firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 10:12:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c7ZG-KWvPywYC0foihI8yDYnkCzg7D1K1x-i95p74at2E9vYapmNzg==
Age: 745
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3064
Expires: Sun, 18 Sep 2022 11:15:33 GMT
Date: Sun, 18 Sep 2022 10:24:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ze15w4e6bp5SI9bTPKZO_yNMHziU1eZVGXj_26Rm7gfWyk44YLfJqA==
age: 24826
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
68.183.105.71200 OK 26 kB URL HTTP/2 www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 68057310f99bd29801b579e5bd43b3ea
d7dd4da6b68565d472f9ad297b4ceabc2dcb4b1f
a1fa94a54f740f2fac29b815c70c9bfcb8a2983cd083605de27425cc1f49a0fa
Analyzer Verdict Alert openphish IRS
fortinet Phishing
GET /w-9-form-10-most-important-things-you-must-know/ HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:29 GMT
content-type: text/html; charset=UTF-8
content-length: 26136
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Sun, 18 Sep 2022 03:13:39 GMT
cache-control: max-age=0
expires: Sun, 18 Sep 2022 07:19:40 GMT
content-encoding: gzip
age: 11089
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dc60b1c85247fd6f5fb95d30178d0473
9137e8b592039c0fcf2a19710d49b25b7860981f
9fa1e0e3af4720eeab26a7a5aa292246c1723d463610cf896283667459c28171
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5904
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Last-Modified: Sun, 18 Sep 2022 08:46:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.irstaxapp.com/wp-content/plugins/anspress-question-answer/templates/css/overrides.css?v=4.3.0&ver=4.3.0
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/anspress-question-answer/templates/css/overrides.css?v=4.3.0&ver=4.3.0
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/anspress-question-answer/templates/css/overrides.css?v=4.3.0&ver=4.3.0 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
content-length: 0
last-modified: Mon, 21 Mar 2022 15:35:09 GMT
etag: "62389b2d-0"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-158260886-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-158260886-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 10b524ca9c73e9a9305199ab69436be3
6b3290ff6b5c24ad40905a80a330c640f64d6f8f
38433061912926bf93c395626e8af6eb627cfa9f47cfae2c1ef415ae62f5a3e7
GET /gtag/js?id=UA-158260886-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 10:24:30 GMT
expires: Sun, 18 Sep 2022 10:24:30 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 10:00:54 GMT
Expires: Sun, 18 Sep 2022 10:57:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o3k0_LzjtufYfMMPUAeA_51GWkTo9uITH5dogFu_t5jdNecoFC66jQ==
Age: 1416
www.irstaxapp.com/wp-content/plugins/GSheetPressTable-1/js/tableHTMLExport.js
68.183.105.71200 OK 2.5 kB URL HTTP/2 www.irstaxapp.com/wp-content/plugins/GSheetPressTable-1/js/tableHTMLExport.js
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash 1b550e605bf7da2736d36c10dd534ad1
ab6eea2de692afebe3b0562890d98f2979f5c8b1
bc0bf5f49545ff32c622c2f5e5ca7276c3e490c1324ffe5f8e46b027a2a14494
GET /wp-content/plugins/GSheetPressTable-1/js/tableHTMLExport.js HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Tue, 23 Nov 2021 17:32:30 GMT
vary: Accept-Encoding
etag: W/"619d25ae-1cac"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5403
Cache-Control: max-age=169939
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Etag: "6326d196-1d7"
Expires: Tue, 20 Sep 2022 09:36:49 GMT
Last-Modified: Sun, 18 Sep 2022 08:06:46 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.irstaxapp.com/wp-content/plugins/GSheetPressTable-1/js/jspdf.plugin.autotable.min.js
68.183.105.71200 OK 9.8 kB URL HTTP/2 www.irstaxapp.com/wp-content/plugins/GSheetPressTable-1/js/jspdf.plugin.autotable.min.js
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash 73524846332a69cf0a14a2de9b653aa6
afa24e9ee56c3c2502700bd06ccd64a0b7367ff2
fc7572b4d09bfb93b9468269cc3f39c0272ca9281892d76dce570283daef77f5
GET /wp-content/plugins/GSheetPressTable-1/js/jspdf.plugin.autotable.min.js HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Tue, 23 Nov 2021 17:32:30 GMT
vary: Accept-Encoding
etag: W/"619d25ae-7285"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/themes/ad-mania/style.css?ver=5.9.4
68.183.105.71200 OK 99 kB URL HTTP/2 www.irstaxapp.com/wp-content/themes/ad-mania/style.css?ver=5.9.4
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash e6e6d88ed4cd169d0a0191856a24837b
259a1768fe63fe30f519c2531fd8810418566147
e56948490dd91d8c3c586d8636f3c4d51d3dfc00aa05c2a19c8cacd90ee9bfe7
GET /wp-content/themes/ad-mania/style.css?ver=5.9.4 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
last-modified: Sun, 17 Oct 2021 07:49:16 GMT
vary: Accept-Encoding
etag: W/"616bd57c-44e10"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.18
68.183.105.71200 OK 25 kB URL HTTP/2 www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.18
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash f442fdd8143b9679807e4d15b8f87f97
bba0392a778d28d2b656c3a2b654716aaffc2203
b5f6ff5819db61be4684a2accf743527cae9fdda3da54b4103d9fddb148afbd7
GET /wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.18 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
last-modified: Thu, 07 Apr 2022 02:01:07 GMT
vary: Accept-Encoding
etag: W/"624e45e3-13ef"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.18-1649296867
68.183.105.71200 OK 67 kB URL HTTP/2 www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.18-1649296867
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash 6778cd5cd71a8db575482be9b699755e
fd78a8c1cc53be75ade5bb1cd1c2c096a449fcca
498b7977762b45766f3ac50ef2ced2fab80173eaa894f371fbb629d639975b1e
GET /wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.18-1649296867 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 02:01:07 GMT
vary: Accept-Encoding
etag: W/"624e45e3-14d0"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/GSheetPressTable-1/js/jspdf.min.js
68.183.105.71200 OK 93 kB URL HTTP/2 www.irstaxapp.com/wp-content/plugins/GSheetPressTable-1/js/jspdf.min.js
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash 4e99676d4a973d51e964776a5d83b38b
9851845621089e0db497c4523b6bee4939af6c06
cb3bd6cb988f3bf49fdc19f884fa31a516105698672cd20c8276a577d62ebc4f
GET /wp-content/plugins/GSheetPressTable-1/js/jspdf.min.js HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Tue, 23 Nov 2021 17:32:30 GMT
vary: Accept-Encoding
etag: W/"619d25ae-4b187"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.18
68.183.105.71200 OK 3.0 kB URL HTTP/2 www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.18
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash 057cb94c1a857f6e2df397452a014bcc
22a1c2261e88e31d4b269b3a1f0d594623c90ce1
7824077d5909ed919b6dcac8c1e17103664bc735e75c41333dd4ccb389b491d5
GET /wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.18 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
last-modified: Thu, 07 Apr 2022 02:01:07 GMT
vary: Accept-Encoding
etag: W/"624e45e3-1b6"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/uploads/2022/08/US-Tax-Calculators-Android-App.png
68.183.105.71200 OK 80 kB URL HTTP/2 www.irstaxapp.com/wp-content/uploads/2022/08/US-Tax-Calculators-Android-App.png
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 330 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash f832abd243fa806c8fa55ffe7d788923
92b9dd166c5681d24ab18239680b7213564bfba2
35eb48574947927b3ada52cb1e65d3f2c485012b1c83272ea01905b140e88d84
GET /wp-content/uploads/2022/08/US-Tax-Calculators-Android-App.png HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: image/png
content-length: 80320
last-modified: Wed, 17 Aug 2022 16:14:12 GMT
etag: "62fd13d4-139c0"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/uploads/2021/10/cropped-irstaxapp-logo150x150.png
68.183.105.71200 OK 1.2 kB URL HTTP/2 www.irstaxapp.com/wp-content/uploads/2021/10/cropped-irstaxapp-logo150x150.png
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 120 x 120, 4-bit colormap, non-interlaced\012- data
Hash ac4f45168032d76cf078751eda8b645e
05630fa78a3c8ec548dc1fdb427fcec91da2a1d3
981dda47abda3bb4dc1a6a6fe2065643d90f7bf791545a662d90c493cbfdc5a2
GET /wp-content/uploads/2021/10/cropped-irstaxapp-logo150x150.png HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: image/png
content-length: 1248
last-modified: Sun, 17 Oct 2021 11:19:37 GMT
etag: "616c06c9-4e0"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/uploads/2020/03/W9-form.jpg
68.183.105.71200 OK 22 kB URL HTTP/2 www.irstaxapp.com/wp-content/uploads/2020/03/W9-form.jpg
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x400, components 3\012- data
Hash 8d037c7016269e13eec8a18806c90d33
94c0f578fa898f480a1dc70fea9da0c52ebc44f6
b31b4ad7d4fd4af56966ecb6ec530bf13aa888ca9a5aeaad4b5df17ae12ae0ec
GET /wp-content/uploads/2020/03/W9-form.jpg HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: image/jpeg
content-length: 21728
last-modified: Thu, 10 Sep 2020 08:22:48 GMT
etag: "5f59e258-54e0"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash da34e7dbb83f8ad463433a0448ffa6c3
dd822bad8f78a7072af79140293d1d622b6bb10c
e32749aefa9671ac13c2ebf45eaabb0fbabf363b07478edd0c2ffe13d2f91133
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2689
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Last-Modified: Sun, 18 Sep 2022 09:39:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
www.irstaxapp.com/wp-content/uploads/2017/12/cropped-irstaxapp-logo1024x1024-2-192x192.jpg
68.183.105.71200 OK 3.4 kB URL HTTP/2 www.irstaxapp.com/wp-content/uploads/2017/12/cropped-irstaxapp-logo1024x1024-2-192x192.jpg
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 192x192, components 3\012- data
Hash 6e753eaf7ddabe619fc948376ccf2ffe
aa33f4cf98f63811be970cafca81c4f5e524819a
b0fe9bfc7de7b9fe68f19e799a447f2199881d355e1c05cfbf2f7b41d9846c60
GET /wp-content/uploads/2017/12/cropped-irstaxapp-logo1024x1024-2-192x192.jpg HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: image/jpeg
content-length: 3426
last-modified: Sun, 28 Mar 2021 04:37:38 GMT
etag: "60600812-d62"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/uploads/2017/12/cropped-irstaxapp-logo1024x1024-2-32x32.jpg
68.183.105.71200 OK 604 B URL HTTP/2 www.irstaxapp.com/wp-content/uploads/2017/12/cropped-irstaxapp-logo1024x1024-2-32x32.jpg
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3\012- data
Hash 420d94647446444c8c3c0a3e543c4d7d
d7a57230f4da743a6da6c75c3227042d153ab7fa
2cd57a8b2276d574e71040301bdc99a63afa28a512d4d7deb6cfe156f77595d7
GET /wp-content/uploads/2017/12/cropped-irstaxapp-logo1024x1024-2-32x32.jpg HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: image/jpeg
content-length: 604
last-modified: Sat, 14 Mar 2020 03:58:43 GMT
etag: "5e6c5673-25c"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 18c25e63ab1809910ac5460e2e56371d
6e65a23d39852be45b4a9fda8bb437a65379e5e9
43853d3db238d1fd86728b9b5e1885e979245419a02addbd5f719c035a15eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Last-Modified: Sun, 18 Sep 2022 09:16:23 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.160.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.160.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZATC7+Amp61uFPoFQl3b/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pxe0DjDFkePfqy46j/GqZ3+gTzg=
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 18 Sep 2022 08:41:12 GMT
expires: Sun, 18 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 6198
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1676347d939ffb3f9fbc756634868886
19f1e3aa1b38d90b4339306e2ed8363495bd3cc2
a5590094ba5f8bb5b0ea041f8836ee06c653085b4df6ecd27fac8bebfb030318
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5971
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Last-Modified: Sun, 18 Sep 2022 08:45:00 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.woff2
68.183.105.71200 OK 580 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.woff2
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 580, version 1.0\012- data
Hash bf19358eb75829d0b676e009b3e6797a
431915fae39812f4d9dffe3a2174e3eec0541193
9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7
GET /wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.woff2 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.18
Cookie: _ga_74VCQN4MS0=GS1.1.1663496652.1.0.1663496652.0.0.0; _ga=GA1.1.810779568.1663496652
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/font-woff2
content-length: 580
last-modified: Thu, 07 Apr 2022 02:01:07 GMT
etag: "624e45e3-244"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
104.18.10.207200 OK 17 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (65316)
Hash 00b372486418095cf3459ed51035fb66
51ddcc40653a27f55709b0022d8dc850f973592b
2b8eaeda036d60001352519261204766f1241800da01e670e6a89197dc557164
GET /bootstrap/3.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
cdn-cachedat: 11/04/2021 22:40:16
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.0
cdn-requestid: a0669b23f8a3a4d2d54e12d18ef5c3e0
cdn-cache: HIT
cf-cache-status: HIT
age: 15714581
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74c95f503d13b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash da34e7dbb83f8ad463433a0448ffa6c3
dd822bad8f78a7072af79140293d1d622b6bb10c
e32749aefa9671ac13c2ebf45eaabb0fbabf363b07478edd0c2ffe13d2f91133
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2689
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Last-Modified: Sun, 18 Sep 2022 09:39:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
connect.facebook.net/en_GB/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_GB/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 59f78b9ed98e8d90759981a85cef3916
faa8f95880e513dd9b6b0689d03323a07f9a2f24
4d54284e9a9cb99d93851c804c8bb5970e928f8c6ffbe1bdd0159680e500e8ad
GET /en_GB/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: fb03901eab326621be67d4859dc55de0
etag: "d5e4eaa70d0ed447a14e04d0a278ca18"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 18 Sep 2022 10:32:07 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: WfeLntmOjZB1mYGoXO85Fg==
x-fb-debug: OsboaVAFFk3Yz0mQ9xvN5KmHoK8L7QCZuasEU2HPrf6AAtEO5F6XDwItKCIGWEJ3OJ4qCBFweoMtkCCd2JERIw==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 10:24:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/jquery@1.11.2/dist/jquery.min.js
151.101.85.229200 OK 33 kB URL HTTP/2 cdn.jsdelivr.net/npm/jquery@1.11.2/dist/jquery.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (32047)
Hash 63e182df0883a4702e8db066451bdba0
993f0816fd2c8286c0f59df00e2697d6f7ad25cb
b9c375a13d4fa1e14ba88460ddb93ac9d380e77965cceb203145127f6ea82961
GET /npm/jquery@1.11.2/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.11.2
x-jsd-version-type: version
etag: W/"176de-sz7jtCuYju+dTWJJW25U4j3WQv0"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Sep 2022 10:24:30 GMT
age: 6512326
x-served-by: cache-fra19169-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33348
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (45174)
Hash 5257ffea4262f9277e8fa527c23d599c
20351ec309cbbb1190a418826126125fb869c276
3900bc994c5a907da91615bd2127d2de4e3f561c798a82493175c7e5b1c097e1
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27741
date: Sun, 18 Sep 2022 10:24:30 GMT
expires: Sun, 18 Sep 2022 10:24:30 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1337 / 815 of 1000 / last-modified: 1663366203"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9081160246292708
142.250.74.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9081160246292708
IP 142.250.74.2:0
File type ASCII text, with very long lines (2903)
Hash aab3df4aa32936ad42a5c92f0bdf401f
eeaf202d6a218700e26c22e445e0e86d74ba068b
bd2c5b01302ab4ab20a55ae327332a5c6b45e88f4de18608f5958d33b5badc9a
GET /pagead/js/adsbygoogle.js?client=ca-pub-9081160246292708 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.irstaxapp.com
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sun, 18 Sep 2022 10:24:30 GMT
expires: Sun, 18 Sep 2022 10:24:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13634122849923857417
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1676347d939ffb3f9fbc756634868886
19f1e3aa1b38d90b4339306e2ed8363495bd3cc2
a5590094ba5f8bb5b0ea041f8836ee06c653085b4df6ecd27fac8bebfb030318
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5971
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Last-Modified: Sun, 18 Sep 2022 08:45:00 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 45ea6f1b2c1350e01ac67b167f64ddc6
5eea0d0508c63d354bd965762d4c431dda36e45c
de274ba1e6aa2d33f099740d394cd1ff7dcba47becb620ccf8432b21089119aa
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:24:30 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "578A86293125D22B4A0CE54FD0E3A235082ACB72"
Expires: Sun, 18 Sep 2022 21:00:00 GMT
Last-Modified: Sun, 18 Sep 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2922
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c95f510ce4b521-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_GB/sdk.js?hash=3a1b438d101bee0a7648ea88bb21881e
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/en_GB/sdk.js?hash=3a1b438d101bee0a7648ea88bb21881e
IP 157.240.200.14:0
File type ASCII text, with very long lines (18602)
Hash 5ce5ce42aa8b79dd1e3078a82f760dcc
323352ac18e008b8876c9f5afba980f1a04597bb
97030ab03fad9dea4a460fa17e88c7fdfe14db579f639479cc48c1adcdd71313
GET /en_GB/sdk.js?hash=3a1b438d101bee0a7648ea88bb21881e HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.irstaxapp.com
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d45ab18ce9b8f156be95a594b11b1a63
etag: "2fd03f3964d679f67f8198f5e0590464"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 18 Sep 2023 10:12:07 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: XOXOQqqLed0eMHioL3YNzA==
x-fb-debug: BeGbXB7GvM0hDHKKnzOaH3yXOjmkOWTzG+2FiJZ2xdzM064OMwlGyr9uqTIOwaoAJBo4g62IFCDcCQ5sHu8R5A==
priority: u=3,i
content-length: 88697
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 10:24:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220914/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sun, 18 Sep 2022 09:35:15 GMT
expires: Sun, 02 Oct 2022 09:35:15 GMT
cache-control: public, max-age=1209600
age: 2956
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
104.18.22.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
IP 104.18.22.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:31 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 8940751
accept-ranges: bytes
server: cloudflare
cf-ray: 74c95f521cceb4fa-OSL
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css
104.21.19.164200 OK 40 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css
IP 104.21.19.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b26a7babc87ec20b43c4e1bebec72989
ac1b268f876b2c96a9c67f760cd0b16f7cc85e13
8d40a4a1919f8a602967ce334823a9d60c53261a90b4799f949c2f20b660f856
GET /latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=460092
etag: W/"2cbef8bacb84cdf787933b228259ff66"
last-modified: Thu, 15 Sep 2022 05:32:54 GMT
x-amz-id-2: rOZY7MHa5RCv8if14q8kBBkJg8a6xR63GVnz+WweoQTrpeHjlK4gKn6qQR0QLrrjhUS5YhaEHyY=
x-amz-request-id: 38RWPY9XTXEH3X3Z
x-amz-version-id: 4sVXb7jHJeQHJhWzLHlRoE4pUiOKIjGO
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjFGkWVWZXkUqUuos9mNi%2BtGd701%2B5eI68udpMGg%2Bo%2FShv5qlPr8bcj%2FVgM18XsSTgZtqsawFtu%2FIfQNM6dy3rQ2%2FLMvVVVoI0%2F%2FVqznW7CTuvQBK8%2BTSaSIPTbIsN6WIu4Po5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c95f4ffbfeb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css
104.21.19.164200 OK 51 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css
IP 104.21.19.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d2f658405840b536d2a7a2fa2086551e
fc2fb861b7afac0a2771e1f9c3e5c390b41d413e
30dae77cf4d1e5d75e87518c026ff170b025bd8c9bcba224c2d7019f4b907a22
GET /latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=97779
etag: W/"8569d08b93b65be6f73bca7e48e87a62"
last-modified: Thu, 15 Sep 2022 05:32:53 GMT
x-amz-id-2: jNnO2R7h9I/kewQDUB7yHog0vUeNwdTTBT3BhBHC3L5LES+0FneRJq7vrobZH2hUjm0OvZq4p0o=
x-amz-request-id: 4GXPTCYC0CCJ3AM1
x-amz-version-id: bIuVifY2WQeWxEm2OlE_0Fvs8HoPdMjN
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2069
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDc6sKjuBrSPmdNFYJPJDtHYSmj4mhclPb5lnmxuVDI6QdOxo0SYJq%2Bm6tOpN4NjUnEjfTgvTrfyxwPI1PXzY6nGwlyYWXNeYndwTQPQDqdvVOHZ5B5qiJ5fPPS%2BB7G9rIKZymw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c95f500c10b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.42200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:36:43 GMT
expires: Thu, 14 Sep 2023 19:36:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 312468
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-74VCQN4MS0>m=2oe9e0&_p=614085447&gdid=dZTNiMT&cid=810779568.1663496652&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663496652&sct=1&seg=0&dl=https%3A%2F%2Fwww.irstaxapp.com%2Fw-9-form-10-most-important-things-you-must-know%2F&dt=w9%20Form%20%3A10%20Most%20Important%20Things%20You%20Must%20Know&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-74VCQN4MS0>m=2oe9e0&_p=614085447&gdid=dZTNiMT&cid=810779568.1663496652&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663496652&sct=1&seg=0&dl=https%3A%2F%2Fwww.irstaxapp.com%2Fw-9-form-10-most-important-things-you-must-know%2F&dt=w9%20Form%20%3A10%20Most%20Important%20Things%20You%20Must%20Know&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-74VCQN4MS0>m=2oe9e0&_p=614085447&gdid=dZTNiMT&cid=810779568.1663496652&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663496652&sct=1&seg=0&dl=https%3A%2F%2Fwww.irstaxapp.com%2Fw-9-form-10-most-important-things-you-must-know%2F&dt=w9%20Form%20%3A10%20Most%20Important%20Things%20You%20Must%20Know&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.irstaxapp.com
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.irstaxapp.com
date: Sun, 18 Sep 2022 10:24:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 98 kB IP 142.250.74.3:0
Hash cfe7c527509eb88082fc9ef2bd22a830
3b6aba96a1699740733a9a3688331e25b8cb3f14
7daf1c2b0a856d881ad4e25a9d80e017c6bf5f5ee5a80f9cad5ee0193408ec05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.irstaxapp.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.irstaxapp.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.irstaxapp.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 18 Sep 2022 10:24:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.irstaxapp.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.irstaxapp.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.irstaxapp.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 18 Sep 2022 10:24:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bbffed41e8f6975543c877a13721a920
85ab4873350ec87f5fd433af089483e9c2c67267
46ffd2e1a6b3933e631cfff493fba95bec05e1fe9611562c180ebd63b4302d29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.irstaxapp.com&callback=_gfp_s_&client=ca-pub-9081160246292708
172.217.21.162200 OK 202 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.irstaxapp.com&callback=_gfp_s_&client=ca-pub-9081160246292708
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 659c02d0af1a5f67f3a15ff9f53388fb
c3b6baf2c216e000075c67bcb7ca94a4bdd48c5d
5cbb0f5ad238c66c9074c8111037d9832dd75c6552f115ea4bcf36118bb550aa
GET /gampad/cookie.js?domain=www.irstaxapp.com&callback=_gfp_s_&client=ca-pub-9081160246292708 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 18 Sep 2022 10:24:31 GMT
server: cafe
cache-control: private
content-length: 202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 846cbf15e676b7aa9477514a183675a5
a4d9089b67555c61684a7d0b9b58668a34a16c7c
bb8e766ec5696ec9fc878a7db1496cc5fc07ef046ce53092182c0fc98c927ecc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
public.powrcdn.com/latest/assets/packs/apps/popup-848df08e9fd23aae5f5d.js
104.21.19.164200 OK 149 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps/popup-848df08e9fd23aae5f5d.js
IP 104.21.19.164:0
File type ASCII text, with very long lines (3731)
Size 149 kB (148981 bytes)
Hash 606b8aa5d4a29197a91c7bd13f97d21f
db84f85a170d04cc0799fb5ee548d4d391523df6
72b185674dff3148b322b87a58e9c4c37cb845d92913bb9b48020f1bd5977de6
GET /latest/assets/packs/apps/popup-848df08e9fd23aae5f5d.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=851396
etag: W/"f9a34eb708217b82eb07fe3deff5cde9"
last-modified: Fri, 16 Sep 2022 06:23:57 GMT
x-amz-id-2: IzBLuHWaarGN7GtZm5WJra//yjzT+ruwlu4k/bT97g2E2q5m3TkKl56p91/Up0RUsv6umW/uMlc=
x-amz-request-id: ATKBBDHJPGJS7E9G
x-amz-version-id: 2_SVH4dLEODdUFV4QX72J9QXKQG418UW
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUjIh%2BamnhfPoRCV3sY6TU64AGTavNAXvA1QSrv6f%2F90sapAqsmN9JG%2FUF4vZkVy6RXivA5vqaFiynpycr6pE1fLnx5GyccQ8fRlc7fmNqcc2sp9FxcskEZQzy51%2FFWtEYa0bqI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c95f502c56b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bbffed41e8f6975543c877a13721a920
85ab4873350ec87f5fd433af089483e9c2c67267
46ffd2e1a6b3933e631cfff493fba95bec05e1fe9611562c180ebd63b4302d29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d447b5a4b23c8ce88d90c044cd026904
ca48b0b1d92d0718412b33eefe79bd231723821e
b494dd369813797dfa62a353fd26cfb2afd48ccb6006ff352aaf036585a584b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5299
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:31 GMT
Last-Modified: Sun, 18 Sep 2022 08:56:12 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=940&ck=1&ref=https://www.powr.io/popup/u/e17c8054_1660583397&be=489&fe=764&dc=733&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1663496652366,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:9,%22rp%22:26,%22rpe%22:27,%22dl%22:80,%22di%22:650,%22ds%22:711,%22de%22:733,%22dc%22:763,%22l%22:763,%22le%22:766%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=940&ck=1&ref=https://www.powr.io/popup/u/e17c8054_1660583397&be=489&fe=764&dc=733&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1663496652366,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:9,%22rp%22:26,%22rpe%22:27,%22dl%22:80,%22di%22:650,%22ds%22:711,%22de%22:733,%22dc%22:763,%22l%22:763,%22le%22:766%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 516a128bb6000ca8154792678f4333fb
41d0257bea96afd36c6f3e40fcfdc9ca247f8e01
9fa62b52f24b87a40410fe842cb9be494abed114a2eac2eb406c8b4a4d372d10
GET /1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=940&ck=1&ref=https://www.powr.io/popup/u/e17c8054_1660583397&be=489&fe=764&dc=733&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1663496652366,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:9,%22rp%22:26,%22rpe%22:27,%22dl%22:80,%22di%22:650,%22ds%22:711,%22de%22:733,%22dc%22:763,%22l%22:763,%22le%22:766%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:24:31 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74c95f558e42b515-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=1a60b4c20f764354; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3774
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:24:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3774
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:24:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3774
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:24:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3774
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:24:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3774
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:24:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: 9f179e66-3c6f-4e53-94f2-989bf32a6b90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7gyHvboAMFSzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572d1-799e74a63288269b79170d58;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9firpBGLDHkjq_CJX01tbyPPS9OXPsTfzC0dLioWt1Axg7Vw5LQ0xg==
via: 1.1 497370ec058751eb0d9251f66d50af5e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:15:02 GMT
age: 11369
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
68.183.105.71200 OK 74 kB URL HTTP/2 www.irstaxapp.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
Hash 7237261271c08bbb64fdd3847af559df
fbab259d25b577b13001b338f93b06715d7609d7
b77fc062b8de3bde8c64d07984a5202f7ad773ca9cffdd09804207a686eecaa5
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Thu, 29 Jul 2021 10:49:53 GMT
vary: Accept-Encoding
etag: W/"610287d1-15db1"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7334a6bdb209350f41e4640960c9ce2a
0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4c7A4n-fW5-zEG1OjjUo8zWdY80KTpzwJdfKuDT0OjW5NpkZxxWB-A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:35 GMT
age: 45296
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5531644b-8a26-4e13-bc0d-3df548aa5f59.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5531644b-8a26-4e13-bc0d-3df548aa5f59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce3fbaae74c92406582fdcf366dd21d7
b44e3a6a6c6e7dc4b3657a22d94092dcf3147cb9
26c426c5cc8ff86f2fb24239902a0f5092140ceaf767c130b786549c7b443262
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5531644b-8a26-4e13-bc0d-3df548aa5f59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7554
x-amzn-requestid: 0272c6ab-a749-4e67-b8c7-d9cd1246dd05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn65pFClIAMFj9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea3-38fbfbfb0789868d572c1e21;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VJe4TFRsd9Fl8sJlm39yRyNKuNfa56h3KsIgVCIbfj-wa6OD_lBg4w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:14 GMT
age: 45317
etag: "b44e3a6a6c6e7dc4b3657a22d94092dcf3147cb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37262c30eae5fbad1c94dad74fafb802
be5af1c71574128a2e8a7ed2a71c16e22e4c3df3
1a3ea1fbf9379db8e4c76299359bfd7a8b4a4d6b742cb9a46cea59ba6e008b62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7908
x-amzn-requestid: 6aeb2a22-5a83-4738-85d5-5531bab6a0f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tkHO6IAMFuQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-6e32c6ee146890770e01f6fc;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oJsi2PuZYOeOcoG2r6UKObAncQ60Mn4xKNbH_SczH8B-AZHPqC_NdQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:49 GMT
age: 45282
etag: "be5af1c71574128a2e8a7ed2a71c16e22e4c3df3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9a9211e94d6aa2429e9663ef317707e
ac0d1af96508d026f9a1252d358660bd5671f9bd
36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqzHFWav9sDzwBhF58p314oyYPwfcbmlplVt2oF9QxSBIi5ktgpS7w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:54 GMT
age: 45277
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-158260886-1&cid=810779568.1663496652&jid=2053855736&gjid=1562705716&_gid=1170047525.1663496653&_u=YCDACUAABAAAAC~&z=1567404333
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-158260886-1&cid=810779568.1663496652&jid=2053855736&gjid=1562705716&_gid=1170047525.1663496653&_u=YCDACUAABAAAAC~&z=1567404333
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-158260886-1&cid=810779568.1663496652&jid=2053855736&gjid=1562705716&_gid=1170047525.1663496653&_u=YCDACUAABAAAAC~&z=1567404333 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.irstaxapp.com
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.irstaxapp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Sep 2022 10:24:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c89b26e02a5b8fc363a54fd7d352e998.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
142.250.74.65200 OK 3.1 kB URL HTTP/2 c89b26e02a5b8fc363a54fd7d352e998.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: c89b26e02a5b8fc363a54fd7d352e998.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 18 Sep 2022 10:24:32 GMT
expires: Mon, 18 Sep 2023 10:24:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/v2.9/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f2f918b4ec072%26domain%3Dwww.irstaxapp.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.irstaxapp.com%252Ff2894c7e7123054%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.irstaxapp.com%2Fw-9-form-10-most-important-things-you-must-know%2F&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=true&size=small
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/v2.9/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f2f918b4ec072%26domain%3Dwww.irstaxapp.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.irstaxapp.com%252Ff2894c7e7123054%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.irstaxapp.com%2Fw-9-form-10-most-important-things-you-must-know%2F&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=true&size=small
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2.9/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f2f918b4ec072%26domain%3Dwww.irstaxapp.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.irstaxapp.com%252Ff2894c7e7123054%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.irstaxapp.com%2Fw-9-form-10-most-important-things-you-must-know%2F&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=true&size=small HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: +oNroAPykY0NSOvSNiBwitvFD88lNHsjLZYcgttKaTR0ccji1KRf3jLlt2VkI6nIOb+v5azf8o0zSYKR3iSCsA==
content-length: 0
date: Sun, 18 Sep 2022 10:24:32 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ad98157c7e1e3f4554e5bed34d505fc5
3e95df6e64b1e53c7dcd1764726e3fed1fb2cb9a
a14b3392817936364c7bb36d3b67031fae5164e607a7fb434e60c3381690cb67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 9.7 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
Hash f1587a2f6b932c9df7d06824845b82ff
7ef28b98700a33e4d15cfe6f92bc00a3878ce5bf
c8ef6704f170dea262491d76fe3e5673633cb38a2e09c2a7c6a67e2ef36a9b85
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 18 Sep 2022 10:24:32 GMT
expires: Sun, 18 Sep 2022 10:24:32 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 12:27:00 GMT
expires: Wed, 13 Sep 2023 12:27:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 424652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.powr.io/popup/u/e17c8054_1660583397
172.67.5.146200 OK 88 kB URL HTTP/2 www.powr.io/popup/u/e17c8054_1660583397
IP 172.67.5.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22595)
Hash e32fe518c6010e633fbfe33d3dae8bb4
e02781cdc8731085d90b24aa2b40746d24f56a92
84da14dce5a3d064984e6360e34c2c9b1ed20cd86deff30c69937f418fd3df8c
GET /popup/u/e17c8054_1660583397 HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/html; charset=utf-8
link: <https://public.powrcdn.com/latest/assets/packs/style_packs/views-2c08199c84c61a412eae.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/views/popup-4e39e64d051fc5eadc9c.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-1711fd60ab8e8461cd46.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps-view-2b8b89ec08cb1075456f.js>; rel=preload; as=script; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/popup-848df08e9fd23aae5f5d.js>; rel=preload; as=script; nopush
cache-control: max-age=1800, public
vary: Accept-Encoding
x-request-id: da4d4a2a-cfa5-4573-9900-93e90cdc85d9
x-runtime: 0.039783
via: 1.1 vegur
cf-cache-status: HIT
age: 31147
server: cloudflare
cf-ray: 74c95f4eeaaf0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4bafb9a224038523d53d843d841b24ca
ecdd5c09b8be4b70bf09e3382c3d9832a73b7d8e
e048cb9a4327632077f3993000338e128c477dc63abddcd9858bcc304c919588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4bafb9a224038523d53d843d841b24ca
ecdd5c09b8be4b70bf09e3382c3d9832a73b7d8e
e048cb9a4327632077f3993000338e128c477dc63abddcd9858bcc304c919588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4bafb9a224038523d53d843d841b24ca
ecdd5c09b8be4b70bf09e3382c3d9832a73b7d8e
e048cb9a4327632077f3993000338e128c477dc63abddcd9858bcc304c919588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4bafb9a224038523d53d843d841b24ca
ecdd5c09b8be4b70bf09e3382c3d9832a73b7d8e
e048cb9a4327632077f3993000338e128c477dc63abddcd9858bcc304c919588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
216.58.211.1200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash a8c0697f11238a790b4f92835de9a3e4
01dea6dc36579d8c845ff4157a0f6d1e96c48b7c
a44d2ea334b14810d717646ada1c2c1ea17499aa461ceffd24b28b8bc20c4ac2
GET /rtv/012208242209000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61572
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 17:09:57 GMT
expires: Tue, 12 Sep 2023 17:09:57 GMT
cache-control: public, max-age=31536000
etag: "d3316a1477ddceef"
content-type: text/javascript; charset=UTF-8
age: 494075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs
216.58.211.1200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (14666)
Hash 7dbeafa3a4bbaeb1807d4b7d08da5244
f974034d3281a66b624a85000e898ceafd164c8e
fc78e4bb96d0358cd4449fed0275e651ff2b839a0a33bef43b67e2e8e9845f1d
GET /rtv/012208242209000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.irstaxapp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5202
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 19:18:06 GMT
expires: Wed, 13 Sep 2023 19:18:06 GMT
cache-control: public, max-age=31536000
age: 399986
etag: "29c50428a02dcb23"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab15a3557f2ae57a7f109decc7bf7f21
0c33ca1edabbf1d48fa57a8960756726970f0cd0
fdd5583dbe7e847871bc54e06cf850a0895719371ba087ba7f108aa380c12142
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012208242209000/v0/amp-form-0.1.mjs
216.58.211.1200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012208242209000/v0/amp-form-0.1.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash 5ee501905112b3df930754e096257b5e
9312c86c58a51c276e290f757af9e27dfe277e8e
6ac6786bd00e1c2cf52c2965022418639e963c7e3a7f027636cbd35941f622c4
GET /rtv/012208242209000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.irstaxapp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 19:08:30 GMT
expires: Fri, 15 Sep 2023 19:08:30 GMT
cache-control: public, max-age=31536000
etag: "1a39bbdc45509c4d"
content-type: text/javascript; charset=UTF-8
age: 227762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012208242209000/v0/amp-fit-text-0.1.mjs
216.58.211.1200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012208242209000/v0/amp-fit-text-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (5021)
Hash 2e604e11b10d67815385816239bc70d6
2f9f7afc44d1d6c2b4785dcc946d93da4caa51eb
20d3837e744aa9c5ece84fd5f19251d0598694644a953830fc4677c313b0bc0e
GET /rtv/012208242209000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.irstaxapp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1907
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 19:18:06 GMT
expires: Wed, 13 Sep 2023 19:18:06 GMT
cache-control: public, max-age=31536000
age: 399986
etag: "f652edf411126f67"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaS3oH5cFlFkgQw82jjlILFgFuuKhInnq4tPc5npcO5rVfyD2UgQ9hcmm283_mWeWFFomRIWrPuYMpLblMGZZh4XNXLChA
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaS3oH5cFlFkgQw82jjlILFgFuuKhInnq4tPc5npcO5rVfyD2UgQ9hcmm283_mWeWFFomRIWrPuYMpLblMGZZh4XNXLChA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaS3oH5cFlFkgQw82jjlILFgFuuKhInnq4tPc5npcO5rVfyD2UgQ9hcmm283_mWeWFFomRIWrPuYMpLblMGZZh4XNXLChA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.irstaxapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Sep 2022 10:24:32 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash bfa3df18993e5e0cdf93c0bd983f89cb
175d2f99db0cf70e698e4ecb4930ee30b4138069
ef6b6d100914dbc9f15badd02294082bc914e553cdb85e951849c75dddb160c2
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 18 Sep 2022 10:24:32 GMT
date: Sun, 18 Sep 2022 10:24:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-3LTnIOeLCGkmk8UiVg-sWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4bafb9a224038523d53d843d841b24ca
ecdd5c09b8be4b70bf09e3382c3d9832a73b7d8e
e048cb9a4327632077f3993000338e128c477dc63abddcd9858bcc304c919588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 921e8a0262005f8ee573fb2b42c1986c
5c75e821cce7f52205386b7264feb86f23eae952
203db2e39e95498c9336df6b8e2814d67a6228aa8531d8b53d3d781878e3d3b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
216.58.211.6200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c89b26e02a5b8fc363a54fd7d352e998.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://c89b26e02a5b8fc363a54fd7d352e998.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 11:19:49 GMT
expires: Sun, 18 Sep 2022 11:19:49 GMT
cache-control: public, max-age=86400
age: 83083
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 921e8a0262005f8ee573fb2b42c1986c
5c75e821cce7f52205386b7264feb86f23eae952
203db2e39e95498c9336df6b8e2814d67a6228aa8531d8b53d3d781878e3d3b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJYumrjp_vnLxS-XHHmQGJWzVssZWQrcPdPd67KWaYUs-Ko5DIjgJq9cCnRwoH78V2q1wwqBGc3kQ5AE_cFK79ccUaIi0M6VgUp9JVzPLtBMg5GdVk4URYt6YlnAnqc72U4eK30KZdOkHNZyzpUXLMT1C8uLZfnGTOi52TtfoD1SD_a2AMcoxF0Ysa_YQ6wqrUv_leAIvWE1irgD5MCKVqRjda-JE9iQTkHcSP1W-m9lk_S1SXaXTeWT1PjXOqMPvpSHpaYx1Y1u8HzgdIE9xPQo38in0KYmuLp9Ek9JhFHM3dgc9t50Ml-JPNMddhssJvNEjBHspePTeP-JZd2hETppffvPgJpqbdk92o2OJG2gq-oiWCuZLbfZ0cERsiRLsQFCfSS607UK_opW_SfEeV3wsDPKrdQeRMGmsqfXj2QYKEYtBuqLr4z4Jpmbrrj7-Tf5edzUTTtwUjBtHmPorGJw_gV8-yrsy8mRlyH4nsSiMZXIqTbyMR-1dYO_MBPiUEWN9DmX7xe_pSYZx9R90GWP3uGi78XujEsf9PagV2ozurAy9L4NmbYJwlXSbmC4iiR8Diwjd1D9BR2i-ckTFge73UuhQdtV_w4no52XY1e2Y5Dn_Flh-1e3_BJHSkB0WcpS9AhxkLqikCN17rmjjnJwBXSt1hY6J5Bi1VXIY4HgqlJM79TJTVRbTNTMIMsqzbRstM48pAWPC2_Urlc7Y1no1s8xOSTy6fLps1B6GDhuwD3R1q8Yg4Rta6ESLzw3KH24RpGR4ieAHaIlTbQWcbVu6qgBOgtAjGgVf1-3k86t1pRTJOz-lKOotHK-fCtG8bgvDcqGbBpL2kBuliTGKvLxtYrJebaeBJZ6zYraIgnEC0dLQo4e0v5kBIjqgUI7R5c2cdkdKnT5QIoMOBIvB_DpguzbeSpVzFcXPIEUmERfvjdRtJWmIwq57EAXSJlSSZ6PTaqvERN1Shu3MrYEmuK9t_P3vJnNCY5a7hyRcJJbyLoM-KxcWrljrojr7LqqjXwTjPjY2c9BTL_fqEEWM5iYutF5t1CwFCDTZdWKyk55ipjbfm4mLtk-R_tZiEYA5Ft6A2HitHgjvLWMg0GYQzZuPeAIPvuQ90lggCSaTlQpag8xhYRd0Atr8hIRlZcNGE9JIAOmFKhSMboveJ0bjEBII8gQRNF7qTS_IqoxUjjVQW34rGCslr2Hs5x0kFkUu4reAoWzhGihNe0Luiu6LgfISqCfh0uaagWoRAxFrQ9E7rvhGd-6H5qkuiu2du&sai=AMfl-YR7Bl3JNjplXEhgSDLwD_VPGiqOalfcJ9Y2dF-oW3iifFRdu7mIL9l-jcknY8g1f6zUTL_ETYxiqnu4kkD946wWUE7UFYE62dWKYj9g-XGX7xqUkNlXJxn4nwvzC7gq4DdPgmjLXTxGIshzhRnUMQ5QucB8rYkYUBEHptX5RlEZNaX3yOXdLnDXQMoPLdg7Ux3nmFeVuvhuD2LqIBeTUuQH6ququyh28Q&sig=Cg0ArKJSzBaNxipvvR0TEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=168&cisv=r20220914.75987&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJYumrjp_vnLxS-XHHmQGJWzVssZWQrcPdPd67KWaYUs-Ko5DIjgJq9cCnRwoH78V2q1wwqBGc3kQ5AE_cFK79ccUaIi0M6VgUp9JVzPLtBMg5GdVk4URYt6YlnAnqc72U4eK30KZdOkHNZyzpUXLMT1C8uLZfnGTOi52TtfoD1SD_a2AMcoxF0Ysa_YQ6wqrUv_leAIvWE1irgD5MCKVqRjda-JE9iQTkHcSP1W-m9lk_S1SXaXTeWT1PjXOqMPvpSHpaYx1Y1u8HzgdIE9xPQo38in0KYmuLp9Ek9JhFHM3dgc9t50Ml-JPNMddhssJvNEjBHspePTeP-JZd2hETppffvPgJpqbdk92o2OJG2gq-oiWCuZLbfZ0cERsiRLsQFCfSS607UK_opW_SfEeV3wsDPKrdQeRMGmsqfXj2QYKEYtBuqLr4z4Jpmbrrj7-Tf5edzUTTtwUjBtHmPorGJw_gV8-yrsy8mRlyH4nsSiMZXIqTbyMR-1dYO_MBPiUEWN9DmX7xe_pSYZx9R90GWP3uGi78XujEsf9PagV2ozurAy9L4NmbYJwlXSbmC4iiR8Diwjd1D9BR2i-ckTFge73UuhQdtV_w4no52XY1e2Y5Dn_Flh-1e3_BJHSkB0WcpS9AhxkLqikCN17rmjjnJwBXSt1hY6J5Bi1VXIY4HgqlJM79TJTVRbTNTMIMsqzbRstM48pAWPC2_Urlc7Y1no1s8xOSTy6fLps1B6GDhuwD3R1q8Yg4Rta6ESLzw3KH24RpGR4ieAHaIlTbQWcbVu6qgBOgtAjGgVf1-3k86t1pRTJOz-lKOotHK-fCtG8bgvDcqGbBpL2kBuliTGKvLxtYrJebaeBJZ6zYraIgnEC0dLQo4e0v5kBIjqgUI7R5c2cdkdKnT5QIoMOBIvB_DpguzbeSpVzFcXPIEUmERfvjdRtJWmIwq57EAXSJlSSZ6PTaqvERN1Shu3MrYEmuK9t_P3vJnNCY5a7hyRcJJbyLoM-KxcWrljrojr7LqqjXwTjPjY2c9BTL_fqEEWM5iYutF5t1CwFCDTZdWKyk55ipjbfm4mLtk-R_tZiEYA5Ft6A2HitHgjvLWMg0GYQzZuPeAIPvuQ90lggCSaTlQpag8xhYRd0Atr8hIRlZcNGE9JIAOmFKhSMboveJ0bjEBII8gQRNF7qTS_IqoxUjjVQW34rGCslr2Hs5x0kFkUu4reAoWzhGihNe0Luiu6LgfISqCfh0uaagWoRAxFrQ9E7rvhGd-6H5qkuiu2du&sai=AMfl-YR7Bl3JNjplXEhgSDLwD_VPGiqOalfcJ9Y2dF-oW3iifFRdu7mIL9l-jcknY8g1f6zUTL_ETYxiqnu4kkD946wWUE7UFYE62dWKYj9g-XGX7xqUkNlXJxn4nwvzC7gq4DdPgmjLXTxGIshzhRnUMQ5QucB8rYkYUBEHptX5RlEZNaX3yOXdLnDXQMoPLdg7Ux3nmFeVuvhuD2LqIBeTUuQH6ququyh28Q&sig=Cg0ArKJSzBaNxipvvR0TEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=168&cisv=r20220914.75987&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjstJYumrjp_vnLxS-XHHmQGJWzVssZWQrcPdPd67KWaYUs-Ko5DIjgJq9cCnRwoH78V2q1wwqBGc3kQ5AE_cFK79ccUaIi0M6VgUp9JVzPLtBMg5GdVk4URYt6YlnAnqc72U4eK30KZdOkHNZyzpUXLMT1C8uLZfnGTOi52TtfoD1SD_a2AMcoxF0Ysa_YQ6wqrUv_leAIvWE1irgD5MCKVqRjda-JE9iQTkHcSP1W-m9lk_S1SXaXTeWT1PjXOqMPvpSHpaYx1Y1u8HzgdIE9xPQo38in0KYmuLp9Ek9JhFHM3dgc9t50Ml-JPNMddhssJvNEjBHspePTeP-JZd2hETppffvPgJpqbdk92o2OJG2gq-oiWCuZLbfZ0cERsiRLsQFCfSS607UK_opW_SfEeV3wsDPKrdQeRMGmsqfXj2QYKEYtBuqLr4z4Jpmbrrj7-Tf5edzUTTtwUjBtHmPorGJw_gV8-yrsy8mRlyH4nsSiMZXIqTbyMR-1dYO_MBPiUEWN9DmX7xe_pSYZx9R90GWP3uGi78XujEsf9PagV2ozurAy9L4NmbYJwlXSbmC4iiR8Diwjd1D9BR2i-ckTFge73UuhQdtV_w4no52XY1e2Y5Dn_Flh-1e3_BJHSkB0WcpS9AhxkLqikCN17rmjjnJwBXSt1hY6J5Bi1VXIY4HgqlJM79TJTVRbTNTMIMsqzbRstM48pAWPC2_Urlc7Y1no1s8xOSTy6fLps1B6GDhuwD3R1q8Yg4Rta6ESLzw3KH24RpGR4ieAHaIlTbQWcbVu6qgBOgtAjGgVf1-3k86t1pRTJOz-lKOotHK-fCtG8bgvDcqGbBpL2kBuliTGKvLxtYrJebaeBJZ6zYraIgnEC0dLQo4e0v5kBIjqgUI7R5c2cdkdKnT5QIoMOBIvB_DpguzbeSpVzFcXPIEUmERfvjdRtJWmIwq57EAXSJlSSZ6PTaqvERN1Shu3MrYEmuK9t_P3vJnNCY5a7hyRcJJbyLoM-KxcWrljrojr7LqqjXwTjPjY2c9BTL_fqEEWM5iYutF5t1CwFCDTZdWKyk55ipjbfm4mLtk-R_tZiEYA5Ft6A2HitHgjvLWMg0GYQzZuPeAIPvuQ90lggCSaTlQpag8xhYRd0Atr8hIRlZcNGE9JIAOmFKhSMboveJ0bjEBII8gQRNF7qTS_IqoxUjjVQW34rGCslr2Hs5x0kFkUu4reAoWzhGihNe0Luiu6LgfISqCfh0uaagWoRAxFrQ9E7rvhGd-6H5qkuiu2du&sai=AMfl-YR7Bl3JNjplXEhgSDLwD_VPGiqOalfcJ9Y2dF-oW3iifFRdu7mIL9l-jcknY8g1f6zUTL_ETYxiqnu4kkD946wWUE7UFYE62dWKYj9g-XGX7xqUkNlXJxn4nwvzC7gq4DdPgmjLXTxGIshzhRnUMQ5QucB8rYkYUBEHptX5RlEZNaX3yOXdLnDXQMoPLdg7Ux3nmFeVuvhuD2LqIBeTUuQH6ququyh28Q&sig=Cg0ArKJSzBaNxipvvR0TEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=168&cisv=r20220914.75987&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c89b26e02a5b8fc363a54fd7d352e998.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sun, 18 Sep 2022 10:24:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Sep-2022 10:39:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Sep 2022 10:24:33 GMT
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/themes/ad-mania/js/mincustom.js
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/themes/ad-mania/js/mincustom.js
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/themes/ad-mania/js/mincustom.js HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Sun, 17 Oct 2021 07:49:16 GMT
vary: Accept-Encoding
etag: W/"616bd57c-724d6"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/anspress-question-answer/templates/css/fonts.css?ver=4.3.0
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/anspress-question-answer/templates/css/fonts.css?ver=4.3.0
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/plugins/anspress-question-answer/templates/css/fonts.css?ver=4.3.0 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
last-modified: Mon, 21 Mar 2022 15:35:09 GMT
vary: Accept-Encoding
etag: W/"62389b2d-dc7"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 03:36:06 GMT
vary: Accept-Encoding
etag: W/"624d0aa6-145db"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Noto%20Serif%3A400%20%7CNoto%20Serif%3A100%26amp%3Bsubset%3Dcyrillic%2Ccyrillic&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Noto%20Serif%3A400%20%7CNoto%20Serif%3A100%26amp%3Bsubset%3Dcyrillic%2Ccyrillic&display=swap
IP 142.250.74.10:0
GET /css?family=Noto%20Serif%3A400%20%7CNoto%20Serif%3A100%26amp%3Bsubset%3Dcyrillic%2Ccyrillic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 10:24:30 GMT
date: Sun, 18 Sep 2022 10:24:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.powr.io/powr.js?platform=html
172.67.5.146200 OK 0 B URL HTTP/2 www.powr.io/powr.js?platform=html
IP 172.67.5.146:0
GET /powr.js?platform=html HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
cache-control: max-age=604800, public
cf-bgj: minify
expires: Sat, 16 Sep 2023 16:26:17 GMT
last-modified: Fri, 16 Sep 2022 16:26:08 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
age: 126461
server: cloudflare
cf-ray: 74c95f4bd8000b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 02:01:07 GMT
vary: Accept-Encoding
etag: W/"624e45e3-b4c"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Sun, 06 Feb 2022 04:55:50 GMT
vary: Accept-Encoding
etag: W/"61ff54d6-2063"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps-view-2b8b89ec08cb1075456f.js
104.21.19.164200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps-view-2b8b89ec08cb1075456f.js
IP 104.21.19.164:0
GET /latest/assets/packs/apps-view-2b8b89ec08cb1075456f.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1443474
etag: W/"caa98b573dd8f5919ea4fbfd86b5e7b1"
last-modified: Thu, 15 Sep 2022 05:32:47 GMT
x-amz-id-2: fF0pzZjEbeaZKuxf1r85fMDOs583w2t8Aa/2Z4yirOtk+6R2F21lfJC2fTmEKeQhnhXx4+mOVNw=
x-amz-request-id: 38RZWXZFJBZZV80Q
x-amz-version-id: fdwKf.FgOvvmFm3IC2tDHLGKyJzoLyPp
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4edUz2V6fBrWdgON4IenCT9%2B3EfQ5Xq5Jj3a9PoKBXg65CkRxlJksphCls5GOGo5BUUNnP7D0%2FOSOsv4BJHPvP%2BviPAtzF%2BhtQrpdKWPC3iF%2FFDfN9AhVeYD6AdQp9UyGHzGDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c95f504c96b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=2.2.0
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=2.2.0
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=2.2.0 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 02:01:07 GMT
vary: Accept-Encoding
etag: W/"624e45e3-13bc"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
kit.fontawesome.com/14579ba48d.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/14579ba48d.js
IP 104.18.23.52:0
GET /14579ba48d.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fuu_NKRKzsFcWtfaTAAi
cf-cache-status: HIT
age: 51
server: cloudflare
cf-ray: 74c95f504ec91c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 02:01:07 GMT
vary: Accept-Encoding
etag: W/"624e45e3-9e7"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.4 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Thu, 29 Jul 2021 10:49:53 GMT
vary: Accept-Encoding
etag: W/"610287d1-4705"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/anspress-question-answer/templates/css/main.css?ver=4.3.0
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/anspress-question-answer/templates/css/main.css?ver=4.3.0
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/plugins/anspress-question-answer/templates/css/main.css?ver=4.3.0 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
last-modified: Mon, 21 Mar 2022 15:35:09 GMT
vary: Accept-Encoding
etag: W/"62389b2d-12876"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-content/plugins/twentig/dist/style-index.css?ver=03edf46797308f460f7681e39d0db827
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-content/plugins/twentig/dist/style-index.css?ver=03edf46797308f460f7681e39d0db827
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/plugins/twentig/dist/style-index.css?ver=03edf46797308f460f7681e39d0db827 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: text/css
last-modified: Thu, 07 Apr 2022 02:01:42 GMT
vary: Accept-Encoding
etag: W/"624e4606-920b"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.irstaxapp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
68.183.105.71200 OK 0 B URL HTTP/2 www.irstaxapp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 68.183.105.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.irstaxapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irstaxapp.com/w-9-form-10-most-important-things-you-must-know/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:24:30 GMT
content-type: application/javascript
last-modified: Sat, 02 Jan 2021 05:26:04 GMT
vary: Accept-Encoding
etag: W/"5ff003ec-2bd8"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2