r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15984
Expires: Fri, 03 Feb 2023 22:54:54 GMT
Date: Fri, 03 Feb 2023 18:28:30 GMT
Connection: keep-alive
www.guestline.com/
301 Moved Permanently 162 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 18:28:30 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.guestline.com/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4257
Expires: Fri, 03 Feb 2023 19:39:27 GMT
Date: Fri, 03 Feb 2023 18:28:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 17:43:35 GMT
content-type: application/json
age: 2695
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9920
Expires: Fri, 03 Feb 2023 21:13:50 GMT
Date: Fri, 03 Feb 2023 18:28:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DYrTDqfX/msHzgfILjMxLeKYPlkICh41MjUtkLRM7xprnkhlhpOwBrJgqaNw7ffujRehls8j3Js=
x-amz-request-id: 8PJF7PV3W9Y2EHRC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 17:52:30 GMT
age: 2160
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08e19ec5c12a9fa0431634e3db019545
e775967ed38a4c985239740c828e13fcb7159698
4ca243f576f7a88fac1deeec4b7c78e62330d86e4fb9e0572586a9fc4d118dd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CA243F576F7A88FAC1DEEEC4B7C78E62330D86E4FB9E0572586A9FC4D118DD1"
Last-Modified: Fri, 03 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21547
Expires: Sat, 04 Feb 2023 00:27:37 GMT
Date: Fri, 03 Feb 2023 18:28:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 18:07:19 GMT
age: 1271
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9485
Expires: Fri, 03 Feb 2023 21:06:36 GMT
Date: Fri, 03 Feb 2023 18:28:31 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wMrS4rS6sEGioHjtyWGmHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GZ93sqUUwZACqKca8XcJ3GJ2Q2Y=
www.guestline.com/
200 OK 28 kB IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Hash e5a8e2ce02347febc7898d73698c4af4
fca88cb7d9cc5303750edb1001b2e1f1461f2420
418b2992eed7d79de6c35d695f8b75beb77d2083adfc8112cbfd140d8981692d
GET / HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:32 GMT
content-type: text/html; charset=UTF-8
content-length: 27749
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.guestline.com/wp-json/>; rel="https://api.w.org/", <https://www.guestline.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://www.guestline.com/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://www.guestline.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.guestline.com
set-cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq; path=/; secure; HttpOnly
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
www.guestline.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js
200 OK 1.8 kB URL HTTP/2 www.guestline.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (4610)
Hash 4367943533a0b07a27290634c64da5eb
e903434a1e2c572e93c59fca5603869fecbe94e7
e261f0592109e7a4a12cfe2e6753990a1ae69db3cf8f3a2563cec4b3d99b284d
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:32 GMT
content-type: application/javascript
content-length: 1750
last-modified: Mon, 13 Jun 2022 17:41:58 GMT
etag: "121f-5e157ce09cb6d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15296
Expires: Fri, 03 Feb 2023 22:43:28 GMT
Date: Fri, 03 Feb 2023 18:28:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15296
Expires: Fri, 03 Feb 2023 22:43:28 GMT
Date: Fri, 03 Feb 2023 18:28:32 GMT
Connection: keep-alive
www.guestline.com/wp-content/themes/cn-core-theme/bower_components/jquery/dist/jquery.min.js
200 OK 31 kB URL HTTP/2 www.guestline.com/wp-content/themes/cn-core-theme/bower_components/jquery/dist/jquery.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Hash 31d53c8cdce8012a24abc8e84aa972e5
7287b1ec5d88304ba44fc1958b8de9596274c4e3
1b72bc7f54bc9170e605f6c4bb5529668c4ee3efeee602fdb63036b45b49f41c
GET /wp-content/themes/cn-core-theme/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:32 GMT
content-type: application/javascript
content-length: 30902
last-modified: Mon, 31 Jan 2022 16:47:20 GMT
etag: "15d9d-5d6e389bb4371-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15296
Expires: Fri, 03 Feb 2023 22:43:28 GMT
Date: Fri, 03 Feb 2023 18:28:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15296
Expires: Fri, 03 Feb 2023 22:43:28 GMT
Date: Fri, 03 Feb 2023 18:28:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15296
Expires: Fri, 03 Feb 2023 22:43:28 GMT
Date: Fri, 03 Feb 2023 18:28:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24261df857fd20898ed41615ff44efd2
5ebaae7786e95f6daf7e837ce741f96611a64335
b947696fced12e35736691fb27c5cc4ddb28e4b4781cfbb69b8b4011b84aca5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10971
x-amzn-requestid: 87d6a618-4ddf-4e40-aaeb-f6e38c274c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feH0jHisoAMFgpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58683-2de413f446505ec44ab2a390;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:33:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VpgiTDC8Uyvv5rCHOxGUgIREsLddYA7POpvU5eJSO3_K3zm7Hp3AOg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:43:06 GMT
age: 74726
etag: "5ebaae7786e95f6daf7e837ce741f96611a64335"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?hl=en
200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=en
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash c40fb3e99bdf4c051379206b381f995b
3cf6ce4a866abbd13ce857357061a1cfa3a27690
0c45a6582686059e9d82919355c239be284c5740680f56332419ce0516280183
GET /recaptcha/api.js?hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 03 Feb 2023 18:28:32 GMT
date: Fri, 03 Feb 2023 18:28:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 73843
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 74431
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 74431
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 73718
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.guestline.com/wp-content/cache/autoptimize/css/autoptimize_9a8fe4d6bac8535f5feffede360e5352.css
200 OK 65 kB URL HTTP/2 www.guestline.com/wp-content/cache/autoptimize/css/autoptimize_9a8fe4d6bac8535f5feffede360e5352.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (43771)
Hash 5826ad901ca3a248a05833d4d6063203
e6b58dd10767588e6c5dc662f0ab39d254f12e51
d9330cd88bb256b278e1259fc9dc8a13bdf1398f7701abf529f70db4c5c72ad8
GET /wp-content/cache/autoptimize/css/autoptimize_9a8fe4d6bac8535f5feffede360e5352.css HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:32 GMT
content-type: text/css
content-length: 64735
last-modified: Mon, 08 Aug 2022 14:48:30 GMT
etag: "76aef-5e5bbe8bf6803-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, immutable
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.vane3alga.com/js/162406.js
200 OK 16 B URL HTTP/1.1 secure.vane3alga.com/js/162406.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 8450ad483eb913e2314286e3746a6c37
94f1eab1e35c6eb579ae7378f34341c0c601cc00
3214464f6d9e7a0cfe97f38571852ee1bf65eaae67d447e51ce028d6adc0e886
GET /js/162406.js HTTP/1.1
Host: secure.vane3alga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:28:32 GMT
Content-Type: text/javascript
Content-Length: 16
Connection: keep-alive
Server: Kestrel
Cache-Control: no-store, must-revalidate
Pragma: no-cache
Expires: 0
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NNCM7XB
200 OK 70 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NNCM7XB
IP
File type ASCII text, with very long lines (32505)
Hash 8caea73908a28e29fb256de11da1c1bd
afd23d51c88d8478ef3882f58c585c717a25a06b
a2dbc2a8cf9fee2ad0d8d731c0ee806726a6dff9defdb282cf83f38420da51ef
GET /gtm.js?id=GTM-NNCM7XB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 18:28:32 GMT
expires: Fri, 03 Feb 2023 18:28:32 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--arrow-right-black.svg
200 OK 875 B URL HTTP/2 www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--arrow-right-black.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- exported SGML document, ASCII text
Hash 3ef2bc747d2ccfe3dfff420b366e4001
4e62af348d7a9efb538b9e83c9065fbbf1c2b18a
994d0722f795236b72f0997540adc46d496cd008f61ea2e8937085736e79fe33
GET /wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--arrow-right-black.svg HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/wp-content/cache/autoptimize/css/autoptimize_9a8fe4d6bac8535f5feffede360e5352.css
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/svg+xml
content-length: 875
last-modified: Mon, 07 Sep 2020 10:21:30 GMT
etag: "36b-5aeb694f63e80"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--search-white.svg
200 OK 960 B URL HTTP/2 www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--search-white.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- exported SGML document, ASCII text
Hash dc0e0ea030b55470a8ddd085ca36de1b
e4b47539defe969e98ea7cae1ea81414e94b8086
55889b76b9d3852bfb7947974b58320a6b7dc80979d4877d4c191365c0212010
GET /wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--search-white.svg HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/wp-content/cache/autoptimize/css/autoptimize_9a8fe4d6bac8535f5feffede360e5352.css
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/svg+xml
content-length: 960
last-modified: Mon, 07 Sep 2020 10:21:30 GMT
etag: "3c0-5aeb694f63e80"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/background-instances/swoosh-4.svg
200 OK 1.0 kB URL HTTP/2 www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/background-instances/swoosh-4.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- exported SGML document, ASCII text
Hash 3a00896f8a64e457c155b1cf5f373524
a2b3f967654cabe0d960da2efdd46d13ba9be694
e5417a1420d6a3339fcfbf810934c4670c4f2333e104eedb95d3a8ee166e96e5
GET /wp-content/themes/cn-theme-gueslinev2/dist/svg/background-instances/swoosh-4.svg HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/wp-content/cache/autoptimize/css/autoptimize_9a8fe4d6bac8535f5feffede360e5352.css
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/svg+xml
content-length: 1009
last-modified: Mon, 07 Sep 2020 10:21:30 GMT
etag: "3f1-5aeb694f63e80"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/background-instances/swoosh-5.svg
200 OK 1.1 kB URL HTTP/2 www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/background-instances/swoosh-5.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (319)
Hash e609c6475eaf6e6bef44f79e32240043
ec79b241241270cfc0536f56de0a4f6de1a44087
df696008071929f260d65786a247d420d296d94ce019bcac911b6ed4b1fe3fab
GET /wp-content/themes/cn-theme-gueslinev2/dist/svg/background-instances/swoosh-5.svg HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/wp-content/cache/autoptimize/css/autoptimize_9a8fe4d6bac8535f5feffede360e5352.css
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/svg+xml
content-length: 1079
last-modified: Mon, 07 Sep 2020 10:21:30 GMT
etag: "437-5aeb694f63e80"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--arrow-right.svg
200 OK 858 B URL HTTP/2 www.guestline.com/wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--arrow-right.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- exported SGML document, ASCII text
Hash 683e0198e5748d954981c2710e5e9b9e
c479654d62ff8a892acc0827860555fc79d1b797
d9f6beb4fa3b5da3a890afbd31160c5613a419a49420c2a05b494c201f8fc0ef
GET /wp-content/themes/cn-theme-gueslinev2/dist/svg/icon--arrow-right.svg HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/wp-content/cache/autoptimize/css/autoptimize_9a8fe4d6bac8535f5feffede360e5352.css
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/svg+xml
content-length: 858
last-modified: Mon, 07 Sep 2020 10:21:30 GMT
etag: "35a-5aeb694f63e80"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 40824
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.guestline.com/wp-content/cache/autoptimize/js/autoptimize_48f5a3213cd11c08d9e2547ee6cdec0b.js
200 OK 241 kB URL HTTP/2 www.guestline.com/wp-content/cache/autoptimize/js/autoptimize_48f5a3213cd11c08d9e2547ee6cdec0b.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 241 kB (240660 bytes)
Hash 144343b07f20824d290fd490adbde195
dcef560ba49e6e75e7cc3984407375faefd4e967
9b1f1fa46e1d2e0588d16dc699c4de27a767042e2800f93b0572b428dc3cd757
GET /wp-content/cache/autoptimize/js/autoptimize_48f5a3213cd11c08d9e2547ee6cdec0b.js HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:32 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 14:48:29 GMT
etag: "e0a5b-5e5bbe8bb7061-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, immutable
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.guestline.com/wp-content/uploads/2019/02/logo-mobile.png
200 OK 3.0 kB URL HTTP/2 www.guestline.com/wp-content/uploads/2019/02/logo-mobile.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 215 x 228, 8-bit colormap, non-interlaced\012- data
Hash 886a5ec7f7345ff1370d908ecec99a2b
8c1115f3f4cfe6da9409c05b1e030434469d65cf
04916ef4c8a5ef91eee158a0d0d83e3698ad732003b74575441889bb6bd21ec1
GET /wp-content/uploads/2019/02/logo-mobile.png HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/png
content-length: 2957
last-modified: Tue, 08 Sep 2020 09:59:29 GMT
etag: "b8d-5aeca6411c015"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
www.guestline.com/wp-content/themes/cn-theme-gueslinev2/favicons/favicon-16x16.png
200 OK 1.2 kB URL HTTP/2 www.guestline.com/wp-content/themes/cn-theme-gueslinev2/favicons/favicon-16x16.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 17ce34969ed70f53afb2277825bfc172
87ce2ccd7a1072ab6ae9e7bfed17e6f2169fe50d
d9426d8eafd72093d4e5b37ba2cb30e58d67d07a711c3543c853aab3b3fa3aaf
GET /wp-content/themes/cn-theme-gueslinev2/favicons/favicon-16x16.png HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/png
content-length: 1245
last-modified: Mon, 07 Sep 2020 10:21:30 GMT
etag: "4dd-5aeb694f63e80"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 12:31:45 GMT
expires: Sat, 03 Feb 2024 12:31:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 21408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 5884ef02417071495bd66fa75f167d75
2c45b6b68b22bb1208be5ac29837c2f51b6dab14
e7d288a995a04d6226230ae02c0fd84970192fddb6bbb4d47d765e82474eadc8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 03 Feb 2023 18:28:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 05:28:57 GMT
Expires: Sat, 04 Feb 2023 05:28:57 GMT
ETag: "2c45b6b68b22bb1208be5ac29837c2f51b6dab14"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 5884ef02417071495bd66fa75f167d75
2c45b6b68b22bb1208be5ac29837c2f51b6dab14
e7d288a995a04d6226230ae02c0fd84970192fddb6bbb4d47d765e82474eadc8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 03 Feb 2023 18:28:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 05:28:57 GMT
Expires: Sat, 04 Feb 2023 05:28:57 GMT
ETag: "2c45b6b68b22bb1208be5ac29837c2f51b6dab14"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.guestline.com/wp-content/uploads/2019/02/logo-mobile.png?auto=format&ch=DPR%2CWidth&ixjsv=2.2.4&q=65&w=40
200 OK 3.0 kB URL HTTP/2 www.guestline.com/wp-content/uploads/2019/02/logo-mobile.png?auto=format&ch=DPR%2CWidth&ixjsv=2.2.4&q=65&w=40
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 215 x 228, 8-bit colormap, non-interlaced\012- data
Hash 886a5ec7f7345ff1370d908ecec99a2b
8c1115f3f4cfe6da9409c05b1e030434469d65cf
04916ef4c8a5ef91eee158a0d0d83e3698ad732003b74575441889bb6bd21ec1
GET /wp-content/uploads/2019/02/logo-mobile.png?auto=format&ch=DPR%2CWidth&ixjsv=2.2.4&q=65&w=40 HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/png
content-length: 2957
last-modified: Tue, 08 Sep 2020 09:59:29 GMT
etag: "b8d-5aeca6411c015"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
www.guestline.com/wp-content/uploads/2020/09/home-hero4a.jpg?auto=format&ch=DPR%2CWidth&crop=faces%2Cedges&fit=crop&h=940&ixjsv=2.2.4&q=65&w=1270
200 OK 76 kB URL HTTP/2 www.guestline.com/wp-content/uploads/2020/09/home-hero4a.jpg?auto=format&ch=DPR%2CWidth&crop=faces%2Cedges&fit=crop&h=940&ixjsv=2.2.4&q=65&w=1270
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x1125, components 3\012- data
Hash 96af124065194ef69257e2ac0ae9bcc7
bfc8be6964582fc9a11f789b7b35e85f825158f9
2521e3d97a98b755a64e3a46d96771b5b28d0284cc971b10541eb105be9cc5bf
GET /wp-content/uploads/2020/09/home-hero4a.jpg?auto=format&ch=DPR%2CWidth&crop=faces%2Cedges&fit=crop&h=940&ixjsv=2.2.4&q=65&w=1270 HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: image/jpeg
content-length: 75553
last-modified: Wed, 16 Sep 2020 09:33:15 GMT
etag: "12721-5af6af5000833"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
analytics-eu.clickdimensions.com/ts.js
200 OK 29 kB URL HTTP/2 analytics-eu.clickdimensions.com/ts.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (28721), with no line terminators
Hash 1ed66d83701df5b44f33c8907d23c71a
7e72e97c5d30fdf5737c768b6b5be2b6250ab464
29c3b6b0e2246ae17fb03b13a2bb3003c4d07c37092b76b3d854708bcf99aa11
GET /ts.js HTTP/1.1
Host: analytics-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: application/javascript
content-length: 28722
server: Microsoft-HTTPAPI/2.0
last-modified: Fri, 27 Jan 2023 12:23:25 GMT
accept-ranges: bytes
etag: "1d9324a27272cb2"
x-servicefabricrequestid: ef5704d6-f327-45b6-82d9-9e135948d4c2
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3ce1bc23c86ace6b4d4949b2224e9132
f851119c51f81bc066be434187579385fb01efa0
a557c7ae0ad294e00d85e6aa2b556ce3a64009127d159ebb9b98c83969ac39ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:33 GMT
Last-Modified: Fri, 03 Feb 2023 17:44:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
analytics-eu.clickdimensions.com/optout.js
200 OK 5.7 kB URL HTTP/2 analytics-eu.clickdimensions.com/optout.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (366), with CRLF line terminators
Hash 2ced1d952b345f562fdb2b307b59c89a
cd0ad8eec40c25dbb7464caa1022e05a434cd349
556fe3b865993824b9cd1052715139c17a56cc783ae21d8e93ff89cc58d8943f
GET /optout.js HTTP/1.1
Host: analytics-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: application/javascript
content-length: 5730
server: Microsoft-HTTPAPI/2.0
last-modified: Fri, 27 Jan 2023 12:20:43 GMT
accept-ranges: bytes
etag: "1d93249c69809e2"
x-servicefabricrequestid: b3e2e409-a3cb-4b37-9ee0-5b453420e326
X-Firefox-Spdy: h2
analytics-eu.clickdimensions.com/forms.js
200 OK 12 kB URL HTTP/2 analytics-eu.clickdimensions.com/forms.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (2762), with CRLF line terminators
Hash aaf96923c6ff0c8775cc0565f0e02446
6d4b6051d4c704df9ee79cc55a6489fef30d2efc
dd7fc581c0205cc39c686a3a92b75bc99243fb67bfe8f55520167cb295b6d002
GET /forms.js HTTP/1.1
Host: analytics-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: application/javascript
content-length: 11567
server: Microsoft-HTTPAPI/2.0
last-modified: Fri, 27 Jan 2023 12:26:17 GMT
accept-ranges: bytes
etag: "1d9324a8dac57af"
x-servicefabricrequestid: 88a8d423-03b3-480f-bd6b-ebcdfd637203
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3ce1bc23c86ace6b4d4949b2224e9132
f851119c51f81bc066be434187579385fb01efa0
a557c7ae0ad294e00d85e6aa2b556ce3a64009127d159ebb9b98c83969ac39ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:33 GMT
Last-Modified: Fri, 03 Feb 2023 17:44:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=9956
date: Fri, 03 Feb 2023 18:28:34 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/gtm/optimize.js?id=GTM-W6XKLFR
200 OK 46 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-W6XKLFR
IP
File type ASCII text, with very long lines (1759)
Hash 80845ba74fa90c2f2feac84bb91448ba
e3d3026839449a31635b0a5dd3df4dd22a5f6133
e38cc70356a81593aec2e7ca24fa47f16aa11f6dc6584ff7b1df74fddf4ae683
GET /gtm/optimize.js?id=GTM-W6XKLFR HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 18:28:34 GMT
expires: Fri, 03 Feb 2023 18:28:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
200 OK 14 kB URL HTTP/2 analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 1190228a364b5fde3af2164851fadf96
00a1f60ffc3156929d91fda8042b6ea3f4ad6e55
7852140ee1941a768ae348135759f5752d1584e75e515487c7aad5cc0b7306b3
GET /guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html HTTP/1.1
Host: analytics-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: text/html; charset=utf-8
server: Microsoft-HTTPAPI/2.0
access-control-allow-headers: Content-Type,Accept,g-recaptcha-response
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 3600
referrer-policy: no-referrer-when-downgrade
x-servicefabricrequestid: 7a3761b3-acab-4143-957c-31857010e5b4
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 74431
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.lfeeder.com/?sid=kn9Eq4R13Gr7RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVgxTjBMM0Y0VFMiLCJHLU5DUUpUODFTSzQiXSwiZ2FDbGllbnRJZHMiOlsiNzc1OTIzODA5LjE2NzU0NDg5NDYiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42MC4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5ndWVzdGxpbmUuY29tLyIsInBhZ2VUaXRsZSI6IkhvdGVsIE9wZXJhdGlvbnMgUGxhdGZvcm0gfCBIb3RlbCBQTVMsIENSUywgQyZCLCBFUG9TLCBJQkUsIFBheW1lbnRzIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJhNTQzODA3MWIwNTBlMzlhIiwic2NyaXB0SWQiOiJrbjlFcTRSMTNHcjdSbHZQIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5hMjJmMTU4NGJjZmVkMDAyLjE2NzU0NDg5NDYwNjQiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
200 OK 43 B URL HTTP/2 tr.lfeeder.com/?sid=kn9Eq4R13Gr7RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVgxTjBMM0Y0VFMiLCJHLU5DUUpUODFTSzQiXSwiZ2FDbGllbnRJZHMiOlsiNzc1OTIzODA5LjE2NzU0NDg5NDYiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42MC4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5ndWVzdGxpbmUuY29tLyIsInBhZ2VUaXRsZSI6IkhvdGVsIE9wZXJhdGlvbnMgUGxhdGZvcm0gfCBIb3RlbCBQTVMsIENSUywgQyZCLCBFUG9TLCBJQkUsIFBheW1lbnRzIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJhNTQzODA3MWIwNTBlMzlhIiwic2NyaXB0SWQiOiJrbjlFcTRSMTNHcjdSbHZQIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5hMjJmMTU4NGJjZmVkMDAyLjE2NzU0NDg5NDYwNjQiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /?sid=kn9Eq4R13Gr7RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLVgxTjBMM0Y0VFMiLCJHLU5DUUpUODFTSzQiXSwiZ2FDbGllbnRJZHMiOlsiNzc1OTIzODA5LjE2NzU0NDg5NDYiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42MC4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5ndWVzdGxpbmUuY29tLyIsInBhZ2VUaXRsZSI6IkhvdGVsIE9wZXJhdGlvbnMgUGxhdGZvcm0gfCBIb3RlbCBQTVMsIENSUywgQyZCLCBFUG9TLCBJQkUsIFBheW1lbnRzIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJhNTQzODA3MWIwNTBlMzlhIiwic2NyaXB0SWQiOiJrbjlFcTRSMTNHcjdSbHZQIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5hMjJmMTU4NGJjZmVkMDAyLjE2NzU0NDg5NDYwNjQiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== HTTP/1.1
Host: tr.lfeeder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
server: CloudFront
date: Fri, 03 Feb 2023 18:28:34 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ao6RItcaCmy0qfJfEJiqes7FbY0pLiz__ma87zHsawCfoqsydolLsg==
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-X1N0L3F4TS>m=45je3210&_p=940783700&_gaz=1&cid=775923809.1675448946&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675448945&sct=1&seg=0&dl=https%3A%2F%2Fwww.guestline.com%2F&dt=Hotel%20Operations%20Platform%20%7C%20Hotel%20PMS%2C%20CRS%2C%20C%26B%2C%20EPoS%2C%20IBE%2C%20Payments&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-X1N0L3F4TS>m=45je3210&_p=940783700&_gaz=1&cid=775923809.1675448946&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675448945&sct=1&seg=0&dl=https%3A%2F%2Fwww.guestline.com%2F&dt=Hotel%20Operations%20Platform%20%7C%20Hotel%20PMS%2C%20CRS%2C%20C%26B%2C%20EPoS%2C%20IBE%2C%20Payments&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-X1N0L3F4TS>m=45je3210&_p=940783700&_gaz=1&cid=775923809.1675448946&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675448945&sct=1&seg=0&dl=https%3A%2F%2Fwww.guestline.com%2F&dt=Hotel%20Operations%20Platform%20%7C%20Hotel%20PMS%2C%20CRS%2C%20C%26B%2C%20EPoS%2C%20IBE%2C%20Payments&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.guestline.com
date: Fri, 03 Feb 2023 18:28:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-NCQJT81SK4>m=45je3210&_p=940783700&cid=775923809.1675448946&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675448945&sct=1&seg=0&dl=https%3A%2F%2Fwww.guestline.com%2F&dt=Hotel%20Operations%20Platform%20%7C%20Hotel%20PMS%2C%20CRS%2C%20C%26B%2C%20EPoS%2C%20IBE%2C%20Payments&en=page_view&_fv=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NCQJT81SK4>m=45je3210&_p=940783700&cid=775923809.1675448946&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675448945&sct=1&seg=0&dl=https%3A%2F%2Fwww.guestline.com%2F&dt=Hotel%20Operations%20Platform%20%7C%20Hotel%20PMS%2C%20CRS%2C%20C%26B%2C%20EPoS%2C%20IBE%2C%20Payments&en=page_view&_fv=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NCQJT81SK4>m=45je3210&_p=940783700&cid=775923809.1675448946&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675448945&sct=1&seg=0&dl=https%3A%2F%2Fwww.guestline.com%2F&dt=Hotel%20Operations%20Platform%20%7C%20Hotel%20PMS%2C%20CRS%2C%20C%26B%2C%20EPoS%2C%20IBE%2C%20Payments&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.guestline.com
date: Fri, 03 Feb 2023 18:28:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-X1N0L3F4TS&cid=775923809.1675448946>m=45je3210&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-X1N0L3F4TS&cid=775923809.1675448946>m=45je3210&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-X1N0L3F4TS&cid=775923809.1675448946>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.guestline.com
date: Fri, 03 Feb 2023 18:28:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://analytics-eu.clickdimensions.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:06:04 GMT
expires: Sat, 03 Feb 2024 02:06:04 GMT
cache-control: public, max-age=31536000
age: 58950
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=612444&time=1675448946192&url=https%3A%2F%2Fwww.guestline.com%2F
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=612444&time=1675448946192&url=https%3A%2F%2Fwww.guestline.com%2F
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=612444&time=1675448946192&url=https%3A%2F%2Fwww.guestline.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D612444%26time%3D1675448946192%26url%3Dhttps%253A%252F%252Fwww.guestline.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJYe-sgHBneQwAAAYYYiZJSlHpz750WOKkjbv_7pFCCweGyMeIBU8JpUkqOmDTOqQi9YFF2As0mBg; Max-Age=2592000; Expires=Sun, 05 Mar 2023 18:28:34 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJ3L8P5PfkDhAAAAYYYiZJSgimMex3FRmej1PlVpW4TB7FvMPJax5ny4YNrxAaXh8rB1yXGpJ4KugSI2MRn7A; Max-Age=2592000; Expires=Sun, 05 Mar 2023 18:28:34 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&95caf213-61bc-49ed-8488-cdadcac95a41"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 03-Feb-2024 18:28:34 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2453:u=1:x=1:i=1675448914:t=1675535314:v=2:sig=AQFFjq4u4UkxlOeCuZW9cLTnUCcBVRu9"; Expires=Sat, 04 Feb 2023 18:28:34 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzz9ljeuK8WKRrRwnX6A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 42A7FD6A05C543CBBB31E01056991C91 Ref B: OSL30EDGE0419 Ref C: 2023-02-03T18:28:34Z
date: Fri, 03 Feb 2023 18:28:33 GMT
content-length: 0
X-Firefox-Spdy: h2
www.guestline.com/wp-admin/admin-ajax.php
200 OK 22 B URL HTTP/2 www.guestline.com/wp-admin/admin-ajax.php
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 061faf60a30dde2f20ba8f454c3020de
1940a26a9be338cb36f5b50a1d638ef36b124d51
21947b02ead137acb20e602e9448c7c453b2836d1a755aadd5e1c61ecd2eb034
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.guestline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://www.guestline.com
Connection: keep-alive
Cookie: PHPSESSID=n8t03enpkp25hi76vddlgun4jq; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:28:34 GMT
content-type: text/html; charset=UTF-8
content-length: 22
access-control-allow-origin: https://www.guestline.com
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://ukconsultants.seismic.com;
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
permissions-policy: microphone=()
X-Firefox-Spdy: h2
analytics-eu.clickdimensions.com/tsr.js?ac=aS1MkBbiTs0eEeu0tngJUw&urk=1675448946426&cm=CMP-01052-V2J4L&s=1675448946425&v=&lc=English&pt=Contact%20us%20form%20EN%202022&dn=guestline.com&dnk=1ca020e04fe3e811a970000d3a38c9f2&pk=644610125949ec118c626045bd870951&hn=analytics-eu.clickdimensions.com&uri=https%3A%2F%2Fanalytics-eu.clickdimensions.com%2Fguestlinecom-as1mk%2Fpages%2Fehbgzelzeeymymbfvycjuq.html%3FPageId%3D644610125949ec118c626045bd870951&r=https%3A%2F%2Fwww.guestline.com%2F&t=FORM&b=FIREFOX&os=LINUX&pr=false&sc=0&sv=6.0&qd=PageId%3D644610125949ec118c626045bd870951&dt=1675448946426&pvon=
200 OK 189 B URL HTTP/2 analytics-eu.clickdimensions.com/tsr.js?ac=aS1MkBbiTs0eEeu0tngJUw&urk=1675448946426&cm=CMP-01052-V2J4L&s=1675448946425&v=&lc=English&pt=Contact%20us%20form%20EN%202022&dn=guestline.com&dnk=1ca020e04fe3e811a970000d3a38c9f2&pk=644610125949ec118c626045bd870951&hn=analytics-eu.clickdimensions.com&uri=https%3A%2F%2Fanalytics-eu.clickdimensions.com%2Fguestlinecom-as1mk%2Fpages%2Fehbgzelzeeymymbfvycjuq.html%3FPageId%3D644610125949ec118c626045bd870951&r=https%3A%2F%2Fwww.guestline.com%2F&t=FORM&b=FIREFOX&os=LINUX&pr=false&sc=0&sv=6.0&qd=PageId%3D644610125949ec118c626045bd870951&dt=1675448946426&pvon=
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 27eefeeb72010fcd7b44461a68532948
91502dba07b855d5951a33a51b4eff5c762be211
a42edff73f50023231232f49a148618a746f8ab88278969febe0a13ddb987b9c
GET /tsr.js?ac=aS1MkBbiTs0eEeu0tngJUw&urk=1675448946426&cm=CMP-01052-V2J4L&s=1675448946425&v=&lc=English&pt=Contact%20us%20form%20EN%202022&dn=guestline.com&dnk=1ca020e04fe3e811a970000d3a38c9f2&pk=644610125949ec118c626045bd870951&hn=analytics-eu.clickdimensions.com&uri=https%3A%2F%2Fanalytics-eu.clickdimensions.com%2Fguestlinecom-as1mk%2Fpages%2Fehbgzelzeeymymbfvycjuq.html%3FPageId%3D644610125949ec118c626045bd870951&r=https%3A%2F%2Fwww.guestline.com%2F&t=FORM&b=FIREFOX&os=LINUX&pr=false&sc=0&sv=6.0&qd=PageId%3D644610125949ec118c626045bd870951&dt=1675448946426&pvon= HTTP/1.1
Host: analytics-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/ehbgzelzeeymymbfvycjuq.html?PageId=644610125949ec118c626045bd870951
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:34 GMT
content-type: text/javascript
server: Microsoft-HTTPAPI/2.0
access-control-allow-headers: Content-Type,Accept,g-recaptcha-response
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 3600
referrer-policy: no-referrer-when-downgrade
x-servicefabricrequestid: 3235f796-818a-4f0c-aa28-b36c6992aeeb
X-Firefox-Spdy: h2
analytics-eu.clickdimensions.com/tsr.js?ac=aS1MkBbiTs0eEeu0tngJUw&urk=1675448946385&cm=CMP-01050-H1R6T&s=1675448946385&v=&lc=English&pt=Footer%20newsletter%20form%20EN%202022&dn=guestline.com&dnk=1ca020e04fe3e811a970000d3a38c9f2&pk=d9036f582275ec11894300224882f256&hn=analytics-eu.clickdimensions.com&uri=https%3A%2F%2Fanalytics-eu.clickdimensions.com%2Fguestlinecom-as1mk%2Fpages%2Fwg8d2xuieeyjqwaisilyvg.html&r=https%3A%2F%2Fwww.guestline.com%2F&t=FORM&b=FIREFOX&os=LINUX&pr=false&sc=0&sv=6.0&qd=&dt=1675448946385&pvon=
200 OK 231 B URL HTTP/2 analytics-eu.clickdimensions.com/tsr.js?ac=aS1MkBbiTs0eEeu0tngJUw&urk=1675448946385&cm=CMP-01050-H1R6T&s=1675448946385&v=&lc=English&pt=Footer%20newsletter%20form%20EN%202022&dn=guestline.com&dnk=1ca020e04fe3e811a970000d3a38c9f2&pk=d9036f582275ec11894300224882f256&hn=analytics-eu.clickdimensions.com&uri=https%3A%2F%2Fanalytics-eu.clickdimensions.com%2Fguestlinecom-as1mk%2Fpages%2Fwg8d2xuieeyjqwaisilyvg.html&r=https%3A%2F%2Fwww.guestline.com%2F&t=FORM&b=FIREFOX&os=LINUX&pr=false&sc=0&sv=6.0&qd=&dt=1675448946385&pvon=
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 08f2cd87d207a84120933b7d07baff5f
28af0f12a9e29115ac3f2d657e5d548bfef4ab97
408c4d0cbef755099a1d8992e14edbe84772be3378bbf9338e7ed48abd73b0c0
GET /tsr.js?ac=aS1MkBbiTs0eEeu0tngJUw&urk=1675448946385&cm=CMP-01050-H1R6T&s=1675448946385&v=&lc=English&pt=Footer%20newsletter%20form%20EN%202022&dn=guestline.com&dnk=1ca020e04fe3e811a970000d3a38c9f2&pk=d9036f582275ec11894300224882f256&hn=analytics-eu.clickdimensions.com&uri=https%3A%2F%2Fanalytics-eu.clickdimensions.com%2Fguestlinecom-as1mk%2Fpages%2Fwg8d2xuieeyjqwaisilyvg.html&r=https%3A%2F%2Fwww.guestline.com%2F&t=FORM&b=FIREFOX&os=LINUX&pr=false&sc=0&sv=6.0&qd=&dt=1675448946385&pvon= HTTP/1.1
Host: analytics-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:34 GMT
content-type: text/javascript
server: Microsoft-HTTPAPI/2.0
access-control-allow-headers: Content-Type,Accept,g-recaptcha-response
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 3600
referrer-policy: no-referrer-when-downgrade
x-servicefabricrequestid: 9b8c4fe3-933b-4a27-b258-f05d90122f8e
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=612444&time=1675448946192&url=https%3A%2F%2Fwww.guestline.com%2F&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=612444&time=1675448946192&url=https%3A%2F%2Fwww.guestline.com%2F&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=612444&time=1675448946192&url=https%3A%2F%2Fwww.guestline.com%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.guestline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&91a8446b-e740-43bc-8e1c-27aaa2da36bf"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 03-Feb-2024 18:28:34 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2453:u=1:x=1:i=1675448914:t=1675535314:v=2:sig=AQFFjq4u4UkxlOeCuZW9cLTnUCcBVRu9"; Expires=Sat, 04 Feb 2023 18:28:34 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzz9loxPutZuuq8PeDUg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 70900334F05D4CD9B314B8BB6EC6E942 Ref B: OSL30EDGE0419 Ref C: 2023-02-03T18:28:34Z
date: Fri, 03 Feb 2023 18:28:34 GMT
content-length: 0
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
200 OK 63 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
IP
File type Unicode text, UTF-8 text, with very long lines (65464)
Hash c59066bc19993f0c1e5c7e0c8ea368bc
038483bbdcf8cd586404d00af755fe66e0f2faf4
714a08ab047854c065de83bbc9e057c6fa6137f5ada73a4e45dc85626342d56b
GET /_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:35 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
age: 366223
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a26ac830b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
200 OK 29 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
IP
File type ASCII text, with very long lines (65472)
Hash a57aaf3dcff023837fca934c27c8154f
160fa9f72e4ac066ef676cba8cd4279fed3514df
b5293da213e4c5672a4070b208899672997ac1513e66fcccda3b4b344646bd0d
GET /_s/v4/app/63b77dcd282/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:35 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a26ac6f0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
IP
GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 18:28:32 GMT
date: Fri, 03 Feb 2023 18:28:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/612444/domain/guestline.com/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/612444/domain/guestline.com/token
IP
GET /partner/612444/domain/guestline.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Fri, 03 Feb 2023 12:46:28 GMT
access-control-allow-origin: *
cache-control: public, max-age=35615
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yh1Zct_cLaqUoVs6fthbglLBg-u35FkgRmWLBAHOgXq5qHmwAlnfmg==
age: 20526
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/612444/domain/guestline.com/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/612444/domain/guestline.com/token
IP
GET /partner/612444/domain/guestline.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Fri, 03 Feb 2023 12:46:28 GMT
access-control-allow-origin: *
cache-control: public, max-age=35615
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1ydxYljMXBJUEYrUilrgaHepHakk-uzupI136_mTzl6A-5c1IX3zAg==
age: 20526
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:35 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"385105148a50079bafff97e9c9476109"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a26ac840b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/ehbgzelzeeymymbfvycjuq.html?PageId=644610125949ec118c626045bd870951
200 OK 0 B URL HTTP/2 analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/ehbgzelzeeymymbfvycjuq.html?PageId=644610125949ec118c626045bd870951
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /guestlinecom-as1mk/pages/ehbgzelzeeymymbfvycjuq.html?PageId=644610125949ec118c626045bd870951 HTTP/1.1
Host: analytics-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: text/html; charset=utf-8
server: Microsoft-HTTPAPI/2.0
access-control-allow-headers: Content-Type,Accept,g-recaptcha-response
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 3600
referrer-policy: no-referrer-when-downgrade
x-servicefabricrequestid: bd224443-1c78-4b7a-ba58-eb3411e7a8fa
X-Firefox-Spdy: h2
embed.tawk.to/5e68e4c8eec7650c331f73e9/default
200 OK 0 B URL HTTP/2 embed.tawk.to/5e68e4c8eec7650c331f73e9/default
IP
GET /5e68e4c8eec7650c331f73e9/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:33 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a1dfc270b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/612444/domain/guestline.com/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/612444/domain/guestline.com/token
IP
GET /partner/612444/domain/guestline.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 03 Feb 2023 12:46:28 GMT
access-control-allow-origin: *
cache-control: public, max-age=35615
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ak7krp2G9ks_QSluHRtLvaCkaRKmpmDIqxA_QinQ1f5qp2a-5YPikQ==
age: 20526
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:34 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
age: 105595
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a26ac6d0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
va.tawk.to/v1/session/start
200 OK 0 B URL HTTP/2 va.tawk.to/v1/session/start
IP
OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.guestline.com/
Origin: https://www.guestline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:35 GMT
x-served-by: visitor-application-preemptive-1cxj
access-control-allow-origin: https://www.guestline.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a2a78490b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:35 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
age: 105595
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a26bc8e0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn-eu.clickdimensions.com/web/v10/cdform.jquery.js
200 OK 0 B URL HTTP/2 cdn-eu.clickdimensions.com/web/v10/cdform.jquery.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /web/v10/cdform.jquery.js HTTP/1.1
Host: cdn-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: /9GEd63iS+NbcfhZjpMzbQ==
last-modified: Wed, 20 Mar 2019 09:16:06 GMT
etag: 0x8D6AD14AEBF0C4A
vary: Origin
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: a02bfc91-c01e-0094-33e7-345618000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref-originshield: 0Q4DbYwAAAABwQCD3Z4iTT4mdSxuJYZzlRlJBMjMxMDUwNDE3MDE5ADNiNGVjMWQ5LWVlZTItNDA4Yi1iYjg3LWVkMzdhYWRkMTcyZg==
x-azure-ref: 0UlLdYwAAAAB5e72E8ozCSr8za2Avnyr5Q1BIMzBFREdFMDQxMQAzYjRlYzFkOS1lZWUyLTQwOGItYmI4Ny1lZDM3YWFkZDE3MmY=
date: Fri, 03 Feb 2023 18:28:33 GMT
X-Firefox-Spdy: h2
cdn-eu.clickdimensions.com/web/v10/cdform.min.noanalytics.js
200 OK 0 B URL HTTP/2 cdn-eu.clickdimensions.com/web/v10/cdform.min.noanalytics.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /web/v10/cdform.min.noanalytics.js HTTP/1.1
Host: cdn-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-encoding: br
content-md5: 1Bw5E5dK1kdutjlnQe/qEA==
last-modified: Tue, 24 May 2022 08:06:18 GMT
etag: 0x8DA3D5C48857ED4
vary: Origin
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: ee3ae951-f01e-005b-6964-3531aa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref-originshield: 0U1bbYwAAAABuD4ZIf+QIQ4w+oFUHzGIKRlJBMjMxMDUwNDE4MDE5ADNiNGVjMWQ5LWVlZTItNDA4Yi1iYjg3LWVkMzdhYWRkMTcyZg==
x-azure-ref: 0UlLdYwAAAACKPrBkgIa8SL1TelH5Uf92Q1BIMzBFREdFMDQxMQAzYjRlYzFkOS1lZWUyLTQwOGItYmI4Ny1lZDM3YWFkZDE3MmY=
date: Fri, 03 Feb 2023 18:28:33 GMT
X-Firefox-Spdy: h2
cdn-eu.clickdimensions.com/web/v10/xsscheck.js
200 OK 0 B URL HTTP/2 cdn-eu.clickdimensions.com/web/v10/xsscheck.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /web/v10/xsscheck.js HTTP/1.1
Host: cdn-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: dmgHWbaFJZlrPWDUFZ8C3g==
last-modified: Tue, 26 Jan 2021 14:43:01 GMT
etag: 0x8D8C208AE8E570D
vary: Origin
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 6a2c8f62-c01e-001c-69c3-36eec1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref-originshield: 0lcHbYwAAAADr+E2+V8y8Rbc51ZVo6SZZRlJBMjMxMDUwNDE3MDQ1ADNiNGVjMWQ5LWVlZTItNDA4Yi1iYjg3LWVkMzdhYWRkMTcyZg==
x-azure-ref: 0UlLdYwAAAAAyDFnnE5+gQ55d4weJxK7NQ1BIMzBFREdFMDQxMQAzYjRlYzFkOS1lZWUyLTQwOGItYmI4Ny1lZDM3YWFkZDE3MmY=
date: Fri, 03 Feb 2023 18:28:33 GMT
X-Firefox-Spdy: h2
cdn-eu.clickdimensions.com/web/v10/cdform2.min.css
200 OK 0 B URL HTTP/2 cdn-eu.clickdimensions.com/web/v10/cdform2.min.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /web/v10/cdform2.min.css HTTP/1.1
Host: cdn-eu.clickdimensions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analytics-eu.clickdimensions.com/guestlinecom-as1mk/pages/wg8d2xuieeyjqwaisilyvg.html
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
content-md5: dqk6k5M5U082hkmLz10U1Q==
last-modified: Mon, 14 Jun 2021 10:16:13 GMT
etag: 0x8D92F1D706B9D46
vary: Origin
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: b49e0989-e01e-0029-0945-364094000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref-originshield: 04H3bYwAAAAB2IStbe1grS4UO0AU4XuJDRlJBMjMxMDUwNDE3MDMxADNiNGVjMWQ5LWVlZTItNDA4Yi1iYjg3LWVkMzdhYWRkMTcyZg==
x-azure-ref: 0UlLdYwAAAADigMFZQokAQoU2omL5/m2TQ1BIMzBFREdFMDQxMQAzYjRlYzFkOS1lZWUyLTQwOGItYmI4Ny1lZDM3YWFkZDE3MmY=
date: Fri, 03 Feb 2023 18:28:33 GMT
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guestline.com
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:35 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a26ac860b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js
IP
GET /_s/v4/app/63b77dcd282/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guestline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:28:35 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"585ba00b2c167b90c210161454f843b5"
age: 2106224
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793d3a2b79a20b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
40.69.80.212
35.241.9.150
104.22.24.131
23.36.77.32
51.11.20.152