| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb7be8442ec1e518ccc80739495f6d047 7a9d24b9d4046262c7753c49afaf9c19f4840626 b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5107
Expires: Sat, 05 Nov 2022 11:10:39 GMT
Date: Sat, 05 Nov 2022 09:45:32 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashcd02b32dbc8416dcb10b468af2166c33 503a9c4cabdb19dfde769f5e2d3ef919c818c364 46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4018
Cache-Control: max-age=89551
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:32 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:38:03 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash078950c3ba9ad01927f3da494b1d1de4 443c8a8247e4e3e04c14d21e0227fc4e8f396142 dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Sat, 05 Nov 2022 11:01:47 GMT
Date: Sat, 05 Nov 2022 09:45:32 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qcYP/L1bwwFcYMGmZyl5TJ4jdeIprnUFDwzQhWL4LpoFiUI8Pp/H5tMeTA1o2sneM5XGUMM120U=
x-amz-request-id: 1RDBYT2F3393HR37
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 09:09:59 GMT
age: 2133
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/fofg/?8pqld=/WYyZ8XHrc4Fzi4Hkf2YZSVLnjloZBWnsnTNlOtOuOrsshx2sFdbFTO5i76nMoD+Xs8=&sDK=XrUDpDQ | 104.16.15.194 | 302 Found | 492 B |
URL HTTP/1.1www.safierussellcpa.com/fofg/?8pqld=/WYyZ8XHrc4Fzi4Hkf2YZSVLnjloZBWnsnTNlOtOuOrsshx2sFdbFTO5i76nMoD+Xs8=&sDK=XrUDpDQ IP104.16.15.194:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477) Hashf6eef02685227730551cb059655d6348 36964b4bea8990cc79c7f0a56018c5a85e1698ee b50e52e6177b2a5a1cf3e56f81d62aef81c78aa9d039672de075e4f681b81db5
GET /fofg/?8pqld=/WYyZ8XHrc4Fzi4Hkf2YZSVLnjloZBWnsnTNlOtOuOrsshx2sFdbFTO5i76nMoD+Xs8=&sDK=XrUDpDQ HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 05 Nov 2022 09:45:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.safierussellcpa.com/12-write-offs
CF-Ray: 7654a8387cb9fabc-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: f4d387b6a2558cf6b1492b3b6ef25b86
X-Runtime: 0.093945
Set-Cookie: __cf_bm=J4hziNDb1vGoyaTfkYJ5q0fNMhLFkSo5y1oEKGpv88E-1667641532-0-AWQJhs+QMIFIS8iGQLzxD8cDPvuqdo0ICOpGj/pigiyh7hM88HJOOZcDCQ+kWa1GmqP533sY/lpid6s1N9piy/giAcmvNr+qi6zqwINjmcsC; path=/; expires=Sat, 05-Nov-22 10:15:32 GMT; domain=.www.safierussellcpa.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashc18c90ea9ccf7486426fd01e6ce665ee 17fef9ed9b7b3ad009acfc44d07244e59ccd70d5 e23a5c2ec51cce3ad3e17189b95918e3f49d72f2b561f7940e895dd84216e8ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3831
Cache-Control: max-age=162057
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:32 GMT
Etag: "6365f7ce-116"
Expires: Mon, 07 Nov 2022 06:46:29 GMT
Last-Modified: Sat, 05 Nov 2022 05:42:38 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hasha2f6c296003d839bdee766ef4082e376 013ae64b10cb1355ae9b6ba38dcfa79f71a9b505 703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash656a355c6cb333c5554fa65748d3d165 15e6dc206e412e258ca49e2eec46e67b831ea4a6 3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash656a355c6cb333c5554fa65748d3d165 15e6dc206e412e258ca49e2eec46e67b831ea4a6 3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash656a355c6cb333c5554fa65748d3d165 15e6dc206e412e258ca49e2eec46e67b831ea4a6 3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash656a355c6cb333c5554fa65748d3d165 15e6dc206e412e258ca49e2eec46e67b831ea4a6 3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.195 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 05:42:51 GMT
expires: Fri, 03 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 187362
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.195 | 200 OK | 24 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 17:10:21 GMT
expires: Wed, 01 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 318912
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.195 | 200 OK | 23 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 17:10:21 GMT
expires: Wed, 01 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 318912
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash656a355c6cb333c5554fa65748d3d165 15e6dc206e412e258ca49e2eec46e67b831ea4a6 3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashdb63d54b77502dd6c7bdc792d4fd093e 026ad8186833988279468829c004c6e2a2f2626f eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3376
Cache-Control: max-age=170250
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:33 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:03:03 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
|
|
| use.fontawesome.com/releases/v5.9.0/css/all.css | 172.64.132.15 | 200 OK | 88 kB |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/all.css IP172.64.132.15:0
File typeASCII text, with very long lines (55782) Hasha884237493f7f79c82450bf0dd124d8e 05f08f3b25e71c8ec4164da2ebec36a62d43f4b8 0844ea3a2ba91e71cd5894198740daaa67070bcec3d13f47ab039305e99ce11b
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: text/css
x-amz-id-2: cIB7RJR8YNkOt3c5odVNIsPWGanLxokh1zS2YvTVv7QSgKdKXNOroM5eyN2MvPjoE855Z9I1sPM=
x-amz-request-id: BCPBKD6BGPB27GGJ
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 851626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJQvGhLmO0oBJdJNab5rL%2FTRB7Xlch3Kj3qlbJMKt3s3ZkEyHR5BW2oceBpmkxO7tZ9IKKB%2BuKlA5MyHUTlJ%2B6hZ1g0hoB5MAs2vWOCyU3IQqdENoPkFGlSP9e8Pk%2Fp%2FfFGggUaX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7654a83c9cabe628-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.148.190.4 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.190.4:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5T2kf+rmY8yWiuBudfxJ/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u+rFW0ZsUGMHsByGcb6KLgvwrOo=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash077022401d8540421bf44becb30813d2 557dd02a253b32d9f8a82fe3f0975f28ee86fb19 e098b711056a5cbf52a167c8e845a373c83e849a8b9f202ced2752aa6c205d96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5908
Cache-Control: max-age=147230
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:33 GMT
Etag: "6365b5c7-1d7"
Expires: Mon, 07 Nov 2022 02:39:23 GMT
Last-Modified: Sat, 05 Nov 2022 01:00:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
|
|
| connect.facebook.net/en_US/fbevents.js | 157.240.240.1 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP157.240.240.1:0
File typeASCII text, with very long lines (64348) Hash0ac10debd3a9ea8147a26d045bb93e6e ff45f3442508e8695f2303701682ebdb6e016464 5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: zLVuNYzshzXDjrv2201+y+1Z/55ecPx26SYqzmIew3e/8zmKfgF2JyhgJzlmRgV3dio/w4p8bLGRncgJIZ6PiA==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1679558926
date: Sat, 05 Nov 2022 09:45:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash077022401d8540421bf44becb30813d2 557dd02a253b32d9f8a82fe3f0975f28ee86fb19 e098b711056a5cbf52a167c8e845a373c83e849a8b9f202ced2752aa6c205d96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5908
Cache-Control: max-age=147230
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:33 GMT
Etag: "6365b5c7-1d7"
Expires: Mon, 07 Nov 2022 02:39:23 GMT
Last-Modified: Sat, 05 Nov 2022 01:00:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
|
|
| www.facebook.com/tr/?id=612825579798566&ev=PageView&dl=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs&rl=&if=false&ts=1667641532568&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667641532567.126056123&it=1667641532326&coo=false&rqm=GET | 157.240.240.35 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=612825579798566&ev=PageView&dl=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs&rl=&if=false&ts=1667641532568&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667641532567.126056123&it=1667641532326&coo=false&rqm=GET IP157.240.240.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=612825579798566&ev=PageView&dl=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs&rl=&if=false&ts=1667641532568&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667641532567.126056123&it=1667641532326&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 05 Nov 2022 09:45:34 GMT
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/vendor.js | 104.16.12.194 | 200 OK | 12 kB |
URL HTTP/2www.safierussellcpa.com/vendor.js IP104.16.12.194:0
Hashfc84b26d90c8d525f237c8a5178946c4 e71fbb4f6c97f547bdc9d7c541de7db4b88d181d 267921429737f59d825a131a77b12ec96640940073cb92af7867cbc59b88640a
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /vendor.js HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:33 GMT
content-type: application/javascript
cf-ray: 7654a83f79980b31-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: a2a5c6b1ee480b5cbfb1aeed464e5224
x-runtime: 0.015577
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/hosted/images/65/8bbfce465b48768be4e401ea8790cd/New-Logo-2018.png | 104.16.12.194 | 200 OK | 7.2 kB |
URL HTTP/2www.safierussellcpa.com/hosted/images/65/8bbfce465b48768be4e401ea8790cd/New-Logo-2018.png IP104.16.12.194:0
File typePNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data Hashac40d02ebe0bb588ea6d7d700724efc6 8c8f620097f37fd9cb53a8119d9c718be9cd0f43 abb75445cdaabf55602f1d51744cc4c149cc34248a525e5a1df4e563e03a34d0
GET /hosted/images/65/8bbfce465b48768be4e401ea8790cd/New-Logo-2018.png HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=c162c06c-8bbe-4ed2-a0f9-0a844228f5aa; addevent_track_cookie=34949e43-10f5-48c9-cf69-a3333356b190; _fbp=fb.1.1667641532567.126056123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:34 GMT
content-type: image/png
content-length: 7204
cf-ray: 7654a8443dad0b31-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ac40d02ebe0bb588ea6d7d700724efc6"
last-modified: Thu, 07 Jul 2022 19:25:17 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/hosted/images/94/215c01ba304c8fb4c42031ea3cdd58/SafieRussellNew-profile-2020.jpg | 104.16.12.194 | 200 OK | 263 kB |
URL HTTP/2www.safierussellcpa.com/hosted/images/94/215c01ba304c8fb4c42031ea3cdd58/SafieRussellNew-profile-2020.jpg IP104.16.12.194:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 3000x2084, components 3\012- data Size263 kB (262725 bytes) Hashab58724c82e7f8d07a9897fd987f31a0 24b127e0a5345226fb880a8e496468991afd514b cfa2b57770c49c10839c1a57da2e271095d6791ac2b5a80efa5e8b2d0373a556
GET /hosted/images/94/215c01ba304c8fb4c42031ea3cdd58/SafieRussellNew-profile-2020.jpg HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=c162c06c-8bbe-4ed2-a0f9-0a844228f5aa; addevent_track_cookie=34949e43-10f5-48c9-cf69-a3333356b190; _fbp=fb.1.1667641532567.126056123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:34 GMT
content-type: image/jpeg
content-length: 262725
cf-ray: 7654a8443dae0b31-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ab58724c82e7f8d07a9897fd987f31a0"
last-modified: Thu, 07 Jul 2022 19:26:14 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/hosted/images/73/476df96dae44ddafce57dbc235da2a/cover-1.2.jpg | 104.16.12.194 | 200 OK | 49 kB |
URL HTTP/2www.safierussellcpa.com/hosted/images/73/476df96dae44ddafce57dbc235da2a/cover-1.2.jpg IP104.16.12.194:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 653x739, components 3\012- data Hashe961af002948c30333b43985ad5a7c0b 1b7d69ea8c0c7f7a0894812d6264aee115d4cddd f5cfe4ba26fe8cb5799f0004fe8e87bec5fa0a8eb7beb260e79482b1decac2ce
GET /hosted/images/73/476df96dae44ddafce57dbc235da2a/cover-1.2.jpg HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=c162c06c-8bbe-4ed2-a0f9-0a844228f5aa; addevent_track_cookie=34949e43-10f5-48c9-cf69-a3333356b190; _fbp=fb.1.1667641532567.126056123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:34 GMT
content-type: image/jpeg
content-length: 49175
cf-ray: 7654a8443da60b31-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "e961af002948c30333b43985ad5a7c0b"
last-modified: Fri, 27 May 2022 00:22:24 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/cdn-cgi/rum? | 104.16.12.194 | 204 No Content | 0 B |
URL HTTP/2www.safierussellcpa.com/cdn-cgi/rum? IP104.16.12.194:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 9727
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=c162c06c-8bbe-4ed2-a0f9-0a844228f5aa; addevent_track_cookie=34949e43-10f5-48c9-cf69-a3333356b190; _fbp=fb.1.1667641532567.126056123
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Sat, 05 Nov 2022 09:45:34 GMT
access-control-allow-origin: https://www.safierussellcpa.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7654a8450ef00b31-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/nr-1216.min.js | 151.101.86.137 | 200 OK | 14 kB |
URL HTTP/2js-agent.newrelic.com/nr-1216.min.js IP151.101.86.137:0
File typeASCII text, with very long lines (32022) Hashb7c09cc097b2847f9edc784adba62dcb 5aa648623cf5e3b4b215fe5d068a7904c59f2925 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 05 Nov 2022 09:45:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 705
x-timer: S1667641534.433336,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashc76b47495c2f1706d7e629d832e23fe2 b8e476ba2287b221a17fd6eeb4f6a44a8a41d15d d6816842b15b915e8f57dd826da60bc572bf79c21001d7211845cf4aa0a19442
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3505
Cache-Control: max-age=132232
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 09:45:34 GMT
Etag: "63658495-1d7"
Expires: Sun, 06 Nov 2022 22:29:26 GMT
Last-Modified: Fri, 04 Nov 2022 21:31:01 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ee5640e4bbe5e2c0dd4aa0698a3ce62 a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef 938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Sat, 05 Nov 2022 12:00:18 GMT
Date: Sat, 05 Nov 2022 09:45:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ee5640e4bbe5e2c0dd4aa0698a3ce62 a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef 938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Sat, 05 Nov 2022 12:00:18 GMT
Date: Sat, 05 Nov 2022 09:45:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ee5640e4bbe5e2c0dd4aa0698a3ce62 a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef 938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Sat, 05 Nov 2022 12:00:18 GMT
Date: Sat, 05 Nov 2022 09:45:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ee5640e4bbe5e2c0dd4aa0698a3ce62 a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef 938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Sat, 05 Nov 2022 12:00:18 GMT
Date: Sat, 05 Nov 2022 09:45:34 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4e2853cc6ec6223160471401e6871f4b f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 20:21:33 GMT
age: 48241
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf787d03ccf6f14f05b9fb00149a92f49 0d3c7535f83ced168b1efb0f849e353de31d40db bda8d5d8dee8c1b3b9a0dd81407bc920a3a2a737dceaaebf75e8554ef1cdcec8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: 971369d4-3728-4fef-9d82-794fd184d26d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0S3FbeIAMFceg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643412-0efd014e4b25ed9c4aed13cb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZPGScUHAZtgr_egNkJ2bOzK_ftHSd0Yr1U_S7jYUelg56FCtTOC2TA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:53:09 GMT
age: 42745
etag: "0d3c7535f83ced168b1efb0f849e353de31d40db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashca6c7517d7015fbc35fa290c1c2d6afd 594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SjV-J5oBG_0qHy-SE7_K9kj_MMjAee4JZva3thJf8On3ejAA1n1tfg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:53:04 GMT
age: 42750
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash308da46611df43543d31ca502986bea2 0bf4de356c3a64785fe116161cb931b3b2476f5d 63996962e2763dcf2e0ae5e43aa12dfd8f8677082bb1cdf63528dfd00404f3e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7619
x-amzn-requestid: 67308248-e660-4294-aafe-5f178970f822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHlcHHfIAMFyGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658622-5b1ee875554a05eb1e8a6f16;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qn6QTO-5bR2vT6wtmHT2zVZX556_FUz6ImAWK3O8hc8xSJ9XmNM96w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:48:46 GMT
age: 43008
etag: "0bf4de356c3a64785fe116161cb931b3b2476f5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6ee20d59c5ac266f8eb9c47057271a10 61dc4e78907f114519ff3fdd3c806b36557ab744 2cba117cfe96fa5e1b53981f98d42eb3e5f956083c3435a1d44d1d40784614bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11427
x-amzn-requestid: 0dcc7ef4-d7fa-492e-8ddf-4342b4bc44e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHxJGJZoAMFWlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365866d-7c3de2ed509a640f37c52843;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gAHLlJ0JzB6TfEUNw_sCNmrjMK-EX1hZbCY34i99xQok7R-wvcpqug==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:59:04 GMT
age: 42390
etag: "61dc4e78907f114519ff3fdd3c806b36557ab744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg | 34.120.237.76 | 200 OK | 5.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash683264508686ad18ae519baac54d3b05 1897c9fcad301764736ab867491beb18526af153 e8beb5d336ca424e36725ab87b98b4dedcf32a5b01c43b9c06363a7be25522fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5754
x-amzn-requestid: df2c5b88-0444-44b1-81ef-04e565d25b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bAS--GiUoAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636331f9-0ec90f4d5f0c6fcf2d6e4a8b;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 03:14:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7CdkFTu--etXnoftDB8IYx3G6NIDBbKNiomZXVQQpr8et2Qh9yUGoQ==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 03:37:11 GMT
age: 22103
etag: "1897c9fcad301764736ab867491beb18526af153"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2311&ck=1&ref=https://www.safierussellcpa.com/12-write-offs&ap=412&be=573&fe=1934&dc=1194&perf=%7B%22timing%22:%7B%22of%22:1667641530741,%22n%22:0,%22f%22:374,%22dn%22:377,%22dne%22:377,%22c%22:379,%22s%22:381,%22ce%22:396,%22rq%22:396,%22rp%22:542,%22rpe%22:554,%22dl%22:560,%22di%22:1179,%22ds%22:1194,%22de%22:1303,%22dc%22:1934,%22l%22:1934,%22le%22:2052%7D,%22navigation%22:%7B%7D%7D&fcp=939&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 72 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2311&ck=1&ref=https://www.safierussellcpa.com/12-write-offs&ap=412&be=573&fe=1934&dc=1194&perf=%7B%22timing%22:%7B%22of%22:1667641530741,%22n%22:0,%22f%22:374,%22dn%22:377,%22dne%22:377,%22c%22:379,%22s%22:381,%22ce%22:396,%22rq%22:396,%22rp%22:542,%22rpe%22:554,%22dl%22:560,%22di%22:1179,%22ds%22:1194,%22de%22:1303,%22dc%22:1934,%22l%22:1934,%22le%22:2052%7D,%22navigation%22:%7B%7D%7D&fcp=939&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hash107d93e382e2c9b00fbf9fb0edc65d86 77e750e3ebf9706f4f6dd253785602d70be17c6c a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2311&ck=1&ref=https://www.safierussellcpa.com/12-write-offs&ap=412&be=573&fe=1934&dc=1194&perf=%7B%22timing%22:%7B%22of%22:1667641530741,%22n%22:0,%22f%22:374,%22dn%22:377,%22dne%22:377,%22c%22:379,%22s%22:381,%22ce%22:396,%22rq%22:396,%22rp%22:542,%22rpe%22:554,%22dl%22:560,%22di%22:1179,%22ds%22:1194,%22de%22:1303,%22dc%22:1934,%22l%22:1934,%22le%22:2052%7D,%22navigation%22:%7B%7D%7D&fcp=939&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 09:45:34 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7654a8477ae70b45-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=2064216fdc7b5fac; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| www.safierussellcpa.com/hosted/images/0d/23066b6d1b4a36bf66dd9e10830014/SafieRussellNew-profile-2020.jpg | 104.16.12.194 | 200 OK | 286 kB |
URL HTTP/2www.safierussellcpa.com/hosted/images/0d/23066b6d1b4a36bf66dd9e10830014/SafieRussellNew-profile-2020.jpg IP104.16.12.194:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, xresolution=198, yresolution=206, resolutionunit=2, software=Windows Photo Editor 10.0.10011.16384, datetime=2020:11:18 20:33:28], progressive, precision 8, 3000x2084, components 3\012- data Size286 kB (286262 bytes) Hasheba3bd821e5f0bc7751224e251fa1e05 de5ac03ad40668a69aa0628de430affc788d65f7 cd0424d7d199ea66f6928fae65b749f838afa5fc4a5770ed3d272b56960beedc
GET /hosted/images/0d/23066b6d1b4a36bf66dd9e10830014/SafieRussellNew-profile-2020.jpg HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=c162c06c-8bbe-4ed2-a0f9-0a844228f5aa; addevent_track_cookie=34949e43-10f5-48c9-cf69-a3333356b190; _fbp=fb.1.1667641532567.126056123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:34 GMT
content-type: image/jpeg
content-length: 286262
cf-ray: 7654a8443da90b31-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "eba3bd821e5f0bc7751224e251fa1e05"
last-modified: Wed, 25 May 2022 23:32:44 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/12-write-offs | 104.16.12.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/12-write-offs IP104.16.12.194:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /12-write-offs HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: text/html; charset=utf-8
cf-ray: 7654a83a8dae0b31-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Thu, 27 Oct 2022 20:06:29 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 36614ed1fff665fb0404b71b0ca18e4c13a19bff
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: ed56b807e10dcba3209225a74da330eb
x-runtime: 0.407046
set-cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD; path=/; expires=Sat, 05-Nov-22 10:15:32 GMT; domain=.www.safierussellcpa.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/v4-shims.css | 172.64.132.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/v4-shims.css IP172.64.132.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: text/css
x-amz-id-2: WpVlr9E4LNAdFsXi6U7ITEvBAF0od/nY8z13ckAJA/I/wFoGHyoSwlXOyhWr8pqbj6dB1MeQp5k=
x-amz-request-id: CN86A7VHSM61Q680
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1977840
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGWBPerQWa2tuiOyCrLl3ZEFw%2Fk5%2FOsIF%2BIy94eLYxwnlD9CbOUVHQ%2FkfDfRJiAJ%2FlVPjlNaGpuQCjxHYXA2PsKS4DxMzqYADRnlgjVze%2FVf4DuWTSzlKmaLka%2BJElwo6H0kPmlj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7654a83c8c9fe628-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 IP142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 09:45:32 GMT
date: Sat, 05 Nov 2022 09:45:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/images/background.png?_unique=0.9513982485169844&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.safierussellcpa.com/12-write-offs&_title=%5BFree%20Book%5D%2012%20Overlooked%20Tax%20Write-Offs%7C%20SDR%20Consulting%20Inc.&_key=vdjcof5m&_page_key=xum3fp2h74f4kofy&_fid=12090618&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.safierussellcpa.com/12-write-offs&_referrer= | 104.16.12.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/images/background.png?_unique=0.9513982485169844&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.safierussellcpa.com/12-write-offs&_title=%5BFree%20Book%5D%2012%20Overlooked%20Tax%20Write-Offs%7C%20SDR%20Consulting%20Inc.&_key=vdjcof5m&_page_key=xum3fp2h74f4kofy&_fid=12090618&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.safierussellcpa.com/12-write-offs&_referrer= IP104.16.12.194:0
GET /images/background.png?_unique=0.9513982485169844&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.safierussellcpa.com/12-write-offs&_title=%5BFree%20Book%5D%2012%20Overlooked%20Tax%20Write-Offs%7C%20SDR%20Consulting%20Inc.&_key=vdjcof5m&_page_key=xum3fp2h74f4kofy&_fid=12090618&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.safierussellcpa.com/12-write-offs&_referrer= HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=c162c06c-8bbe-4ed2-a0f9-0a844228f5aa; addevent_track_cookie=34949e43-10f5-48c9-cf69-a3333356b190; _fbp=fb.1.1667641532567.126056123
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:34 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 7654a8444db90b31-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: f4f017388c5e94e7846a7f8568d5af66
x-runtime: 0.018694
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/assets/userevents/application.js | 104.16.12.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/assets/userevents/application.js IP104.16.12.194:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /assets/userevents/application.js HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: application/x-javascript
cf-ray: 7654a83c1f070b31-OSL
access-control-allow-origin: *
age: 755
cache-control: public, max-age=1200
etag: W/"6359dae3-147c"
expires: Sat, 05 Nov 2022 10:05:32 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/assets/lander.css | 104.16.12.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/assets/lander.css IP104.16.12.194:0
GET /assets/lander.css HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: text/css
cf-ray: 7654a83c1f060b31-OSL
access-control-allow-origin: *
age: 908
cache-control: public, max-age=1200
etag: W/"6359dae3-6a514"
expires: Sat, 05 Nov 2022 10:05:32 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/assets/pushcrew.js | 104.16.12.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/assets/pushcrew.js IP104.16.12.194:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /assets/pushcrew.js HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: application/x-javascript
cf-ray: 7654a83c2f0c0b31-OSL
access-control-allow-origin: *
age: 908
cache-control: public, max-age=1200
etag: W/"6359dae3-27d"
expires: Sat, 05 Nov 2022 10:05:32 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/mailcheck.min.js | 104.16.12.194 | 200 OK | 0 B |
URL HTTP/2app.clickfunnels.com/mailcheck.min.js IP104.16.12.194:0
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: application/x-javascript
cf-ray: 7654a83c5ba7b4ed-OSL
access-control-allow-origin: *
age: 4833
etag: W/"6359dae3-a8d"
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=Eil1er4XrQXI2QIIfwQN3VXVqH7n3paK88iCR6Mm4ns-1667641532-0-ASYWWSwAjVI8zptpxVZGv/K2rkWBmIxl0UmmRpJAjncB9n1CZvgKZ8sltTYDRT6no2lxLm4X/IcRU32kXWnKvqJiyuji7EYRhj+jMHnGxYI4; path=/; expires=Sat, 05-Nov-22 10:15:32 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=2a0f9e07-7316-4a90-8a78-7f1401531c5d&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs | 104.16.12.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=2a0f9e07-7316-4a90-8a78-7f1401531c5d&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs IP104.16.12.194:0
GET /userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=2a0f9e07-7316-4a90-8a78-7f1401531c5d&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 05 Nov 2022 09:45:33 GMT
content-type: text/html
cf-ray: 7654a83fdcd4fac4-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 1264a83d4d4bc1273ef0502eedd3dd06
x-runtime: 0.029740
set-cookie: __cf_bm=atlbV.bl2BSEgnz9ActBnBlkdC9tZgwuT3aCSYCHt3g-1667641533-0-ASPPDj+euxns3cDz1+FyCJa9KMbyGoOF1QiFr5uMJlX5oBXmLFz8sm9E0EqpFCSOeMvciEFBfnboNIV1p9TtFmt1TlH51B5U8jJ59lyGgWKL; path=/; expires=Sat, 05-Nov-22 10:15:33 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=fb7b4a63-0682-44a1-80b5-aae718640e47&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs | 104.16.12.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=fb7b4a63-0682-44a1-80b5-aae718640e47&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs IP104.16.12.194:0
GET /userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=fb7b4a63-0682-44a1-80b5-aae718640e47&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 05 Nov 2022 09:45:33 GMT
content-type: text/html
cf-ray: 7654a83fdcd5fac4-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: a8449b2fb0602b0e0a921f957b27ad5f
x-runtime: 0.048269
set-cookie: __cf_bm=UV2yFir9izFXgEXu80zcDDqB3x2iACTQwvUazx6XEqM-1667641533-0-ARLijEYpa6EKVxG3C3xqQob0e5lRmTiMHjJDPWX/Mh1T2A8Cg0wuK8/ZugSb+9Jt+hTQ49HRq1VLBqB5WJXbXERynRpfg7NhQ+ph3esjvs8K; path=/; expires=Sat, 05-Nov-22 10:15:33 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/images/closemodal.png | 104.16.12.194 | 200 OK | 0 B |
URL HTTP/2app.clickfunnels.com/images/closemodal.png IP104.16.12.194:0
GET /images/closemodal.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Cookie: __cf_bm=Eil1er4XrQXI2QIIfwQN3VXVqH7n3paK88iCR6Mm4ns-1667641532-0-ASYWWSwAjVI8zptpxVZGv/K2rkWBmIxl0UmmRpJAjncB9n1CZvgKZ8sltTYDRT6no2lxLm4X/IcRU32kXWnKvqJiyuji7EYRhj+jMHnGxYI4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:34 GMT
content-type: image/webp
cf-ray: 7654a8443c98b4ed-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 832748
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "63571ab3-314"
expires: Tue, 06 Dec 2022 09:45:34 GMT
last-modified: Mon, 24 Oct 2022 23:07:31 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/v1/track_capi?page_key=xum3fp2h74f4kofy&location=https://www.safierussellcpa.com/12-write-offs&referrer= | 104.16.12.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/v1/track_capi?page_key=xum3fp2h74f4kofy&location=https://www.safierussellcpa.com/12-write-offs&referrer= IP104.16.12.194:0
GET /v1/track_capi?page_key=xum3fp2h74f4kofy&location=https://www.safierussellcpa.com/12-write-offs&referrer= HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safierussellcpa.com/12-write-offs
Connection: keep-alive
Cookie: __cf_bm=XqXgICWo4k0AV3SSWLmaKNBVp3Fd3EVGdumAffMSk.Y-1667641532-0-AVOhEX60snnFy77xe9zHQdifP77WvVAzWAJFGQ7y7uNIDAwQ6j/vDGollVwmiXxHqqedFH5XnpGXN1nX2kKZzCMA8vHZoJpthjWdHh97DNBD; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=c162c06c-8bbe-4ed2-a0f9-0a844228f5aa; addevent_track_cookie=34949e43-10f5-48c9-cf69-a3333356b190; _fbp=fb.1.1667641532567.126056123
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:34 GMT
content-type: text/plain; charset=utf-8
cf-ray: 7654a8443da20b31-OSL
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 0098352264592a0167217abf49f63af5
x-runtime: 0.039927
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 | 104.16.56.101 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP104.16.56.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 09:45:32 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7654a83c6c95b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=6af0b015-de13-402d-a46a-ed46412b6252&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs | 104.16.12.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=6af0b015-de13-402d-a46a-ed46412b6252&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs IP104.16.12.194:0
GET /userevents/?funnel_id=cDFRa2JIbTFYblkrVFJwS3locXphZz09LS1kb014Nm1nTFpuT0JYQm8wQVA1SkdRPT0%3D--ba9a37d7a7774d943c34acc1a71d1848f21edb79&page_id=ejlDRjZ5SU1wVW9sN25yN3AvdFRNUT09LS14V0hvbUF3b09KWXI4cWpDMnhIcVZnPT0%3D--97f0e481ef423770f2335ffdcba718885470948d&funnel_step_id=bjJBaUR1bzFOVXdtWWJqYzk4c1lXZz09LS16anpITzZUYlkwc0t4QzNiQ2daeFN3PT0%3D--9da12c90527725e9bf3946a2cad86a6fe5f7755e&user_id=Uno3TlVsTDhtMjVwNUlxcy9od2g3QT09LS14ZHdwdVVrODJrQnBnYTNERFlUbWx3PT0%3D--6f296485252c321d353fdbbec70f747e072541a4&account_id=TitJRHpyWVFUMUdyWUlXTkNsK2IxZz09LS1ocHlCd1Z1V25Kai80S1JxQ2Q3SUhnPT0%3D--40a56939fa1db5780f86565b584b40c4dc8b6b18&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=6af0b015-de13-402d-a46a-ed46412b6252&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 05 Nov 2022 09:45:33 GMT
content-type: text/html
cf-ray: 7654a83fdcd7fac4-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: adcb9d7a01af43e4ad1e788d8f920d29
x-runtime: 0.028993
set-cookie: __cf_bm=qRWtZR6ZhfRAc1vIXr_3WUQpOV0pgsdVNGHG5HWSksw-1667641533-0-AUjiSb+yButiB6+LzXYkasPk3oy+qvG7hyxHVf2DIkeLG3b63wMr0cvuoSkoyx4IAbKkowVkAY5Cgf+OI0B/o5qiYKqfzsV7a0qCJuLH8rdo; path=/; expires=Sat, 05-Nov-22 10:15:33 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=iJYixgIFaKXkBHp9qR9R_0tkybPInHUO7tMlU1ErHoo-1667641533-0-ATqF3URxQ9TARFwizgFktMCXt7LtNzYkQGRd41qCcRNZyEK2lzR8HDgWb03VzzzEIv63yOCWFzTrkWNfpP1xUKh5bR6mw47GbA0KCDwBxmzN"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=iJYixgIFaKXkBHp9qR9R_0tkybPInHUO7tMlU1ErHoo-1667641533-0-ATqF3URxQ9TARFwizgFktMCXt7LtNzYkQGRd41qCcRNZyEK2lzR8HDgWb03VzzzEIv63yOCWFzTrkWNfpP1xUKh5bR6mw47GbA0KCDwBxmzN; report-to cf-csp-endpoint
server: cloudflare
X-Firefox-Spdy: h2
|
|