www.grandwelcome.com Open in urlscan Pro
52.35.25.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.grandwelcome.com/e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW3...
Effective URL:
https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANq...
Submission: On August 12 via manual (August 12th 2020, 4:16:02 am UTC) from US

Summary HTTP 97 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 27 domains to perform 97 HTTP transactions. The main IP is 52.35.25.143, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.grandwelcome.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 3rd 2019. Valid for: 2 years.

This is the only time www.grandwelcome.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6811:73b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	52.35.25.143 52.35.25.143	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
7	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
7	13.226.155.18 13.226.155.18	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	104.108.41.144 104.108.41.144	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.226.155.53 13.226.155.53	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	136.243.150.2 136.243.150.2	24940 (HETZNER-AS) (HETZNER-AS)
1	52.42.91.111 52.42.91.111	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.203.243.106 52.203.243.106	14618 (AMAZON-AES) (AMAZON-AES)
1	23.111.9.217 23.111.9.217	33438 (HIGHWINDS2) (HIGHWINDS2)
1	13.226.155.50 13.226.155.50	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	13.226.156.19 13.226.156.19	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:218... 2600:9000:2182:600:e:56f2:3bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
97	29

2 2606:4700::6811:73b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

info.grandwelcome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.35.25.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-25-143.us-west-2.compute.amazonaws.com

www.grandwelcome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.226.155.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-18.dus51.r.cloudfront.net

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.41.144 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-144.deploy.static.akamaitechnologies.com

mc.us18.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.155.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-53.dus51.r.cloudfront.net

cdn.trackhs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat.trackhs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (Phoenix, United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.150.2 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.150.243.136.clients.your-server.de

cdn1.pdmntn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.91.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-91-111.us-west-2.compute.amazonaws.com

api.cartstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.243.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-243-106.compute-1.amazonaws.com

gw.trackhs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.217 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

a.optmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.50 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-50.dus51.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 13.226.156.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-19.dus51.r.cloudfront.net

d2px9eregp3des.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2182:600:e:56f2:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2epyxaxvaz7xr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net d2px9eregp3des.cloudfront.net d2epyxaxvaz7xr.cloudfront.net	4 MB
15	grandwelcome.com 1 redirects info.grandwelcome.com www.grandwelcome.com	391 KB
8	google.com 1 redirects www.google.com	2 KB
7	mailchimp.com downloads.mailchimp.com	85 KB
6	facebook.com www.facebook.com	850 B
5	bootstrapcdn.com maxcdn.bootstrapcdn.com	118 KB
4	facebook.net connect.facebook.net	432 KB
4	trackhs.com cdn.trackhs.com chat.trackhs.com gw.trackhs.com	82 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com	55 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	gstatic.com www.gstatic.com	261 KB
2	cloudflare.com cdnjs.cloudflare.com	43 KB
2	jquery.com code.jquery.com	70 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
1	hubspot.com track.hubspot.com	357 B
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hs-banner.com js.hs-banner.com	6 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	omappapi.com api.omappapi.com	600 B
1	optmnstr.com a.optmnstr.com	60 KB
1	google.de www.google.de	106 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	155 B
1	hs-scripts.com js.hs-scripts.com	567 B
1	cartstack.com api.cartstack.com	1 KB
1	pdmntn.com cdn1.pdmntn.com	304 B
1	list-manage.com mc.us18.list-manage.com	2 KB
1	googleapis.com fonts.googleapis.com	671 B
97	27

	Domain	Requested by
22	d2px9eregp3des.cloudfront.net	cdnjs.cloudflare.com
13	www.grandwelcome.com	info.grandwelcome.com www.grandwelcome.com cdnjs.cloudflare.com
8	www.google.com	1 redirects www.grandwelcome.com www.gstatic.com
7	downloads.mailchimp.com	www.grandwelcome.com downloads.mailchimp.com
6	d2epyxaxvaz7xr.cloudfront.net
6	www.facebook.com	www.grandwelcome.com
5	maxcdn.bootstrapcdn.com	www.grandwelcome.com cdnjs.cloudflare.com
4	connect.facebook.net	info.grandwelcome.com connect.facebook.net
2	chat.trackhs.com	info.grandwelcome.com chat.trackhs.com
2	cdn.mouseflow.com	1 redirects www.grandwelcome.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.gstatic.com	www.google.com
2	cdnjs.cloudflare.com	www.grandwelcome.com
2	code.jquery.com	www.grandwelcome.com
2	www.googletagmanager.com	www.grandwelcome.com
2	info.grandwelcome.com	1 redirects
1	track.hubspot.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	api.omappapi.com	www.grandwelcome.com
1	a.optmnstr.com	www.googletagmanager.com
1	gw.trackhs.com	www.grandwelcome.com
1	www.google.de	www.grandwelcome.com
1	stats.g.doubleclick.net	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	api.cartstack.com	www.googletagmanager.com
1	cdn1.pdmntn.com	www.googletagmanager.com
1	cdn.trackhs.com	www.grandwelcome.com
1	mc.us18.list-manage.com	downloads.mailchimp.com
1	fonts.googleapis.com	www.grandwelcome.com
97	31

This site contains links to these domains. Also see Links.

Domain
www.grandwelcomefranchise.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
info.grandwelcome.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
grandwelcome.com Go Daddy Secure Certificate Authority - G2	`2019-06-03` - `2021-06-13`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
downloads.mailchimp.com Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
wildcardsan.list-manage.com DigiCert SHA2 Secure Server CA	`2019-07-27` - `2020-10-25`	a year	crt.sh
*.trackhs.com Amazon	`2020-02-12` - `2021-03-12`	a year	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
cdn1.pdmntn.com Let's Encrypt Authority X3	`2020-07-31` - `2020-10-29`	3 months	crt.sh
cartstack.com Go Daddy Secure Certificate Authority - G2	`2020-03-12` - `2021-05-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.optmnstr.com Go Daddy Secure Certificate Authority - G2	`2020-07-08` - `2022-07-10`	2 years	crt.sh
api.opmnstr.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
Frame ID: 8013C75534D4BBDD848CC118D9733481
Requests: 89 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: 7E82C5FE8A11C4996E0F0A8B691A1FBF
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: A6094F06415D933E6EB270879395719E
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: ED3ACAC748AFB129483674BF45845CC7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&co=aHR0cHM6Ly93d3cuZ3JhbmR3ZWxjb21lLmNvbTo0NDM.&hl=en&type=image&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=light&size=normal&badge=bottomright&cb=6kvetzwy8zgm
Frame ID: C183BE0D354900600E3A641F506686FA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&co=aHR0cHM6Ly93d3cuZ3JhbmR3ZWxjb21lLmNvbTo0NDM.&hl=en&type=image&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=light&size=normal&badge=bottomright&cb=e45q5l3dy05n
Frame ID: 02BB4636BB3A3BF39CE36C31ACA09029
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&cb=bkdbw3ktivu1
Frame ID: 49B46A68973B64FBA615A52A464528D0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&cb=yxubcw2xt4is
Frame ID: C65729B2006E57229E16FC435417E536
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.grandwelcome.com/e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16... Page URL
https://info.grandwelcome.com/events/public/v1/track/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV... HTTP 307
https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=9... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /moment(?:\.min)?\.js/i

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.mouseflow\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

97
Requests

100 %
HTTPS

62 %
IPv6

27
Domains

31
Subdomains

29
IPs

5
Countries

6220 kB
Transfer

10208 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.grandwelcomefranchise.com/?utm_source=consumer&utm_medium=web-link&utm_campaign=consumer-referrals
Title: Own A Franchise

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GrandWelcome/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/grandwelcome
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/grandwelcome/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.grandwelcome.com/e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45syS1W6Kk_gs2pmnL4W8Hmp9s520LRCW7bdLZz5Mg0tnW9l7rXq5RpVFMW8LDppX8jBfL_W3SqWPk3rbh88W7Vr3Rf6hQpZwW6GwTXw7G0vMwW98rjkp7_T0fLW4_Zjv096xt4CW7--MY57YVwKBW8FV9wL4CF2QwW6k8_6N25gLKL3mW21 Page URL
https://info.grandwelcome.com/events/public/v1/track/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45syS1W6Kk_gs2pmnL4W8Hmp9s520LRCW7bdLZz5Mg0tnW9l7rXq5RpVFMW8LDppX8jBfL_W3SqWPk3rbh88W7Vr3Rf6hQpZwW6GwTXw7G0vMwW98rjkp7_T0fLW4_Zjv096xt4CW7--MY57YVwKBW8FV9wL4CF2QwW6k8_6N25gLKL3mW21?_ud=44cfed49-d6ca-433b-93f0-0db808b52871&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://cdn.mouseflow.com/projects/fce6f195-a842-4b51-b883-de3c1195c583.js HTTP 301
https://cdn.mouseflow.com/projects/fce6f195-a842-4b51-b883-de3c1195c583_eu.js

Request Chain 32

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=15899212&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium%3Demail%26_hsmi%3D92424217%26_hsenc%3Dp2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ%26utm_content%3D92424217%26utm_source%3Dhs_automation&ul=en-us&de=UTF-8&dt=The%20Best%20Vacation%20Rentals%20at%20Grand%20Welcome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=912289584&gjid=591948843&cid=128409361.1597205741&tid=UA-118744554-1&_gid=582045589.1597205741&_r=1&gtm=2wg871NHJWMN2&z=947388328 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118744554-1&cid=128409361.1597205741&jid=912289584&_gid=582045589.1597205741&gjid=591948843&_v=j83&z=947388328 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-118744554-1&cid=128409361.1597205741&jid=912289584&_v=j83&z=947388328 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-118744554-1&cid=128409361.1597205741&jid=912289584&_v=j83&z=947388328&slf_rd=1&random=1005279437

97 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45s... Show response
info.grandwelcome.com/e2t/tc/ 9 KB
3 KB 78ms
78ms Document
text/html 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.grandwelcome.com/e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45syS1W6Kk_gs2pmnL4W8Hmp9s520LRCW7bdLZz5Mg0tnW9l7rXq5RpVFMW8LDppX8jBfL_W3SqWPk3rbh88W7Vr3Rf6hQpZwW6GwTXw7G0vMwW98rjkp7_T0fLW4_Zjv096xt4CW7--MY57YVwKBW8FV9wL4CF2QwW6k8_6N25gLKL3mW21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38067ff22c71d5e83040564eb6d37cb83032cf3bb7efcd5b11a0b165f636322c

Request headers

:method: GET
:authority: info.grandwelcome.com
:scheme: https
:path: /e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45syS1W6Kk_gs2pmnL4W8Hmp9s520LRCW7bdLZz5Mg0tnW9l7rXq5RpVFMW8LDppX8jBfL_W3SqWPk3rbh88W7Vr3Rf6hQpZwW6GwTXw7G0vMwW98rjkp7_T0fLW4_Zjv096xt4CW7--MY57YVwKBW8FV9wL4CF2QwW6k8_6N25gLKL3mW21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 12 Aug 2020 04:15:39 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d08abd584254de253516ef9adfcf755701597205739; expires=Fri, 11-Sep-20 04:15:39 GMT; path=/; domain=.info.grandwelcome.com; HttpOnly; SameSite=Lax __cfruid=4b3395b1542fd01a86f60e0b3fe67eb30975f896-1597205739; path=/; domain=.info.grandwelcome.com; HttpOnly; Secure; SameSite=None
cf-ray: 5c1760605fafd715-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 04827a90360000d715ef899200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H/1.1

200

Primary Request

Cookie set / Show response
www.grandwelcome.com/
Redirect Chain

https://info.grandwelcome.com/events/public/v1/track/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7...
https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC...

4 KB
3 KB

562ms
181ms

Document
text/html

52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation

Requested by

Host: info.grandwelcome.com
URL: https://info.grandwelcome.com/e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45syS1W6Kk_gs2pmnL4W8Hmp9s520LRCW7bdLZz5Mg0tnW9l7rXq5RpVFMW8LDppX8jBfL_W3SqWPk3rbh88W7Vr3Rf6hQpZwW6GwTXw7G0vMwW98rjkp7_T0fLW4_Zjv096xt4CW7--MY57YVwKBW8FV9wL4CF2QwW6k8_6N25gLKL3mW21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

879b198aac5a67a049a3cc5610849b9029dfd16daea7932e84dda61a2eca91aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.grandwelcome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.grandwelcome.com/e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45syS1W6Kk_gs2pmnL4W8Hmp9s520LRCW7bdLZz5Mg0tnW9l7rXq5RpVFMW8LDppX8jBfL_W3SqWPk3rbh88W7Vr3Rf6hQpZwW6GwTXw7G0vMwW98rjkp7_T0fLW4_Zjv096xt4CW7--MY57YVwKBW8FV9wL4CF2QwW6k8_6N25gLKL3mW21

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY SAMEORIGIN
X-Content-Type-Options: nosniff nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=07FD1B6799406F4386247FFD958893A3; Path=/; HttpOnly XSRF-TOKEN=b044d39c-d12a-4899-9daa-d26a7e15b2fe; Path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

Redirect headers

status: 307
date: Wed, 12 Aug 2020 04:15:39 GMT
location: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
cf-ray: 5c176060e89ad715-FRA
link: <https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 04827a908c0000d715ef89e200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 35ms
30ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-20602242-12

Requested by

Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e459e6275457481ffdf4e3939400083841ac37e2861aa296407a142f53f3d56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35691
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 04:15:40 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 31ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19747

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 36ms
13ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6241

GET
H2 200 css
fonts.googleapis.com/ 2 KB
671 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3d197dfe12cd24c520e280243a52873e003333dd036e0df7cdf2e6c6fd022cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 03:31:44 GMT
server: ESF
date: Wed, 12 Aug 2020 04:15:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Aug 2020 04:15:40 GMT

GET
H/1.1 200 brands.min-9e1cb1c44e47320098c698a5eab7de96.css
www.grandwelcome.com/static/css/font-awesome-5/css/ 805 B
860 B 174ms
171ms Stylesheet
text/css 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/static/css/font-awesome-5/css/brands.min-9e1cb1c44e47320098c698a5eab7de96.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

4df58a11cdde1470fa5be22bbf2062d07d41bf5f2fde6e34e07dcb9094bebbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 07 Aug 2020 12:38:46 GMT
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: max-age=31556999
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 318
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H2 200 jquery-ui.min.css
code.jquery.com/ui/1.11.4/themes/ui-darkness/ 29 KB
7 KB 29ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/themes/ui-darkness/jquery-ui.min.css
Requested by: Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b76e2d242097b5a0faaae61139dff9441511d1e6789b4c7601140a84e354b1c

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2015 13:03:17 GMT
server: nginx
status: 200
etag: W/"55003d15-7555"
vary: Accept-Encoding
x-hw: 1597205740.dop007.fr8.t,1597205740.cds278.fr8.hc,1597205740.cds121.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7419

GET
H/1.1 200 styles.bundle-3df58c917215c9428aa0226ea9357317.css
www.grandwelcome.com/gw2home/ 95 KB
30 KB 349ms
174ms Stylesheet
text/css 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/styles.bundle-3df58c917215c9428aa0226ea9357317.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6e00cfc051172020f1f55fc5bfaa0d731bf5d18a08d88d3ac9813fd5a63c9852

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 07 Aug 2020 12:38:44 GMT
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: max-age=31556999
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 41ms
20ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9504401
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04827a938b0000636b9a870200000001
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:15 GMT
server: cloudflare
etag: W/"5afd494f-14e55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5c176065ae74636b-FRA
expires: Mon, 02 Aug 2021 04:15:40 GMT

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.11.4/ 235 KB
63 KB 30ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by: Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2015 13:03:17 GMT
server: nginx
status: 200
etag: W/"55003d15-3ab2b"
vary: Accept-Encoding
x-hw: 1597205740.dop007.fr8.t,1597205740.cds278.fr8.hc,1597205740.cds159.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 64296

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.12.0/ 41 KB
14 KB 37ms
16ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.12.0/moment.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 24871665
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04827a938b0000636b9a871200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:24:28 GMT
server: cloudflare
etag: W/"5afd4a4c-a337"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5c176065ae75636b-FRA
expires: Mon, 02 Aug 2021 04:15:40 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 35ms
14ms Script
text/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9764

GET
H/1.1 200 jquery.daterangepicker.js Show response
www.grandwelcome.com/gw2home/assets/js/ 79 KB
19 KB 514ms
175ms Script
application/javascript 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/assets/js/jquery.daterangepicker.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

09b7b1c811eca92dccd3a8f70ec5a740b3c3d1e3e0fe1cd41e2b67e0cf5de1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 07 Aug 2020 12:38:44 GMT
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=31556999
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
534 B 18ms
15ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fdc8925648b957baf9f68b4647a851f8ba9f5dc4b1b0b87a9db3c8d29f2de8d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 1; mode=block
expires: Wed, 12 Aug 2020 04:15:40 GMT

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 128 KB
46 KB 107ms
28ms Script
application/javascript 13.226.155.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by: Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-18.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8c3fbef87d09c09c57ca16e8f7bd8b62d531ccf2aebd4056b73b6395869bca0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:14:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jul 2020 14:05:46 GMT
Server: AmazonS3
Age: 45
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: VyX_5yETp_LE0UWS4IWsqGwi-Nl1ydEzwJkvtqiuJ_zj3S76tjs3Dg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 733 B
560 B 17ms
16ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8cfec233be5bdb43f6fe0917a3d45a16a5161c4cc73ab878d84bb89de3490cfa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 467
x-xss-protection: 1; mode=block
expires: Wed, 12 Aug 2020 04:15:41 GMT

GET
H/1.1 200 inline.bundle-da7d1332261ed88721d7789ee34885d3.js Show response
www.grandwelcome.com/gw2home/ 1 KB
1 KB 509ms
169ms Script
application/javascript 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/inline.bundle-da7d1332261ed88721d7789ee34885d3.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

7713532b0c7b81c429e48992abab91d90eb7526237d6a27d8e97fcc7606cd27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 07 Aug 2020 12:38:46 GMT
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
ETag: "da7d1332261ed88721d7789ee34885d3"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=31556999
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 polyfills.bundle-969f6ccbc8e09f07e9d6e39ebdff77a5.js Show response
www.grandwelcome.com/gw2home/ 204 KB
67 KB 518ms
176ms Script
application/javascript 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/polyfills.bundle-969f6ccbc8e09f07e9d6e39ebdff77a5.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

7d5ac199fa1375059f6c5a5046862c9fd0dadf29eda76a2a59408c7f81165203

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 07 Aug 2020 12:38:44 GMT
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
ETag: "969f6ccbc8e09f07e9d6e39ebdff77a5"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=31556999
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 404 vendor.bundle.js
www.grandwelcome.com/gw2home/ 0
0 530ms
188ms Script
text/html 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/vendor.bundle.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Language: en-US
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: text/html;charset=UTF-8
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 404 styles.bundle.js
www.grandwelcome.com/gw2home/ 0
0 523ms
180ms Script
text/html 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/styles.bundle.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Language: en-US
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: text/html;charset=UTF-8
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200 main.bundle-145d11078c9bb3668e377965737da5ca.js Show response
www.grandwelcome.com/gw2home/ 858 KB
180 KB 682ms
175ms Script
application/javascript 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/main.bundle-145d11078c9bb3668e377965737da5ca.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ce9a1bafa880221a0e9a5a6b80b006bb1e807b94010a3dc6942720c68ee1d5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 07 Aug 2020 12:38:44 GMT
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
ETag: "145d11078c9bb3668e377965737da5ca"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=31556999
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ 331 KB
131 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 16:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Aug 2020 04:05:32 GMT
server: sffe
age: 127535
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133738
x-xss-protection: 0
expires: Tue, 10 Aug 2021 16:50:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
42 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHJWMN2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac4f1b19d22f000331d67b5b2eba3bfaf6d741a3a2855a2f33ec1f6403047e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43117
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 04:15:41 GMT

GET
H2 200 form-settings Show response
mc.us18.list-manage.com/subscribe/ 2 KB
2 KB 248ms
186ms Script
application/json 104.108.41.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.us18.list-manage.com/subscribe/form-settings?u=7875a25eb9518769982e23599&id=48d4784be1&u=7875a25eb9518769982e23599&id=48d4784be1&c=dojo_request_script_callbacks.dojo_request_script0
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.41.144 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-41-144.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 0fee9a3715daf501f1d92cb769adc6cf2848a357064976ef0bc1ccb41790c1e6

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 125
date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: gzip
referrer-policy: same-origin
server: openresty
x-edgeconnect-midmile-rtt: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
cache-control: max-age=295
x-ua-compatible: IE=edge,chrome=1
content-length: 897
expires: Wed, 12 Aug 2020 04:20:36 GMT

GET
H2 200 tracking.js Show response
cdn.trackhs.com/tracking/ 5 KB
2 KB 92ms
26ms Script
application/javascript 13.226.155.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackhs.com/tracking/tracking.js
Requested by: Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0088a48d02c4b7b030481627b922901d2ee9232895d8f3bc02b9453b3e190dd9

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 13:11:04 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2019 22:19:05 GMT
server: AmazonS3
age: 54278
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: gdVIIWFlrXlfKc-cy_4wlrIyqgl14qKXVnfQpwEsISeNVLgLEFHiUQ==
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHJWMN2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3601
date: Wed, 12 Aug 2020 03:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 12 Aug 2020 05:15:40 GMT

GET
H2

200

fce6f195-a842-4b51-b883-de3c1195c583_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/fce6f195-a842-4b51-b883-de3c1195c583.js
https://cdn.mouseflow.com/projects/fce6f195-a842-4b51-b883-de3c1195c583_eu.js

166 KB
55 KB

340ms
340ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/fce6f195-a842-4b51-b883-de3c1195c583_eu.js
Requested by: Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e8cf4af2a09745a94efa6106a8cac9ef62879b964a92f24e46747338abb70973

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 15:00:15 GMT
server: NetDNA-cache/2.2
etag: W/"533064265d58d61:0"
status: 200
x-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

status: 301
date: Wed, 12 Aug 2020 04:15:41 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
location: https://cdn.mouseflow.com/projects/fce6f195-a842-4b51-b883-de3c1195c583_eu.js
content-type: text/html

GET
H2 200 track-webchat-boot.js Show response
chat.trackhs.com/chat/ 2 KB
1 KB 410ms
396ms Script
application/javascript 13.226.155.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.trackhs.com/chat/track-webchat-boot.js
Requested by: Host: info.grandwelcome.com
URL: https://info.grandwelcome.com/e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45syS1W6Kk_gs2pmnL4W8Hmp9s520LRCW7bdLZz5Mg0tnW9l7rXq5RpVFMW8LDppX8jBfL_W3SqWPk3rbh88W7Vr3Rf6hQpZwW6GwTXw7G0vMwW98rjkp7_T0fLW4_Zjv096xt4CW7--MY57YVwKBW8FV9wL4CF2QwW6k8_6N25gLKL3mW21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42459e8cdcada21b5b755e158de4807097bbd21680d7538dafc9f9e9cbfe3d98

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
content-encoding: gzip
last-modified: Tue, 27 Mar 2018 21:18:13 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=60
x-amz-cf-id: quUtaNEeJKtx7scBkB_p6iB6fFS7Ba__SP3kEPxK3R6uwse2DUd4Fg==
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: TE3l/Vg1rkmGvL37O9n11DD/HRsyCR/WTnEcVUYvJtzSy5nOc1XMwkevYZYzMYvtiPh1SmIL1gCPZ0YvLxaYsQ==
x-fb-trip-id: 2097730283
x-frame-options: DENY
date: Wed, 12 Aug 2020 04:15:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK rkw9rG9L7.js Show response
cdn1.pdmntn.com/a/ 52 B
304 B 142ms
85ms Script
application/javascript 136.243.150.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.pdmntn.com/a/rkw9rG9L7.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHJWMN2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.150.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.150.243.136.clients.your-server.de
Software: / Express
Resource Hash: 42ca08d870a7f6ad56a6fced0ebac216aea3bd969bbae32f3c2801b9393c7c0b

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK www.grandwelcome.com_31827e6d2609457e4538e8a0441c736f.js Show response
api.cartstack.com/js/customer-tracking/ 3 KB
1 KB 713ms
169ms Script
application/javascript 52.42.91.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cartstack.com/js/customer-tracking/www.grandwelcome.com_31827e6d2609457e4538e8a0441c736f.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHJWMN2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.91.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-91-111.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16 /
Resource Hash: 8a20cb36b3b06b5fe5e7bcec3d711745208fcd49acd9d318f3348811c1537672

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2019 20:40:36 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
ETag: "ac1-58f78d6330d2c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 839
Expires: Fri, 11 Sep 2020 04:15:41 GMT

GET
H2 200 5016044.js Show response
js.hs-scripts.com/ 1 KB
567 B 12ms
11ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5016044.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHJWMN2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 329bb6dd3cfd44f01359ef128c03cbb0d6a34fe00cbaef914d1696968ce8468c

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11
cf-polished: origSize=1256
status: 200
cf-request-id: 04827a966b000017626a831200000001
cf-bgj: minify
server: cloudflare
x-trace: 2B31A4257BEB0BB6EEA02E9D324EFE29E67A6F4DDF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://meetings.hubspot.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 5c17606a4f3d1762-FRA
expires: Wed, 12 Aug 2020 04:16:41 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=15899212&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118744554-1&cid=128409361.1597205741&jid=912289584&_gid=582045589.1597205741&gjid=591948843&_v=j83&z=947388328
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-118744554-1&cid=128409361.1597205741&jid=912289584&_v=j83&z=947388328
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-118744554-1&cid=128409361.1597205741&jid=912289584&_v=j83&z=947388328&slf_rd=1&random=1005279437

42 B
106 B

16ms
16ms

Image
image/gif

2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-118744554-1&cid=128409361.1597205741&jid=912289584&_v=j83&z=947388328&slf_rd=1&random=1005279437

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 04:15:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Aug 2020 04:15:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-118744554-1&cid=128409361.1597205741&jid=912289584&_v=j83&z=947388328&slf_rd=1&random=1005279437
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 493728741043254 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/493728741043254?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4772efbbfa3026c193acecb54d20dc78b83cd6c4b82c5a12c88163f237785c7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: n3uk4O8Zi6vMZVD/dftBTgQjcAE2VbjRpn9nl7P6Hpmm7Ld0hh+d81uFqXuGo3c9ej7JI1cM6IwShpYR7xiY7w==
x-fb-trip-id: 2097730283
x-frame-options: DENY
date: Wed, 12 Aug 2020 04:15:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 404 vendor.bundle.js
www.grandwelcome.com/gw2home/ 0
0 176ms
176ms Script
text/html 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/vendor.bundle.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Language: en-US
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: text/html;charset=UTF-8
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H2 200 315195449083697 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 75ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/315195449083697?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e999fc54a1ff97d24edd8eb98267bc62bd8a41a9307ca90a923b259f9706b313

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: oaH8z7gt0QhhXVrMVc5eK4e9yVuvGHcgZHbbom8vwicKL977imZuewrgnZa8WPMGi/85maSvlj00V/9PlIwGhw==
x-fb-trip-id: 2097730283
x-frame-options: DENY
date: Wed, 12 Aug 2020 04:15:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=493728741043254&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium%3Demail%26_hsmi%3D92424217%26_hsenc%3Dp2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ%26utm_content%3D92424217%26utm_source%3Dhs_automation&rl=&if=false&ts=1597205741356&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1597205741355.1253875797&it=1597205741190&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 04:15:41 GMT

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 101 KB
31 KB 27ms
27ms Script
application/javascript 13.226.155.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-18.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ed1a215eecd0157174987e302a5f4e1f6a5d1cd7f384608c4e6e8f5cd535ff1

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:14:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 49
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: FOQhHIjw5XHZJHZAmX8og5OvqUk60s1SxzYVfiRKQNjySs0_c9Z8Iw==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 7E82 9 KB
3 KB 26ms
25ms Stylesheet
text/css 13.226.155.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-18.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:14:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 48
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: OazuDq5s00wvKUzO3BqxtB4cYF05B1AsG1zFkgPV2_lMV1HFOizHaw==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 7E82 1005 B
894 B 50ms
24ms Stylesheet
text/css 13.226.155.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-18.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:14:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 48
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: KZwj-74HAylyWyofRyccTY0C6yzzNXeomNv5oCoaq6OnggwSIRUtbw==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame A609 9 KB
3 KB 67ms
25ms Stylesheet
text/css 13.226.155.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-18.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: FtPVKkR_vL-ShbISJ-pciellO6Y9zxxY230mbQjEVOKwRrty22talQ==

GET
H/1.1 200
OK layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame A609 1 KB
906 B 70ms
26ms Stylesheet
text/css 13.226.155.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/layout-2.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-18.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: bVxIDtZZVKmEyyIah2aGKKPbkNAUXYbJoXiGR7OWsfT1lhNYXNdlXQ==

GET
H/1.1 200
OK modal.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 3 KB
1 KB 71ms
25ms Stylesheet
text/css 13.226.155.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/modal.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-18.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: uTXE6gJKA1zI7AS0wzzp4_qKhH7kPga0kdKmbMb7u7Z7xpfddEDewg==

GET
H2 200 2193046461012211 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 83ms
82ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2193046461012211?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c9692e98b34f05bb46a12106de36c7dd203d763b0db4f631f027a8e66fc497a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JTTDcdk1IdfheSpOsqfiL6i0ZgsFNupjN+rOlqxSKCz4FTBf6ufLgoajcMbAxKx1aRa4QcqVBAluf+lVp5o41A==
x-fb-trip-id: 2097730283
x-frame-options: DENY
date: Wed, 12 Aug 2020 04:15:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=315195449083697&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium%3Demail%26_hsmi%3D92424217%26_hsenc%3Dp2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ%26utm_content%3D92424217%26utm_source%3Dhs_automation&rl=&if=false&ts=1597205741474&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1597205741355.1253875797&it=1597205741190&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 04:15:41 GMT

GET
H/1.1 404 styles.bundle.js
www.grandwelcome.com/gw2home/ 0
0 176ms
176ms Script
text/html 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/gw2home/styles.bundle.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Language: en-US
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: text/html;charset=UTF-8
Keep-Alive: timeout=5, max=98
Expires: 0

GET
H2 200 track-webchat-prod.1.5.3.js Show response
chat.trackhs.com/chat/ 263 KB
78 KB 31ms
31ms Script
application/javascript 13.226.155.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.trackhs.com/chat/track-webchat-prod.1.5.3.js?domain=gw
Requested by: Host: chat.trackhs.com
URL: https://chat.trackhs.com/chat/track-webchat-boot.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9cfbc733af5a81187a495eb799b991be56558e50f604d28f018b1370d559950

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 10:41:56 GMT
content-encoding: gzip
last-modified: Tue, 27 Mar 2018 21:18:14 GMT
server: AmazonS3
age: 236026
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: J2h0Rj-0UfHxECfUqfMVJAq6hVkpKepzhiLFgkruJeQqUsre6HJo0w==
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2193046461012211&ev=PageView&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium%3Demail%26_hsmi%3D92424217%26_hsenc%3Dp2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ%26utm_content%3D92424217%26utm_source%3Dhs_automation&rl=&if=false&ts=1597205741587&sw=1600&sh=1200&v=2.9.23&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1597205741355.1253875797&it=1597205741190&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 04:15:41 GMT

GET
H2 200 / Show response
gw.trackhs.com/api/chat/get-session-config/ 156 B
334 B 386ms
147ms XHR
application/json 52.203.243.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.trackhs.com/api/chat/get-session-config/?brand=1
Requested by: Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/gw2home/polyfills.bundle-969f6ccbc8e09f07e9d6e39ebdff77a5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.243.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-243-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9b0f3faa39ced02e8bd0d212d8774342a58fb9fa35487cc9589ebb89a35033bc

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.grandwelcome.com
access-control-expose-headers

GET
DATA 200
OK truncated
/ Frame ED3A 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363afd548194a1b4c64a6080a957a20294724573dfd991d08aebc4df7aee8d86

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://www.grandwelcome.com

Response headers

Content-Type: application/font-woff

GET
H/1.1 200 getHomePageCMSData Show response
www.grandwelcome.com/ 157 KB
14 KB 173ms
173ms XHR
application/json 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/getHomePageCMSData

Requested by

Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/gw2home/polyfills.bundle-969f6ccbc8e09f07e9d6e39ebdff77a5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

1aae1da6e005b71bb0244787ba29bd3746f13fd15689d4e70a29ba0ad37a94f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
X-XSRF-TOKEN: b044d39c-d12a-4899-9daa-d26a7e15b2fe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Aug 2020 04:15:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Connection: Keep-Alive
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Expires: 0

GET
H2 200 api.min.js Show response
a.optmnstr.com/app/js/ 199 KB
60 KB 64ms
18ms Script
application/javascript 23.111.9.217
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.optmnstr.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHJWMN2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.217 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 288ee3a19514d8dd3d85fc9387e853c3f942ce28307dab68f4b50ecbb812b231

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 15:32:32 GMT
server: NetDNA-cache/2.2
x-amz-request-id: AQBQEX1TAX5N1S5T
etag: W/"56caac4041dee3bf75fea8016c85abe4"
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
access-control-allow-origin: *
x-amz-id-2: 72tqErI3ivPNuN28Nq8HYQHeL8wZZo3rekCz5Bchv2rWL7DPWTPvvSPbQoYINH/PkapdeqmDsVs=
expires: Sat, 07 Aug 2021 04:15:41 GMT

GET
H2 200 15296 Show response
api.omappapi.com/v2/embed/ 16 B
600 B 338ms
286ms XHR
application/json 13.226.155.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/15296
Requested by: Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/gw2home/polyfills.bundle-969f6ccbc8e09f07e9d6e39ebdff77a5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-50.dus51.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: a3129a3a4d6ecdc707a5b05d71e68654a7a1319580075d70dfe570ab2a060814

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: DUS51-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
status: 200
content-length: 16
x-optinmonster-account: 681
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "0d8be0c11132305329dc2e9ff32e36f1"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: qiFhH39JKT9cBLwZ667vOlRI4gJs2NswW87sJP5ZDKoQZRzj6UjfrA==
expires: Wed, 12 Aug 2020 04:14:26 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5016044.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c53bd25028bc21dbf5ee69c8dc671c96ed980ea86f57609983e4106e626363

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
via: 1.1 76a7fdbced88b6eccf433c4e386bae41.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 73
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
cf-request-id: 04827a99350000d6b5ad1d5200000001
last-modified: Fri, 31 Jul 2020 01:31:53 UTC
server: cloudflare
etag: W/"c13ae749af279de311c36dc329306de6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yw3dTqRR__02xwXTzTX3FGzZNEyW5hKp
cache-control: max-age=600
x-amz-cf-pop: IAD89-C3
cf-ray: 5c17606ebe87d6b5-FRA
x-amz-cf-id: I0sDaGdMv3SX5Um6THC0lEvK7hUPii9hFfDS1j_w0avMCQRFSp2adw==

GET
H2 200 5016044.js Show response
js.hs-banner.com/ 23 KB
6 KB 14ms
14ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5016044.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5016044.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b18b6aedb8444f1478964168c6a566ec5d9d3912ab6abbf0c2d5b1e8ae462db

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=wC2S7Q==, md5=Fm7tdkJtpXzHOuW0SbZMQw==
date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 11
x-guploader-uploadid: AAANsUmqA7annYI-E4L8gDAdehB9J8hHpEQG7SP_5OUROXnRufgdcLlKh9GPQV1Y2xWdthenhINErpSowEOr7T2qkjbAmfWs5g
x-goog-storage-class: STANDARD
status: 200
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 04827a99350000c29acb3c1200000001
timing-allow-origin: *
last-modified: Wed, 27 May 2020 03:46:12 GMT
server: cloudflare
etag: W/"166eed76426da57cc73ae5b449b64c43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1590551172076091
access-control-allow-origin: https://www.grandwelcome.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 23647
cf-ray: 5c17606ebfb2c29a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 12 Aug 2020 04:20:30 GMT

GET
H2 200 5016044.js Show response
js.hs-analytics.net/analytics/1597205700000/ 59 KB
18 KB 18ms
18ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1597205700000/5016044.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5016044.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e675ea6e55f0c83c4dd6f31a8e7d861d66b7e48a182dc7c7876696a85adf93

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 10
x-amz-server-side-encryption: AES256
status: 200
x-amz-request-id: 0BADFA43E375639A
x-amz-id-2: zYCUTEe+nhzT7/OfktR5mcj42uDrYi7+R3GanM3s577+Z0S5xfoJWyVnip0/Nrz+gNy6Mm8ZMcU=
last-modified: Tue, 11 Aug 2020 16:31:42 GMT
server: cloudflare
etag: W/"854a5658242ecab1525657d2bb5b2a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 04827a9936000017529f386200000001
cf-ray: 5c17606ebe471752-FRA
expires: Wed, 12 Aug 2020 04:20:31 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
357 B 22ms
22ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=5016044&pu=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium%3Demail%26_hsmi%3D92424217%26_hsenc%3Dp2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ%26utm_content%3D92424217%26utm_source%3Dhs_automation&t=The+Best+Vacation+Rentals+at+Grand+Welcome&cts=1597205741925&vi=cc75ea3cc0aa09e66312029bb7377069&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5c17606f0a740742-FRA
date: Wed, 12 Aug 2020 04:15:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 04827a9968000007425c231200000001
x-robots-tag: none

GET
H/1.1 200
OK Grand-Welcome-Vacation-Rentals-Main-Image-Drfitwood2.jpg
d2px9eregp3des.cloudfront.net/v2/cms/-1/slider/ 472 KB
472 KB 1568ms
628ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/-1/slider/Grand-Welcome-Vacation-Rentals-Main-Image-Drfitwood2.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9768be3b15dc537359c5f7ad90c3f1d0335959a5a3d0498e4887748aafdf57f

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
Last-Modified: Thu, 17 Jan 2019 20:13:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "0a778e0b8b9eebf9c3f71b7ca33b44fc"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 483100
X-Amz-Cf-Id: SvfJINyPkSBk8VUzA3bv242tlBspvamHivdcql1cnyffmm-kB_BbRg==

GET
H/1.1 200
OK hostingsafety_img-1.jpg
d2px9eregp3des.cloudfront.net/v2/static_content/ 22 KB
22 KB 1595ms
639ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/static_content/hostingsafety_img-1.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cc0bb073867a71521f6892f407552eb9266b66535b3b875857e0a819bcca5d2

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Oct 2018 13:37:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "c63cba22de84931a09c3e71181f2fcc1"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22251
X-Amz-Cf-Id: DeprES0NjgwhR5FUB1jk28HTzDs0pJY2YjW_Ih4dmmT-E3ufts3omA==

GET
H/1.1 200
OK HostingSafety_img-2.jpg
d2px9eregp3des.cloudfront.net/v2/static_content/ 40 KB
40 KB 1319ms
225ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/static_content/HostingSafety_img-2.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d02592dbd5dad2ee3c3b523e5b204faf59f4b35098427881363c1ee62190f3b

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Oct 2018 13:37:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "05e27fe7634d3f1c4e26b874daf4ec4c"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40544
X-Amz-Cf-Id: bYtHfZXuei8ZJfsHUOEXA_vVasIti1oGe-ej9iuyl0Y8IgbTDy4V7Q==

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
65 KB 323ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://www.grandwelcome.com

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 66632

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 334ms
18ms Font
font/woff2 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Origin: https://www.grandwelcome.com

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 18056

GET
H/1.1 200 fa-brands-400.woff2
www.grandwelcome.com/static/css/font-awesome-5/webfonts/ 73 KB
73 KB 171ms
171ms Font
font/woff2 52.35.25.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandwelcome.com/static/css/font-awesome-5/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.35.25.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-25-143.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

bb84784890d0dfbd6f09c0db2bf11725e4c7052e41f7c50940ac887f84747b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.grandwelcome.com/static/css/font-awesome-5/css/brands.min-9e1cb1c44e47320098c698a5eab7de96.css
Origin: https://www.grandwelcome.com

Response headers

Date: Wed, 12 Aug 2020 04:15:41 GMT
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 07 Aug 2020 12:38:46 GMT
Server: Apache
X-Frame-Options: DENY, SAMEORIGIN
Connection: Keep-Alive
Content-Type: font/woff2
Cache-Control: max-age=31556999
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 74680
X-XSS-Protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 742 B
566 B 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=reCaptchaOnloadCallback&render=explicit

Requested by

Host: www.grandwelcome.com
URL: https://www.grandwelcome.com/gw2home/main.bundle-145d11078c9bb3668e377965737da5ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd72c8b115f9162c592d810b7ee6880185c2404608b868e17ba804da850b1969

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 472
x-xss-protection: 1; mode=block
expires: Wed, 12 Aug 2020 04:15:42 GMT

GET
H/1.1 200
OK GW-BrandLogo-Horizontal-Color-150pxHeight.png
d2px9eregp3des.cloudfront.net/v1.1/grandwelcome/gwcolorlogo/ 9 KB
10 KB 1298ms
270ms Image
image/png 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v1.1/grandwelcome/gwcolorlogo/GW-BrandLogo-Horizontal-Color-150pxHeight.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8cbed0e521b2bc74ae1e6307ab4de2c785f32f55c56d3b4187dec8c73fcab7b

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Feb 2018 15:09:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "cdb40e1c8f61fcaa32ae90c6792f7c20"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9699
X-Amz-Cf-Id: EDzTsJYtRIc85j9vgNsyEd9e5name6np0S2b0hoWANzlh5cC7Mfp_Q==

GET
H/1.1 200
OK maui_city.jpg
d2px9eregp3des.cloudfront.net/v2/cms/4/cities/ 24 KB
24 KB 1686ms
635ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/4/cities/maui_city.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6c239207ce3235f2f7fa01150985e5176a7b0eaf8156e8a4565103dc19eeed4

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Oct 2018 12:02:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "df56585542d1061cb67eb46e4d06147e"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24352
X-Amz-Cf-Id: Jm0IBAUuUE0Ru7BlGjJIJi67saiwJm4lpmkQiLR265ufeEz_w31tEw==

GET
H/1.1 200
OK big_island_city.jpg
d2px9eregp3des.cloudfront.net/v2/cms/3/cities/ 42 KB
42 KB 1827ms
617ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/3/cities/big_island_city.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db8a38d1945ecf7c480760973c260314b80fa941dbe018a7b16c2042f39a938f

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Nov 2018 12:45:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "9cec63065a702abe5c07bf90b6ad1266"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42859
X-Amz-Cf-Id: RvVmhoZO3qvL8Rqm9skf7lbuhBWo0KDAHGPbQ-Uhp-G8fT_EOI7NOQ==

GET
H/1.1 200
OK Grand-Welcome-Vacation-Rentals-Oahu.jpg
d2px9eregp3des.cloudfront.net/v2/cms/48/cities/ 44 KB
45 KB 648ms
645ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/48/cities/Grand-Welcome-Vacation-Rentals-Oahu.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4c94d8851a2c0fb28238a3e7c359ad73006d8fdbc87f3fedb754035eec98c8f

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:43 GMT
Via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
Last-Modified: Thu, 17 Jan 2019 20:37:33 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "30fc84c9d217abcdbfbbf827772c70aa"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45418
X-Amz-Cf-Id: x9VO8JdIIIDhZuwKyUZOrSQQcnUDUb9KpAS0ZK0-Fr895RTjhWCafQ==

GET
H/1.1 200
OK grand-welcome-south-lake-tahoe-vacation-rentals-homepage-tile.jpg
d2px9eregp3des.cloudfront.net/v2/cms/190/cities/ 108 KB
108 KB 725ms
721ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/190/cities/grand-welcome-south-lake-tahoe-vacation-rentals-homepage-tile.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e70df9b8c9b27492ae6d3cd41619c32201c4fab94cd7737d49dc62594349669a

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:43 GMT
Via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Apr 2019 18:47:38 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "c113f2c54f69f1c60c0ebb2658dffff9"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110212
X-Amz-Cf-Id: qUy6Xs96id3yA_XOfYoxBB6q3Nf2DsEEYp11PQ4hk-Pdd8ZuZGBkEQ==

GET
H/1.1 200
OK grand-welcome-colorado-vacation-rentals-homepage-tile.jpg
d2px9eregp3des.cloudfront.net/v2/cms/263/cities/ 42 KB
43 KB 642ms
639ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/263/cities/grand-welcome-colorado-vacation-rentals-homepage-tile.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95ba96606adaf1ceea107ecafde29a7db3aa13afca0dfb59f1daa46e554350c7

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:43 GMT
Via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Last-Modified: Mon, 13 May 2019 08:57:48 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "00d324a4a2abbe271b173b4538878523"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43455
X-Amz-Cf-Id: n2P0sKuHUsrKNvVhalp7NTl701kXHn4rdVsMRZpy00JtUOLQycaL_w==

GET
H/1.1 200
OK grand-welcome-palm-springs-vacation-rentals-homepage-tile.jpg
d2px9eregp3des.cloudfront.net/v2/cms/237/cities/ 34 KB
34 KB 670ms
620ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/237/cities/grand-welcome-palm-springs-vacation-rentals-homepage-tile.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3529abdc41aed5a4d2efce350671261813fc95014856b4a651ba3f422aa0fd5

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:43 GMT
Via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
Last-Modified: Mon, 13 May 2019 07:51:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "b86e805dd9e7aa9afc5f65eb4c325a82"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34558
X-Amz-Cf-Id: DHeTq7tBmcSikBpt5NBCfQcx3xxCAh7dgHTNg4GGO_ysppF97yvXOA==

GET
H/1.1 200
OK san_diego_city.jpg
d2px9eregp3des.cloudfront.net/v2/cms/189/cities/ 50 KB
50 KB 681ms
619ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/189/cities/san_diego_city.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d633c81ed4563ad3e1066285b963ff908d9856f35ddc3fb9d1e30a8c0e2ed75f

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:43 GMT
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Last-Modified: Tue, 29 Jan 2019 09:27:31 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "d8df0420e7ef2d2d8a79794692865c79"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50851
X-Amz-Cf-Id: UvT2tK41gfzxyTTc7DhWVEqrCoBlbamW2QRaloFRsZ4f8oUYQSuV8A==

GET
H/1.1 200
OK grand-welcome-mammoth-lakes-vacation-rentals-homepage-tile.jpg
d2px9eregp3des.cloudfront.net/v2/cms/187/cities/ 53 KB
53 KB 716ms
653ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/187/cities/grand-welcome-mammoth-lakes-vacation-rentals-homepage-tile.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcab5fd75f1111664334459dce8158d95f77e58b6c3e7de0d6a577b32928cdd1

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:43 GMT
Via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Apr 2019 19:13:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "6e1ba8da3d7731805b23924b958bbeb3"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54040
X-Amz-Cf-Id: YoLz-uQyj0JTYyJXRBeSc9JicJyBu46_b5O0w4Tm35pN7imRRjcmKA==

GET
H/1.1 200
OK sea_ranch_city.jpg
d2px9eregp3des.cloudfront.net/v2/cms/185/cities/ 47 KB
48 KB 1454ms
663ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/185/cities/sea_ranch_city.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6788a18acad70887d5c9311d7da3fb917255af2eefbc4dceb8226ad960f716ce

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Oct 2018 12:02:51 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "2c5e5f61f0fa8950047bb4e7757c8ba7"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48328
X-Amz-Cf-Id: BAUcwOtCwSPwdskclvLMTnycgaMaOLjHLinm00eA56-pyo2n-Y8ijA==

GET
H/1.1 200
OK grand-welcome-corona-del-mar-vacation-rentals-homepage-tile.jpg
d2px9eregp3des.cloudfront.net/v2/cms/188/cities/ 60 KB
60 KB 219ms
218ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/188/cities/grand-welcome-corona-del-mar-vacation-rentals-homepage-tile.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6445a6b9c9ae5e144ac68384ea5ca6c2dbf1c579070dcfa6c38c0207405a4aae

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
Last-Modified: Tue, 30 Apr 2019 15:06:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "f15d8e51ca18f051309bff430c35d47c"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61302
X-Amz-Cf-Id: OZWRcJhODvjJ4L3HmyXW1hhgCYk2I7UmCRHyoK5ikCx-X8dbArEWng==

GET
H/1.1 200
OK santa_barbara_city.jpg
d2px9eregp3des.cloudfront.net/v2/cms/222/cities/ 57 KB
58 KB 225ms
225ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/222/cities/santa_barbara_city.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 432b154f6ec0efaae5a99c0690148a54d24967aef92ffc21676d5a3a718e870e

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:44 GMT
Via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Jan 2019 12:00:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "657a98229d6e9c9ffcf3466a0a856506"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58454
X-Amz-Cf-Id: rgWXxr2gMpJlg1YCCE3zcK_HYmrFjuBm2UNPBBaRn9pcSBnOCP7QpA==

GET
H/1.1 200
OK grand-welcome-valley-county-ID-vacation-rentals-homepage-tile.jpg
d2px9eregp3des.cloudfront.net/v2/cms/186/cities/ 38 KB
38 KB 620ms
620ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/v2/cms/186/cities/grand-welcome-valley-county-ID-vacation-rentals-homepage-tile.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f822f0d44c01e259c1449d0d4382ccd0d19b8341df1d8b819f364773d72f95e

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:45 GMT
Via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Apr 2019 18:50:17 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "a562aa93bf17099eec9775766ba6ee71"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38756
X-Amz-Cf-Id: 64Z2gCyQEfna9UlIIULB8n6O0jBB3UFjAjlm9ZLd4no9gNBJ3stwaw==

GET
H2 200 4fe7aa27-5058-47b3-a39e-a34b7eb52386.jpg
d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/ 816 KB
819 KB 296ms
258ms Image
image/jpeg 2600:9000:2182:600:e:56f2:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/4fe7aa27-5058-47b3-a39e-a34b7eb52386.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:600:e:56f2:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d84a4f5246ce780723f6687ac8d52cb8a69cd1ef26fafa522998f17e676002c5

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified: Tue, 02 Oct 2018 18:17:29 GMT
x-amz-cf-pop: DUS51-C1
etag: "3b0243bdb4a42edde25047a5b5811ea9"
status: 200
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-length: 836080
x-amz-cf-id: arcnXkMZ_gMKEe3CxTCNT88zatVb7QtEeI44BmnKmIp199fHX4KM2A==

GET
H2 200 345e582d-f355-40df-86c0-8461e3bd2426.jpeg
d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/ 149 KB
149 KB 67ms
29ms Image
image/jpeg 2600:9000:2182:600:e:56f2:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/345e582d-f355-40df-86c0-8461e3bd2426.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:600:e:56f2:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a10a1dbeaec41fcd4f4549bdc39aa7519b94eb407a757170a3c7ec588a06f079

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 09:19:29 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified: Tue, 02 Oct 2018 21:41:08 GMT
age: 15447373
etag: "f8f4fe4eabff57a2870fe638d1933312"
status: 200
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
x-amz-cf-pop: DUS51-C1
content-length: 152384
x-amz-cf-id: yiPHXj7m_-I4ppf3zda6XKjeI7pb9chNNxiTtWbBQ1ps0oX8vXrojA==

GET
H2 200 76ecb647-bd4c-476f-a59d-435c585ae1bf.jpg
d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/ 831 KB
834 KB 296ms
259ms Image
image/jpeg 2600:9000:2182:600:e:56f2:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/76ecb647-bd4c-476f-a59d-435c585ae1bf.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:600:e:56f2:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 85f08b31bb77ed3985916f9a92b1de9a98ae0f0b6797f7c888e007c92bea6cd1

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jun 2019 14:58:58 GMT
x-amz-cf-pop: DUS51-C1
etag: "5490f4ce859edade2c7fd258b79f1a18"
status: 200
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-length: 851099
x-amz-cf-id: CIH8ch4mEiDgPONZKirAr4PToWsc8xn_ebutsrNQeW1cJZ2t89ZM3w==

GET
H2 200 4c50dbd1-c0fa-4255-aea2-6067dbd89eef.jpg
d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/ 854 KB
858 KB 302ms
265ms Image
image/jpeg 2600:9000:2182:600:e:56f2:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/4c50dbd1-c0fa-4255-aea2-6067dbd89eef.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:600:e:56f2:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e60307c4776a5ca4a683ae575f3acc9ff05d6752f65d4f6b0989c5b0761520fc

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jun 2019 16:57:55 GMT
x-amz-cf-pop: DUS51-C1
etag: "234e2438b6e93274bd6e97bb967d0ad8"
status: 200
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-length: 874413
x-amz-cf-id: 3WGSMsTMO5Z6lmrxY5Gqem4ESXHVT2F8veDOQJtkiN1ZsPG9blX9Gg==

GET
H2 200 591bf978-ca1d-4655-8c84-2c00726b05f0.jpg
d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/ 268 KB
270 KB 334ms
297ms Image
image/jpeg 2600:9000:2182:600:e:56f2:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/591bf978-ca1d-4655-8c84-2c00726b05f0.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:600:e:56f2:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0e8a8b06071f4c3d10cd0a82d30625e074384d28695bb56b2416aea7ed5c84f

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified: Thu, 25 Oct 2018 18:40:55 GMT
x-amz-cf-pop: DUS51-C1
etag: "9ef5f115cf12e2efa7241aad06a43860"
status: 200
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
content-length: 274873
x-amz-cf-id: oPrT8S536eE5TX9ZoUH4BdgKnqx_ff2DDN9xIjO7x6lyugDZP2s8TA==

GET
H2 200 07067e6d-cd2d-4762-bfdc-c2daaebb2a1c.jpeg
d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/ 129 KB
130 KB 47ms
22ms Image
image/jpeg 2600:9000:2182:600:e:56f2:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2epyxaxvaz7xr.cloudfront.net/https://track-pm.s3.amazonaws.com/gw/unit-images/07067e6d-cd2d-4762-bfdc-c2daaebb2a1c.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:600:e:56f2:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 527ad89af431228990beb2681487dd7c9725ad632ac964e437e2ef39fe378eab

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 22:16:13 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
last-modified: Tue, 02 Oct 2018 22:47:02 GMT
age: 10043969
etag: "facdc9fdfefb67cd50bbdbba32358aa4"
status: 200
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
x-amz-cf-pop: DUS51-C1
content-length: 132175
x-amz-cf-id: 6gy1rgTn_SmWXY4jwH-9xH9WRyJ7N3iOGgVkZcFvfbel9-6a3G3gfg==

GET
H/1.1 200
OK homepage-concierge-desk-specials-and-promotions-grand-welcome.jpg
d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/ 39 KB
40 KB 678ms
677ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/homepage-concierge-desk-specials-and-promotions-grand-welcome.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 619fd4c3981cfabf2af9c06933233848ed02b4d487f3ebf6a54b501c7d2b6168

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:45 GMT
Via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Aug 2018 10:02:51 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "1df81fa90cac44b708d7dbeb235ba00b"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40143
X-Amz-Cf-Id: 5UdRwLILGEvr0m3LhXaulBR4hwJWO8RtYGjbijPZ3xQMl4_cHerZlQ==

GET
H/1.1 200
OK homepage-concierge-desk-things-to-do-grand-welcome.jpg
d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/ 44 KB
45 KB 654ms
654ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/homepage-concierge-desk-things-to-do-grand-welcome.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ebc3cee369b6232bd1d8aa888081b83738eeba9a792da012a469c74cb2515be

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:45 GMT
Via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Aug 2018 10:02:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "151b155a2a704bab11a20b1436ff7d35"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45440
X-Amz-Cf-Id: 8TaZ9gSCQMT5t_20VMGoXEbl_o2I9zyBP8qE00hGM-HrwrJYs-qDLw==

GET
H/1.1 200
OK homepage-concierge-desk-areas-grand-welcome.jpg
d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/ 72 KB
72 KB 212ms
212ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/homepage-concierge-desk-areas-grand-welcome.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2f52c6373266fe1260be47cedc7bd21130b296c70fda9da8ed5289ef220c92d

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:45 GMT
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Aug 2018 10:02:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "cf818fa15cb6f50c69ca6ba18b1f82ed"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73232
X-Amz-Cf-Id: por_aIefwx9caVwHHJRlMWPnzKs8AjNMG2ofsau5Sl0vXiN1qhue7g==

GET
H/1.1 200
OK homepage-concierge-desk-food-and-drink-grand-welcome.jpg
d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/ 38 KB
38 KB 653ms
653ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/homepage-concierge-desk-food-and-drink-grand-welcome.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c524f507feb061b04ea895c1e072c2234f8d344899e9c23c8fa7cd49518e9a11

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:45 GMT
Via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Aug 2018 10:02:51 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "442e6b1361c5141c5e2a441f00fe82a3"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38942
X-Amz-Cf-Id: I5JE-Y6xMmUu8RD7zcX29_bP6Yw7aR4StDKFsXJfydRJggcv2mJW4g==

GET
H/1.1 200
OK homepage-concierge-desk-when-to-visit-grand-welcome.jpg
d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/ 46 KB
47 KB 630ms
630ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/homepage-concierge-desk-when-to-visit-grand-welcome.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1223ca955f0de13771c465802b9d16481e8a649610b940f8d9704b016cf09b62

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:45 GMT
Via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Aug 2018 10:02:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "8c4898e3cfc079f73bba82a79d16a4f3"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47301
X-Amz-Cf-Id: vCWTqXd2oaTS21ZWU1rYdl9kZWcI4sxaCu5N2Gvyh3j0E8e_7WHCRw==

GET
H/1.1 200
OK homepage-concierge-desk-about-grand-welcome-vacation-rentals.jpg
d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/ 41 KB
41 KB 635ms
635ms Image
image/jpeg 13.226.156.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2px9eregp3des.cloudfront.net/cache/tag/03/02/2018/homepage-concierge-desk-about-grand-welcome-vacation-rentals.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8dae167aac4f194fe397934f3a7ab62bf72c2a5b6574cbc0f92d481bce54375b

Request headers

Referer: https://www.grandwelcome.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 04:15:45 GMT
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Aug 2018 10:02:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "b36ce8c1ed8e511055b701e6129bd730"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41522
X-Amz-Cf-Id: FLxjyL452dSgvZrNFyeb-ONpfrUF3u8LTPFDvrmcYVpOiiTxW3rLRw==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ 331 KB
131 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=reCaptchaOnloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 16:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Aug 2020 04:05:32 GMT
server: sffe
age: 127536
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133738
x-xss-protection: 0
expires: Tue, 10 Aug 2021 16:50:06 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame C183 0
0 27ms
26ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&co=aHR0cHM6Ly93d3cuZ3JhbmR3ZWxjb21lLmNvbTo0NDM.&hl=en&type=image&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=light&size=normal&badge=bottomright&cb=6kvetzwy8zgm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MBcR9NA373/LknoCTRWJiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&co=aHR0cHM6Ly93d3cuZ3JhbmR3ZWxjb21lLmNvbTo0NDM.&hl=en&type=image&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=light&size=normal&badge=bottomright&cb=6kvetzwy8zgm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Aug 2020 04:15:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-MBcR9NA373/LknoCTRWJiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10728
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 02BB 0
0 32ms
31ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tMhvWSVx1w+uCM9aPlT2hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&co=aHR0cHM6Ly93d3cuZ3JhbmR3ZWxjb21lLmNvbTo0NDM.&hl=en&type=image&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=light&size=normal&badge=bottomright&cb=e45q5l3dy05n
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Aug 2020 04:15:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-tMhvWSVx1w+uCM9aPlT2hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10445
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 49B4 0
0 25ms
24ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&cb=bkdbw3ktivu1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bRi5w0jGwmr33xNFa7KhGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&cb=bkdbw3ktivu1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Aug 2020 04:15:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-bRi5w0jGwmr33xNFa7KhGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1176
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame C657 0
0 19ms
18ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&cb=yxubcw2xt4is

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+T+b6KpRjGFF2N87ZSohog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld0znYUAAAAAI7-8icTL5Ss5-gmTQ7pBy0ORzMv&cb=yxubcw2xt4is
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Aug 2020 04:15:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-+T+b6KpRjGFF2N87ZSohog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1177
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=493728741043254&ev=Microdata&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium%3Demail%26_hsmi%3D92424217%26_hsenc%3Dp2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ%26utm_content%3D92424217%26utm_source%3Dhs_automation&rl=&if=false&ts=1597205742875&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Best%20Vacation%20Rentals%20at%20Grand%20Welcome%22%2C%22meta%3Adescription%22%3A%22Grand%20Welcome%20are%20the%20vacation%20rental%20providers%20offering%20the%20best%20homes%5Cnfor%20blissful%20stays%2C%20located%20at%20some%20of%20the%20world%E2%80%99s%20most%20famous%20destinations.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1597205741355.1253875797&it=1597205741190&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 04:15:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=315195449083697&ev=Microdata&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium%3Demail%26_hsmi%3D92424217%26_hsenc%3Dp2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ%26utm_content%3D92424217%26utm_source%3Dhs_automation&rl=&if=false&ts=1597205743114&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Best%20Vacation%20Rentals%20at%20Grand%20Welcome%22%2C%22meta%3Adescription%22%3A%22Grand%20Welcome%20are%20the%20vacation%20rental%20providers%20offering%20the%20best%20homes%5Cnfor%20blissful%20stays%2C%20located%20at%20some%20of%20the%20world%E2%80%99s%20most%20famous%20destinations.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1597205741355.1253875797&it=1597205741190&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 04:15:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2193046461012211&ev=Microdata&dl=https%3A%2F%2Fwww.grandwelcome.com%2F%3Futm_campaign%3DGW%2520Weekly%2520Email%2520Drip%2520Campaign%26utm_medium%3Demail%26_hsmi%3D92424217%26_hsenc%3Dp2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ%26utm_content%3D92424217%26utm_source%3Dhs_automation&rl=&if=false&ts=1597205743118&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Best%20Vacation%20Rentals%20at%20Grand%20Welcome%22%2C%22meta%3Adescription%22%3A%22Grand%20Welcome%20are%20the%20vacation%20rental%20providers%20offering%20the%20best%20homes%5Cnfor%20blissful%20stays%2C%20located%20at%20some%20of%20the%20world%E2%80%99s%20most%20famous%20destinations.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1597205741355.1253875797&it=1597205741190&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.grandwelcome.com/?utm_campaign=GW%20Weekly%20Email%20Drip%20Campaign&utm_medium=email&_hsmi=92424217&_hsenc=p2ANqtz--HeHET3TM1CqMIoJWZkQNIUR56_hD_5GBICOmCJzR1EWL-VFUvZqg5oYZhxbsRiMJ9mVC5VQ-Q-zBjcP2_RmkBURgRAQ&utm_content=92424217&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 04:15:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 04:15:43 GMT

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.grandwelcome.com/	1970-01-23 11:38:39	Name: _omappvp Value: 2AE3XcjkAYzxmkaSvOxd5YqIFCNz4xwL7v6QPHhCGFGk1qxeWbJPqC8AXfGHnJ4hRPE132tai9MxiJcCqtR1tL20s8Ip6W5W
www.grandwelcome.com/	1970-01-19 11:40:06	Name: _omappvs Value: 1597205741864
.grandwelcome.com/	1970-01-19 11:40:05	Name: _gat_UA-118744554-1 Value: 1
.grandwelcome.com/	1970-01-19 13:49:41	Name: _fbp Value: fb.1.1597205741355.1253875797
.grandwelcome.com/	1970-01-19 11:41:32	Name: _gid Value: GA1.2.582045589.1597205741
.grandwelcome.com/	1970-01-20 05:11:17	Name: _ga Value: GA1.2.128409361.1597205741
www.grandwelcome.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: b044d39c-d12a-4899-9daa-d26a7e15b2fe
www.grandwelcome.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 07FD1B6799406F4386247FFD958893A3

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.grandwelcome.com/e2t/tc/MVrfcCWcpVLW66CGt-33qZd9W2v98dD4dvB9jN15bQXc3p8cVV1-WJV7CgQJRW6srDb16s-m9_W1DCZPN4vNzrjW34m7fS7mL7cVMM6MSWVYyK4W8bR6tX2T09B4Vrxr_Q5BVXLfW3yT7D37Jr-rCVs_cG62SllKXW3tx8JJ8h61zXW6hH29Q2jCvRwW5kl3RN45syS1W6Kk_gs2pmnL4W8Hmp9s520LRCW7bdLZz5Mg0tnW9l7rXq5RpVFMW8LDppX8jBfL_W3SqWPk3rbh88W7Vr3Rf6hQpZwW6GwTXw7G0vMwW98rjkp7_T0fLW4_Zjv096xt4CW7--MY57YVwKBW8FV9wL4CF2QwW6k8_6N25gLKL3mW21(Line 13) Message: toS
console-api	log	URL: https://cdn1.pdmntn.com/a/rkw9rG9L7.js(Line 1) Message: PopupDomination: check your account!
console-api	log	URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js(Line 67) Message: reCAPTCHA couldn't find user-provided function: onloadCallback
console-api	debug	URL: https://www.grandwelcome.com/gw2home/main.bundle-145d11078c9bb3668e377965737da5ca.js(Line 1) Message: event emitter is::::[object Object]
console-api	debug	URL: https://www.grandwelcome.com/gw2home/main.bundle-145d11078c9bb3668e377965737da5ca.js(Line 1) Message: checkin is::::

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.optmnstr.com
api.cartstack.com
api.omappapi.com
cdn.mouseflow.com
cdn.trackhs.com
cdn1.pdmntn.com
cdnjs.cloudflare.com
chat.trackhs.com
code.jquery.com
connect.facebook.net
d2epyxaxvaz7xr.cloudfront.net
d2px9eregp3des.cloudfront.net
downloads.mailchimp.com
fonts.googleapis.com
gw.trackhs.com
info.grandwelcome.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
maxcdn.bootstrapcdn.com
mc.us18.list-manage.com
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.grandwelcome.com
www.gstatic.com
104.108.41.144
13.226.155.18
13.226.155.50
13.226.155.53
13.226.156.19
136.243.150.2
2001:4de0:ac19::1:b:2a
23.111.9.217
23.111.9.38
2600:9000:2182:600:e:56f2:3bc0:93a1
2606:4700::6810:84e5
2606:4700::6811:43b0
2606:4700::6811:70b0
2606:4700::6811:73b4
2606:4700::6811:d6cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2a00:1450:4001:800::2004
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.203.243.106
52.35.25.143
52.42.91.111
0088a48d02c4b7b030481627b922901d2ee9232895d8f3bc02b9453b3e190dd9
09b7b1c811eca92dccd3a8f70ec5a740b3c3d1e3e0fe1cd41e2b67e0cf5de1bc
0b76e2d242097b5a0faaae61139dff9441511d1e6789b4c7601140a84e354b1c
0fee9a3715daf501f1d92cb769adc6cf2848a357064976ef0bc1ccb41790c1e6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1223ca955f0de13771c465802b9d16481e8a649610b940f8d9704b016cf09b62
1aae1da6e005b71bb0244787ba29bd3746f13fd15689d4e70a29ba0ad37a94f0
288ee3a19514d8dd3d85fc9387e853c3f942ce28307dab68f4b50ecbb812b231
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
329bb6dd3cfd44f01359ef128c03cbb0d6a34fe00cbaef914d1696968ce8468c
363afd548194a1b4c64a6080a957a20294724573dfd991d08aebc4df7aee8d86
38067ff22c71d5e83040564eb6d37cb83032cf3bb7efcd5b11a0b165f636322c
3c9692e98b34f05bb46a12106de36c7dd203d763b0db4f631f027a8e66fc497a
3f822f0d44c01e259c1449d0d4382ccd0d19b8341df1d8b819f364773d72f95e
41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254
42459e8cdcada21b5b755e158de4807097bbd21680d7538dafc9f9e9cbfe3d98
42ca08d870a7f6ad56a6fced0ebac216aea3bd969bbae32f3c2801b9393c7c0b
432b154f6ec0efaae5a99c0690148a54d24967aef92ffc21676d5a3a718e870e
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4df58a11cdde1470fa5be22bbf2062d07d41bf5f2fde6e34e07dcb9094bebbd5
527ad89af431228990beb2681487dd7c9725ad632ac964e437e2ef39fe378eab
5ebc3cee369b6232bd1d8aa888081b83738eeba9a792da012a469c74cb2515be
619fd4c3981cfabf2af9c06933233848ed02b4d487f3ebf6a54b501c7d2b6168
6445a6b9c9ae5e144ac68384ea5ca6c2dbf1c579070dcfa6c38c0207405a4aae
6788a18acad70887d5c9311d7da3fb917255af2eefbc4dceb8226ad960f716ce
6d02592dbd5dad2ee3c3b523e5b204faf59f4b35098427881363c1ee62190f3b
6e00cfc051172020f1f55fc5bfaa0d731bf5d18a08d88d3ac9813fd5a63c9852
6ed1a215eecd0157174987e302a5f4e1f6a5d1cd7f384608c4e6e8f5cd535ff1
7713532b0c7b81c429e48992abab91d90eb7526237d6a27d8e97fcc7606cd27a
7d5ac199fa1375059f6c5a5046862c9fd0dadf29eda76a2a59408c7f81165203
85f08b31bb77ed3985916f9a92b1de9a98ae0f0b6797f7c888e007c92bea6cd1
879b198aac5a67a049a3cc5610849b9029dfd16daea7932e84dda61a2eca91aa
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a20cb36b3b06b5fe5e7bcec3d711745208fcd49acd9d318f3348811c1537672
8b18b6aedb8444f1478964168c6a566ec5d9d3912ab6abbf0c2d5b1e8ae462db
8cc0bb073867a71521f6892f407552eb9266b66535b3b875857e0a819bcca5d2
8cfec233be5bdb43f6fe0917a3d45a16a5161c4cc73ab878d84bb89de3490cfa
8dae167aac4f194fe397934f3a7ab62bf72c2a5b6574cbc0f92d481bce54375b
95ba96606adaf1ceea107ecafde29a7db3aa13afca0dfb59f1daa46e554350c7
9b0f3faa39ced02e8bd0d212d8774342a58fb9fa35487cc9589ebb89a35033bc
a0e8a8b06071f4c3d10cd0a82d30625e074384d28695bb56b2416aea7ed5c84f
a10a1dbeaec41fcd4f4549bdc39aa7519b94eb407a757170a3c7ec588a06f079
a2f52c6373266fe1260be47cedc7bd21130b296c70fda9da8ed5289ef220c92d
a3129a3a4d6ecdc707a5b05d71e68654a7a1319580075d70dfe570ab2a060814
a8cbed0e521b2bc74ae1e6307ab4de2c785f32f55c56d3b4187dec8c73fcab7b
ac4f1b19d22f000331d67b5b2eba3bfaf6d741a3a2855a2f33ec1f6403047e3b
b3529abdc41aed5a4d2efce350671261813fc95014856b4a651ba3f422aa0fd5
b3c53bd25028bc21dbf5ee69c8dc671c96ed980ea86f57609983e4106e626363
b9768be3b15dc537359c5f7ad90c3f1d0335959a5a3d0498e4887748aafdf57f
b9cfbc733af5a81187a495eb799b991be56558e50f604d28f018b1370d559950
bb84784890d0dfbd6f09c0db2bf11725e4c7052e41f7c50940ac887f84747b83
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
c2e675ea6e55f0c83c4dd6f31a8e7d861d66b7e48a182dc7c7876696a85adf93
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c524f507feb061b04ea895c1e072c2234f8d344899e9c23c8fa7cd49518e9a11
ce9a1bafa880221a0e9a5a6b80b006bb1e807b94010a3dc6942720c68ee1d5e4
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
d4772efbbfa3026c193acecb54d20dc78b83cd6c4b82c5a12c88163f237785c7
d633c81ed4563ad3e1066285b963ff908d9856f35ddc3fb9d1e30a8c0e2ed75f
d6c239207ce3235f2f7fa01150985e5176a7b0eaf8156e8a4565103dc19eeed4
d84a4f5246ce780723f6687ac8d52cb8a69cd1ef26fafa522998f17e676002c5
d8c3fbef87d09c09c57ca16e8f7bd8b62d531ccf2aebd4056b73b6395869bca0
db8a38d1945ecf7c480760973c260314b80fa941dbe018a7b16c2042f39a938f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3d197dfe12cd24c520e280243a52873e003333dd036e0df7cdf2e6c6fd022cc
e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e
e459e6275457481ffdf4e3939400083841ac37e2861aa296407a142f53f3d56b
e4c94d8851a2c0fb28238a3e7c359ad73006d8fdbc87f3fedb754035eec98c8f
e60307c4776a5ca4a683ae575f3acc9ff05d6752f65d4f6b0989c5b0761520fc
e70df9b8c9b27492ae6d3cd41619c32201c4fab94cd7737d49dc62594349669a
e8cf4af2a09745a94efa6106a8cac9ef62879b964a92f24e46747338abb70973
e999fc54a1ff97d24edd8eb98267bc62bd8a41a9307ca90a923b259f9706b313
edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcab5fd75f1111664334459dce8158d95f77e58b6c3e7de0d6a577b32928cdd1
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd72c8b115f9162c592d810b7ee6880185c2404608b868e17ba804da850b1969
fdc8925648b957baf9f68b4647a851f8ba9f5dc4b1b0b87a9db3c8d29f2de8d2
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.grandwelcome.com Open in urlscan Pro 52.35.25.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

100 %HTTPS

62 %IPv6

27 Domains

31 Subdomains

29 IPs

5 Countries

6220 kBTransfer

10208 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.grandwelcome.com Open in urlscan Pro
52.35.25.143 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

100 %
HTTPS

62 %
IPv6

27
Domains

31
Subdomains

29
IPs

5
Countries

6220 kB
Transfer

10208 kB
Size

8
Cookies

97 HTTP transactions
1 data transactions