ver=4.2.3
IP 35.229.52.16:0
GET /wp-content/plugins/the-post-grid/assets/js/rttpg.js?ver=4.2.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:08:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a52-34aa"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/the-post-grid/assets/css/thepostgrid.min.css?ver=4.2.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/the-post-grid/assets/css/thepostgrid.min.css?ver=4.2.3
IP 35.229.52.16:0
GET /wp-content/plugins/the-post-grid/assets/css/thepostgrid.min.css?ver=4.2.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 15:08:02 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a52-1d598"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/lightslider.min.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/lightslider.min.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/lightslider.min.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-3e9a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/select2.min.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/select2.min.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/select2.min.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-21c30"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/slick/slick.min.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/slick/slick.min.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/slick/slick.min.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-a770"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=e122aaff
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=e122aaff
IP 35.229.52.16:0
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=e122aaff HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:08:38 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a76-33a2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.affirm.js?ver=1.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.affirm.js?ver=1.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.affirm.js?ver=1.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Thu, 02 Dec 2021 23:08:14 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"61a951de-f94"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/js/jquery.localScroll.min.js?ver=1.2.8b
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/js/jquery.localScroll.min.js?ver=1.2.8b
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/js/jquery.localScroll.min.js?ver=1.2.8b HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:48:14 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88bde-603"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.resultListMap.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.resultListMap.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.resultListMap.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Wed, 30 Mar 2022 18:14:49 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62449e19-481a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.results.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.results.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.results.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-947"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/uploads/2022/08/Museums-in-Tampa-600x400.jpg
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/uploads/2022/08/Museums-in-Tampa-600x400.jpg
IP 35.229.52.16:0
GET /wp-content/uploads/2022/08/Museums-in-Tampa-600x400.jpg HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: image/jpeg
content-length: 43050
last-modified: Thu, 22 Sep 2022 15:25:04 GMT
etag: "632c7e50-a82a"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/2716.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2716.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/2716.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 35.229.52.16:0
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:09:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a95-25d0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1663859338
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1663859338
IP 35.229.52.16:0
GET /wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1663859338 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:08:58 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a8a-39b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/js/jquery.scrollTo.min.js?ver=1.4.5-beta
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/js/jquery.scrollTo.min.js?ver=1.4.5-beta
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/js/jquery.scrollTo.min.js?ver=1.4.5-beta HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:48:14 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88bde-98c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1664326800000/5016044.js
104.17.67.176200 OK 0 B URL HTTP/2 js.hs-analytics.net/analytics/1664326800000/5016044.js
IP 104.17.67.176:0
GET /analytics/1664326800000/5016044.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:44 GMT
content-type: text/javascript
x-amz-id-2: BZZ+83R3k0xLQRB+aJhZBvVOnVJUAaHFki8G6BrhJYiFjYR9uMRXXoHJ19Tq1hKQYQZUGQwzItE=
x-amz-request-id: PMEG77ND29M1CHA0
last-modified: Wed, 31 Aug 2022 12:01:48 GMT
etag: W/"5d1803860fc50c6c47e2e9ebc89d189a"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
expires: Wed, 28 Sep 2022 01:09:44 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 751891148f42b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/font-awesome.min.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/font-awesome.min.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/css/font-awesome.min.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-fa38"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/lightslider.min.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/lightslider.min.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/css/lightslider.min.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Tue, 19 Apr 2022 21:49:59 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"625f2e87-15a1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 35.229.52.16:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"5fb4e3fe-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
js.hsadspixel.net/fb.js
104.17.114.176200 OK 0 B IP 104.17.114.176:0
GET /fb.js HTTP/1.1
Host: js.hsadspixel.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Fri, 23 Sep 2022 05:23:07 UTC
etag: W/"46dd82490c71a41bce1eabb2e38c89c0"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7KJ54BFzipn1nE_Td6RfTtNOqayLQBYG
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: JdW2bWDAs4XPG5-xkQJLUFOQvR-oHJusrrESEyiKckgcizceK6W7Pg==
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.293/bundles/pixels-release.js&cfRay=74f506588e29f152-IAD
x-hs-target-asset: adsscriptloaderstatic/static-1.293/bundles/pixels-release.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 22
server: cloudflare
cf-ray: 751891126de4b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3
IP 35.229.52.16:0
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:09:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a95-3e7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/weglot/app/styles/new-flags.css?ver=3.7.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/weglot/app/styles/new-flags.css?ver=3.7.3
IP 35.229.52.16:0
GET /wp-content/plugins/weglot/app/styles/new-flags.css?ver=3.7.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 15:09:44 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7ab8-15817"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.checkout.barefoot.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.checkout.barefoot.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.checkout.barefoot.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-4f9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.1.13
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.1.13
IP 35.229.52.16:0
GET /wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.1.13 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 19:17:46 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6307cada-177a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 35.229.52.16:0
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:09:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a95-2fb3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/weglot/dist/css/front-css.css?ver=3.7.3
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/weglot/dist/css/front-css.css?ver=3.7.3
IP 35.229.52.16:0
GET /wp-content/plugins/weglot/dist/css/front-css.css?ver=3.7.3 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 15:09:44 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7ab8-ccc6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/slick.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/slick.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/slickslider/slick.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 19:59:13 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e8aa91-6f0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.queryString.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.queryString.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.queryString.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-830"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/select2.min.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/select2.min.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/css/select2.min.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-45ff"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/images/favicon.ico
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/images/favicon.ico
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/images/favicon.ico HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Cookie: _ccCt=null; _omappvp=UZoso2eY7OE36MvmEWoy0NbhnP1MeAYEOnKj37Dcbry8wkNRlenW6MABKShO8nmuxS59l7XiwuLKdqt9gZAB8Nnxs6rQlXJT; _omappvs=1664327080992; tracker_device=bafde837-b7b7-4c85-82ee-5f21a3a8184c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:44 GMT
content-type: image/x-icon
last-modified: Tue, 19 Oct 2021 14:37:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"616ed831-3c2e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 35.229.52.16:0
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6254194e-194b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/slick-theme.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/slick-theme.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/slickslider/slick-theme.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 19:59:13 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e8aa91-c49"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/js/global.js?ver=1.0.0
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/js/global.js?ver=1.0.0
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/js/global.js?ver=1.0.0 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Mon, 18 Oct 2021 23:06:16 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"616dfde8-f9a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-includes/css/dashicons.min.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"603ffca6-e688"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/jquery-ui-1.12.1.custom/jquery-ui.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/jquery-ui-1.12.1.custom/jquery-ui.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/css/jquery-ui-1.12.1.custom/jquery-ui.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-83b1b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.ui.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.ui.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.ui.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-25b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/optionscustom.js?ver=1
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/slickslider/optionscustom.js?ver=1
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/slickslider/optionscustom.js?ver=1 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:42 GMT
content-type: application/javascript
last-modified: Wed, 25 Aug 2021 17:04:57 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"61267839-39d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.1.13
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.1.13
IP 35.229.52.16:0
GET /wp-content/plugins/popup-builder/public/css/theme.css?ver=4.1.13 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 19:17:46 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6307cada-119f9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
a.optmnstr.com/app/js/api.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.optmnstr.com/app/js/api.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.js HTTP/1.1
Host: a.optmnstr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 01:04:43 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"632df00d-20793"
last-modified: Fri, 23 Sep 2022 17:42:37 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 463
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/24/2022 05:34:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 61836733468a007d5139d88a16c20ce7
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=e122aaff
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=e122aaff
IP 35.229.52.16:0
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=e122aaff HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 15:08:38 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a76-566f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 35.229.52.16:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6048e0ac-15db1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/style.css?ver=1.0.0
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/style.css?ver=1.0.0
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/style.css?ver=1.0.0 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 19:43:29 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"633200e1-17768"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/css/grand-welcome.css?ver=5.7.1
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/css/grand-welcome.css?ver=5.7.1
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/css/grand-welcome.css?ver=5.7.1 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 17:06:03 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"63235b7b-8b13"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.unit.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.unit.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.unit.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 20:32:59 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62faad7b-7631"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
chat.trackhs.com/chat/track-webchat-prod.1.5.3.js?domain=gw
54.230.111.85200 OK 0 B URL HTTP/2 chat.trackhs.com/chat/track-webchat-prod.1.5.3.js?domain=gw
IP 54.230.111.85:0
GET /chat/track-webchat-prod.1.5.3.js?domain=gw HTTP/1.1
Host: chat.trackhs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sat, 30 Apr 2022 05:53:37 GMT
last-modified: Tue, 27 Mar 2018 21:18:14 GMT
etag: W/"2c73cd9bf0f705329b20140c9e041a45"
cache-control: max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6Tlr5DYvmxOAzdPws9uRSS-iXBSzkB3sGLJx4Mhp9m62SHHgXkY1oQ==
age: 13029067
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/slick.css?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/css/slick.css?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/css/slick.css?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-767"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.mRespond.js?ver=6.0.2
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/themes/altitude-pro/vrp/js/vrp.mRespond.js?ver=6.0.2
IP 35.229.52.16:0
GET /wp-content/themes/altitude-pro/vrp/js/vrp.mRespond.js?ver=6.0.2 HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 17:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60e88c96-48e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=e122aaff
35.229.52.16200 OK 0 B URL HTTP/2 www.grandwelcome.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=e122aaff
IP 35.229.52.16:0
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=e122aaff HTTP/1.1
Host: www.grandwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.grandwelcome.com/?msID=9cd466f3-ab9b-48e7-9439-28781a5dea4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:04:41 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 15:08:38 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"632c7a76-a112"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2