| www.safierussellcpa.com/fofg/?olJ82r7=/WYyZ8XHrc4Fzi4Hkf2YZSVLnjloZBWnsnTNlOtOuOrsshx2sFdbFTO5i76nMoD%20Xs8=&Cbi=wZqtHJUxEJ&M3lU=axl0dPw8 | 104.16.13.194 | 302 Found | 492 B |
URL HTTP/1.1www.safierussellcpa.com/fofg/?olJ82r7=/WYyZ8XHrc4Fzi4Hkf2YZSVLnjloZBWnsnTNlOtOuOrsshx2sFdbFTO5i76nMoD%20Xs8=&Cbi=wZqtHJUxEJ&M3lU=axl0dPw8 IP104.16.13.194:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477) Hashf9effff85a8e8b4ca81562244dc091ab 5af4df9686da75a09ac7564ebf5dc696eea5077c 4cf5edbdb4e7bbf01cff8d8f79c476334962bd3abe4cea194683e97664153563
GET /fofg/?olJ82r7=/WYyZ8XHrc4Fzi4Hkf2YZSVLnjloZBWnsnTNlOtOuOrsshx2sFdbFTO5i76nMoD%20Xs8=&Cbi=wZqtHJUxEJ&M3lU=axl0dPw8 HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 22 Nov 2022 00:50:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.safierussellcpa.com/12-write-offs
CF-Ray: 76ddac1b98d5b4f1-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: afc775f759638b76e35722000ae3a918
X-Runtime: 0.107203
Set-Cookie: __cf_bm=nrJjDXtoU2vizxt2ZZVK8zy3mi9Gtto.5J.x2P1vW1Y-1669078240-0-AUY3h2mX3ODeVcf10XyzUdxlxy9s9JW8gTQdp8P9UZ750dgEHstAAdtya/y1+eIT58ZXPYXGPE4YvfePScy2u5Mn1+1Fsq01fwZF0Ro44qvV; path=/; expires=Tue, 22-Nov-22 01:20:40 GMT; domain=.www.safierussellcpa.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashdfb72f04bd7a4410640c0543bb4bd402 7c63b7e220b337b6a4f39864e11d6aa9e26c38ac b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18169
Expires: Tue, 22 Nov 2022 05:53:29 GMT
Date: Tue, 22 Nov 2022 00:50:40 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4843de3bf95411e6aa89834def44bb86 1f1882351ac63fba73a22014382f69df5e02ec96 1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6384
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:40 GMT
Last-Modified: Mon, 21 Nov 2022 23:04:16 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash567df7db606cf5d0871aa5bc9311b6da 4263faac7cbab2fcaf6661911dcad5091c06be17 e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 00:09:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2483
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash054ff0d1a0a43f7cb1d78dbd34e27f99 3caf54f3de1d6a8c6f6454083f8b8e7dec77db54 fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14131
Expires: Tue, 22 Nov 2022 04:46:11 GMT
Date: Tue, 22 Nov 2022 00:50:40 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eWokECfmokdypjbeCOiQuWQPgAFlPLN3F6DO8lod5I8z/GSTyqMGy1sp4da0ESa74yCyudgFJ0s=
x-amz-request-id: 2B53YAZS5KJ9WGKN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 00:39:21 GMT
age: 679
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 00:50:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hasha045d905491ab6bde6bfc62a42d813ca 7ba6bc36f605a8aad95b114bf8597a8323206297 89a0edac835c97d3ec1e61303a24d8b96d9043c955d3eeb76656ff8c80204de3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3342
Cache-Control: max-age=110865
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Etag: "637b1de4-118"
Expires: Wed, 23 Nov 2022 07:38:26 GMT
Last-Modified: Mon, 21 Nov 2022 06:42:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hasha0dafe97af899901031783137dfbc709 062736fdfe2f9745a3d4a7575397ac7afa9537bd 59d7b6f72ef5adcef0920ce99c229dc6b0bc5ef9bcda7e3b9d1c3e001da9c296
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6427
Cache-Control: max-age=133396
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Etag: "637b69da-117"
Expires: Wed, 23 Nov 2022 13:53:57 GMT
Last-Modified: Mon, 21 Nov 2022 12:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash8796b1bba5e0df458c07179adea64173 b3c3f64718de099805a200e156774ea356a08132 ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hasha0dafe97af899901031783137dfbc709 062736fdfe2f9745a3d4a7575397ac7afa9537bd 59d7b6f72ef5adcef0920ce99c229dc6b0bc5ef9bcda7e3b9d1c3e001da9c296
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6427
Cache-Control: max-age=133396
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Etag: "637b69da-117"
Expires: Wed, 23 Nov 2022 13:53:57 GMT
Last-Modified: Mon, 21 Nov 2022 12:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
|
|
| use.fontawesome.com/releases/v5.9.0/css/all.css | 172.64.132.15 | 200 OK | 13 kB |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/all.css IP172.64.132.15:0
File typeASCII text, with very long lines (55782) Hash076d1f82dc1686f4fbbf2b8a3597ff22 669f9f6f6aa609e07ea24236e11592829a8941dc 415f6d5ae638702836cbffc38b3dddba19b95c6df330796d49eaf234ede8a329
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: text/css
x-amz-id-2: aTwuyWgaPvMb6JWlB6xk6ko4jaJeYcep7GkUNwiiQ54PacIiib0YpvXLB8kuH9wuaqemxGQSQA4=
x-amz-request-id: PSJN9FGRVEEQCVY1
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1842123
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=803MMkovbzC3wG6Mst5%2BMXxq43L4LRNgyFE%2F6LYUi16QB3DgZgLS%2F5HgJpjBqadC%2BHXzWNKdLXS25oTpymaRjVEeqxo9QTOVmegk1Y1iRpUGo4iiauXduOo966G0SOPAg5tq6H9M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ddac2028dc76de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hasha0dafe97af899901031783137dfbc709 062736fdfe2f9745a3d4a7575397ac7afa9537bd 59d7b6f72ef5adcef0920ce99c229dc6b0bc5ef9bcda7e3b9d1c3e001da9c296
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6427
Cache-Control: max-age=133396
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Etag: "637b69da-117"
Expires: Wed, 23 Nov 2022 13:53:57 GMT
Last-Modified: Mon, 21 Nov 2022 12:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashbbd3a90ecb69a3abde612dbd4981266e 49d9c20fb2a8fc47c58538b0cc57a3caec87a7b4 3ab396056a8d985b58a8b4547492a732b4f731d142880e9dbe9a7b8a026bef47
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122277
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Etag: "637b5786-118"
Expires: Wed, 23 Nov 2022 10:48:38 GMT
Last-Modified: Mon, 21 Nov 2022 10:48:38 GMT
Server: nginx
Content-Length: 280
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 00:08:47 GMT
cache-control: public,max-age=3600
age: 2514
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashed3ae8e878b9c8c9c5fc3ab22d8547d6 e4d08dc74fa84a3bcc9d442e225e8f7a6c124822 e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashd9afe0ae0199aff69fefbe5a55490d31 126f648ad266469bf531b5c08f7f71a973d0eeb0 105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashd9afe0ae0199aff69fefbe5a55490d31 126f648ad266469bf531b5c08f7f71a973d0eeb0 105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashd9afe0ae0199aff69fefbe5a55490d31 126f648ad266469bf531b5c08f7f71a973d0eeb0 105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 | 142.250.74.10 | 200 OK | 47 kB |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 IP142.250.74.10:0
Hashf2b5ed0abc85ee070ca49696918a7125 44e21e326455155609a8475d386e186e0c0bb0d5 557f53ee67b671d3b2311b0e7984781a55292c7e8edb9e5cc7d7f0a230144593
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 00:50:41 GMT
date: Tue, 22 Nov 2022 00:50:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.195 | 200 OK | 23 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 21:11:39 GMT
expires: Sun, 19 Nov 2023 21:11:39 GMT
cache-control: public, max-age=31536000
age: 185942
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.195 | 200 OK | 24 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 17:10:21 GMT
expires: Wed, 15 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 546020
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashd9afe0ae0199aff69fefbe5a55490d31 126f648ad266469bf531b5c08f7f71a973d0eeb0 105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2db0ebb9efcf3be3c92f23b61de5c065 dd830565723f18a7944c26d24b0fb142d06a71a5 8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2558
Cache-Control: max-age=118731
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:41 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 09:49:32 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4f3a5a30fdbbcedc4ac1dc3b76e2f549 900613ba9b53b997643793c2a5b679dbda675f4b c092a80d083e7d785e8a2ca3f103ab2f00d4b6761c420fb9ef2256408ce8aee2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6177
Cache-Control: max-age=89252
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:42 GMT
Etag: "637abe65-1d7"
Expires: Wed, 23 Nov 2022 01:38:14 GMT
Last-Modified: Sun, 20 Nov 2022 23:55:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 35.165.41.15 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.165.41.15:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fwt4BAJTlKRacCSjxaO7tA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lOa3VzCzz46mI1wp0xCtSlrYBbg=
|
|
| connect.facebook.net/en_US/fbevents.js | 157.240.200.14 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP157.240.200.14:0
File typeASCII text, with very long lines (64348) Hash44ecaa3c2a4929a40141edc4540aaf84 f29a573182333b2500d41bfc389d6c5232dfb348 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: OP4dTc0D2NOZn5vhJ8BODSaH5HpY3IAm7P+diWObO/bx1vqspQa/2LDsG3mkMzP5MN6m8Zvmh0tGihVa/CRsfQ==
content-length: 27340
x-fb-trip-id: 1679558926
date: Tue, 22 Nov 2022 00:50:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4f3a5a30fdbbcedc4ac1dc3b76e2f549 900613ba9b53b997643793c2a5b679dbda675f4b c092a80d083e7d785e8a2ca3f103ab2f00d4b6761c420fb9ef2256408ce8aee2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6177
Cache-Control: max-age=89252
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 00:50:42 GMT
Etag: "637abe65-1d7"
Expires: Wed, 23 Nov 2022 01:38:14 GMT
Last-Modified: Sun, 20 Nov 2022 23:55:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
|
| app.clickfunnels.com/userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=8e318bc2-83e3-43cf-be6a-b7a990bb52e8&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs | 104.16.14.194 | 202 Accepted | 6.8 kB |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=8e318bc2-83e3-43cf-be6a-b7a990bb52e8&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs IP104.16.14.194:0
File typePNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data Hash2d0375e76e11e306623718facb42b60e af9556ac57aa9ba95240a2fd48640d649733712e e727bcaedde4d1ffca6a7584243271113e4b951a0d2e771b3e7bb34cf4d9d252
GET /userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=8e318bc2-83e3-43cf-be6a-b7a990bb52e8&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: text/html
cf-ray: 76ddac232a130b69-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 372e73ab4bf6930fbc871d8552ef0ed1
x-runtime: 0.026973
set-cookie: __cf_bm=1uocH2SNgjdy2qOc9YS22z6uOhmN4ey6WvEyskDmlHk-1669078241-0-Aa6qSrOwZ1z+q6Oph1aU2l5E53YAfDVNdTr430O7RCMFIjtKPV9io1gStLK0WqslWawbVGtWiJXOsofcKH2NLYkpGdFSezPhOSpvYAtj5lyb; path=/; expires=Tue, 22-Nov-22 01:20:41 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=612825579798566&ev=PageView&dl=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs&rl=&if=false&ts=1669078242394&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669078242393.1651152356&it=1669078242107&coo=false&rqm=GET | 157.240.200.35 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=612825579798566&ev=PageView&dl=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs&rl=&if=false&ts=1669078242394&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669078242393.1651152356&it=1669078242107&coo=false&rqm=GET IP157.240.200.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=612825579798566&ev=PageView&dl=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs&rl=&if=false&ts=1669078242394&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669078242393.1651152356&it=1669078242107&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Nov 2022 00:50:42 GMT
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/hosted/images/94/215c01ba304c8fb4c42031ea3cdd58/SafieRussellNew-profile-2020.jpg | 104.16.15.194 | 200 OK | 263 kB |
URL HTTP/2www.safierussellcpa.com/hosted/images/94/215c01ba304c8fb4c42031ea3cdd58/SafieRussellNew-profile-2020.jpg IP104.16.15.194:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 3000x2084, components 3\012- data Size263 kB (262725 bytes) Hashab58724c82e7f8d07a9897fd987f31a0 24b127e0a5345226fb880a8e496468991afd514b cfa2b57770c49c10839c1a57da2e271095d6791ac2b5a80efa5e8b2d0373a556
GET /hosted/images/94/215c01ba304c8fb4c42031ea3cdd58/SafieRussellNew-profile-2020.jpg HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=b1e9c10d-aaf9-456d-ae77-a91b8f972d02; addevent_track_cookie=f672f087-c533-4766-8063-68359b54b949; _fbp=fb.1.1669078242393.1651152356
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:42 GMT
content-type: image/jpeg
content-length: 262725
cf-ray: 76ddac27fc9bb50b-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ab58724c82e7f8d07a9897fd987f31a0"
last-modified: Thu, 07 Jul 2022 19:26:14 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/hosted/images/65/8bbfce465b48768be4e401ea8790cd/New-Logo-2018.png | 104.16.15.194 | 200 OK | 7.2 kB |
URL HTTP/2www.safierussellcpa.com/hosted/images/65/8bbfce465b48768be4e401ea8790cd/New-Logo-2018.png IP104.16.15.194:0
File typePNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data Hashac40d02ebe0bb588ea6d7d700724efc6 8c8f620097f37fd9cb53a8119d9c718be9cd0f43 abb75445cdaabf55602f1d51744cc4c149cc34248a525e5a1df4e563e03a34d0
GET /hosted/images/65/8bbfce465b48768be4e401ea8790cd/New-Logo-2018.png HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=b1e9c10d-aaf9-456d-ae77-a91b8f972d02; addevent_track_cookie=f672f087-c533-4766-8063-68359b54b949; _fbp=fb.1.1669078242393.1651152356
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:42 GMT
content-type: image/png
content-length: 7204
cf-ray: 76ddac27fc99b50b-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ac40d02ebe0bb588ea6d7d700724efc6"
last-modified: Thu, 07 Jul 2022 19:25:17 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/hosted/images/73/476df96dae44ddafce57dbc235da2a/cover-1.2.jpg | 104.16.15.194 | 200 OK | 49 kB |
URL HTTP/2www.safierussellcpa.com/hosted/images/73/476df96dae44ddafce57dbc235da2a/cover-1.2.jpg IP104.16.15.194:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 653x739, components 3\012- data Hashe961af002948c30333b43985ad5a7c0b 1b7d69ea8c0c7f7a0894812d6264aee115d4cddd f5cfe4ba26fe8cb5799f0004fe8e87bec5fa0a8eb7beb260e79482b1decac2ce
GET /hosted/images/73/476df96dae44ddafce57dbc235da2a/cover-1.2.jpg HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=b1e9c10d-aaf9-456d-ae77-a91b8f972d02; addevent_track_cookie=f672f087-c533-4766-8063-68359b54b949; _fbp=fb.1.1669078242393.1651152356
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:42 GMT
content-type: image/jpeg
content-length: 49175
cf-ray: 76ddac27fc96b50b-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "e961af002948c30333b43985ad5a7c0b"
last-modified: Fri, 27 May 2022 00:22:24 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/hosted/images/0d/23066b6d1b4a36bf66dd9e10830014/SafieRussellNew-profile-2020.jpg | 104.16.15.194 | 200 OK | 286 kB |
URL HTTP/2www.safierussellcpa.com/hosted/images/0d/23066b6d1b4a36bf66dd9e10830014/SafieRussellNew-profile-2020.jpg IP104.16.15.194:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, xresolution=198, yresolution=206, resolutionunit=2, software=Windows Photo Editor 10.0.10011.16384, datetime=2020:11:18 20:33:28], progressive, precision 8, 3000x2084, components 3\012- data Size286 kB (286262 bytes) Hasheba3bd821e5f0bc7751224e251fa1e05 de5ac03ad40668a69aa0628de430affc788d65f7 cd0424d7d199ea66f6928fae65b749f838afa5fc4a5770ed3d272b56960beedc
GET /hosted/images/0d/23066b6d1b4a36bf66dd9e10830014/SafieRussellNew-profile-2020.jpg HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=b1e9c10d-aaf9-456d-ae77-a91b8f972d02; addevent_track_cookie=f672f087-c533-4766-8063-68359b54b949; _fbp=fb.1.1669078242393.1651152356
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:42 GMT
content-type: image/jpeg
content-length: 286262
cf-ray: 76ddac27fc98b50b-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "eba3bd821e5f0bc7751224e251fa1e05"
last-modified: Wed, 25 May 2022 23:32:44 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/cdn-cgi/rum? | 104.16.15.194 | 204 No Content | 0 B |
URL HTTP/2www.safierussellcpa.com/cdn-cgi/rum? IP104.16.15.194:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 10039
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=b1e9c10d-aaf9-456d-ae77-a91b8f972d02; addevent_track_cookie=f672f087-c533-4766-8063-68359b54b949; _fbp=fb.1.1669078242393.1651152356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 22 Nov 2022 00:50:42 GMT
access-control-allow-origin: https://www.safierussellcpa.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 76ddac28bd10b50b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/v1/track_capi?page_key=xum3fp2h74f4kofy&location=https://www.safierussellcpa.com/12-write-offs&referrer= | 104.16.15.194 | 200 OK | 14 kB |
URL HTTP/2www.safierussellcpa.com/v1/track_capi?page_key=xum3fp2h74f4kofy&location=https://www.safierussellcpa.com/12-write-offs&referrer= IP104.16.15.194:0
Hash466b03e326db74434ff3953d4ef3cbb0 e2c70562161995043fab7f8be0d0eecb55571703 1a340003e281d0c61f7afc21b1f045725ca201b826902e830c80e2c485c81824
GET /v1/track_capi?page_key=xum3fp2h74f4kofy&location=https://www.safierussellcpa.com/12-write-offs&referrer= HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safierussellcpa.com/12-write-offs
Connection: keep-alive
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=b1e9c10d-aaf9-456d-ae77-a91b8f972d02; addevent_track_cookie=f672f087-c533-4766-8063-68359b54b949; _fbp=fb.1.1669078242393.1651152356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:42 GMT
content-type: text/plain; charset=utf-8
cf-ray: 76ddac27fc95b50b-OSL
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 5fbc7f52fd91fa7c4be1c6254162a5cd
x-runtime: 0.035643
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3701
Expires: Tue, 22 Nov 2022 01:52:24 GMT
Date: Tue, 22 Nov 2022 00:50:43 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3701
Expires: Tue, 22 Nov 2022 01:52:24 GMT
Date: Tue, 22 Nov 2022 00:50:43 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash472ceca597feefba355fbd65998977b7 f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a e201f706ba38f04ef07d74a67eec187ad8b882027b96b0e4e700162f96da422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7751
x-amzn-requestid: 577947ab-4fbe-4b07-944a-2b65cf5ed6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4UE9GJ9IAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63799a1f-1a26961e20c88cd54a613ddb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _uTNBC7xn6_KPmHG3KVP_GwL0xL33XuFWqoAm6zf9LqbjU5qnqCr0Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 03:26:47 GMT
age: 77036
etag: "f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg | 34.120.237.76 | 200 OK | 4.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb52c578c918c74f35f3c0a3f0c5dd2be 39d9b60a2b11b95c0ae37f35deb9a594d8e61d08 48a67feefffe59d04660c0e7de58234f184bded9cbb121da8157387ebd24f8f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: 9e70b9ad-7fb2-4f2d-bc87-d703abeb4888
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I62ERzIAMFcvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeab-6de953ea2d2aee071fea324b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:31 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9mu3P-liZS9j6mn71xiWE2JRWpZHSans7w-zGZVERGs24wxCkfR5Ww==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:57 GMT
etag: "39d9b60a2b11b95c0ae37f35deb9a594d8e61d08"
content-type: image/jpeg
age: 10066
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe5bb00c9b254742a11d702be8af57119 e8969b4e036498b7b2de1c12e3b9181e7443afe8 6577c4bf05ebde80d47002fb4630c145a8220b81aa9d69790b1e0182b9c99c02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10955
x-amzn-requestid: 455b2a98-a843-424d-92fe-13cea7aaa426
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-JLvGMvoAMFgQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bef17-02c2af195b3088e8781f7d65;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y7kRomPA79fXlg0Re4JZbT2F_a9K7YmR6BHd6LqO_bl5knd1iElmeA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:04:59 GMT
age: 9944
etag: "e8969b4e036498b7b2de1c12e3b9181e7443afe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc8f6118fc03f31862ff68fef8a2b9a7f 318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73 cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:48:43 GMT
age: 10920
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash253593d1b3f90aa54d0748688fbb09ac 470c54ca28e1e5c56828c8c7f9849374061f501e d8d331519f526b1117e4f67b0fb5fb46f400a63d1cb5757a3f22201ea70301ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9598
x-amzn-requestid: a713ce94-2441-4288-b6d8-cd6b638274b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IqVGgJoAMFz5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee41-5ed8e45c664203e137f8c92b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mDiJvNjoSqIbYd2Mx4Kv5muJ-g-hehPMyWAjnZuhidG7uEtjdTtTGA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:36:15 GMT
etag: "470c54ca28e1e5c56828c8c7f9849374061f501e"
content-type: image/jpeg
age: 8068
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash528d729159d8b08ed1fe05472dc65ce4 b7d570a7a095e127fd408b8272b93a52c5038b46 d6404764bcc3f2e7c4462b6b31fbc0e315c9cbf51b7424194c2bc6f4a21a33de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9862
x-amzn-requestid: 02281c2f-2a42-4891-97af-8d21a4cd0d2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrJEdYIAMFijQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee47-7c96415239d22bfc219f53f6;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nyT50MW4_CxOyrrPcWgPokRPAoPOH1M21Py4zB5DGlVuFRbk7sr0oQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:01:37 GMT
age: 10146
etag: "b7d570a7a095e127fd408b8272b93a52c5038b46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2436&ck=1&ref=https://www.safierussellcpa.com/12-write-offs&ap=415&be=596&fe=2044&dc=1240&perf=%7B%22timing%22:%7B%22of%22:1669078240451,%22n%22:0,%22f%22:370,%22dn%22:375,%22dne%22:375,%22c%22:375,%22s%22:378,%22ce%22:399,%22rq%22:399,%22rp%22:563,%22rpe%22:573,%22dl%22:577,%22di%22:1221,%22ds%22:1239,%22de%22:1356,%22dc%22:2043,%22l%22:2043,%22le%22:2163%7D,%22navigation%22:%7B%7D%7D&fcp=1011&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 77 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2436&ck=1&ref=https://www.safierussellcpa.com/12-write-offs&ap=415&be=596&fe=2044&dc=1240&perf=%7B%22timing%22:%7B%22of%22:1669078240451,%22n%22:0,%22f%22:370,%22dn%22:375,%22dne%22:375,%22c%22:375,%22s%22:378,%22ce%22:399,%22rq%22:399,%22rp%22:563,%22rpe%22:573,%22dl%22:577,%22di%22:1221,%22ds%22:1239,%22de%22:1356,%22dc%22:2043,%22l%22:2043,%22le%22:2163%7D,%22navigation%22:%7B%7D%7D&fcp=1011&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hashf1442f5831dbbe0210da2d7a4180d6b8 2ade23c6c7a001c66f0c0a9a101ec152747b434e c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2436&ck=1&ref=https://www.safierussellcpa.com/12-write-offs&ap=415&be=596&fe=2044&dc=1240&perf=%7B%22timing%22:%7B%22of%22:1669078240451,%22n%22:0,%22f%22:370,%22dn%22:375,%22dne%22:375,%22c%22:375,%22s%22:378,%22ce%22:399,%22rq%22:399,%22rp%22:563,%22rpe%22:573,%22dl%22:577,%22di%22:1221,%22ds%22:1239,%22de%22:1356,%22dc%22:2043,%22l%22:2043,%22le%22:2163%7D,%22navigation%22:%7B%7D%7D&fcp=1011&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 00:50:43 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76ddac2a8a28b4ee-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=ff39911743c2c779; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| www.safierussellcpa.com/cdn-cgi/rum? | 104.16.15.194 | 204 No Content | 0 B |
URL HTTP/2www.safierussellcpa.com/cdn-cgi/rum? IP104.16.15.194:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 619
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=b1e9c10d-aaf9-456d-ae77-a91b8f972d02; addevent_track_cookie=f672f087-c533-4766-8063-68359b54b949; _fbp=fb.1.1669078242393.1651152356; is_eu=false; xum3fp2h74f4kofy=true; 12090618_viewed_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 22 Nov 2022 00:50:49 GMT
access-control-allow-origin: https://www.safierussellcpa.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 76ddac548aafb50b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/v4-shims.css | 172.64.132.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/v4-shims.css IP172.64.132.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: text/css
x-amz-id-2: lj0FvMnfC9mptRM/Gd0lw9lT7Zj4wo+oaxaEYLcDnZaRJXq3Oc/kbTmcEwen2MxXaG9FhyIrGnI=
x-amz-request-id: 9D38DJ2PTJVFVSCR
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2259570
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHx8KxKneARU9XCBdtCji9rEQ24oje8PoZEQpL6YEAEVKmP%2FWgSySJiWPIHh4wW13lpG5cNkMYB6I%2F1hAG%2Btk0B61tLLS8GfYLS%2BhlgDQmdkosLg9DSD4WfB2CAImZgdFai%2BGSTf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ddac2018d476de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/mailcheck.min.js | 104.16.14.194 | 200 OK | 0 B |
URL HTTP/2app.clickfunnels.com/mailcheck.min.js IP104.16.14.194:0
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: application/x-javascript
cf-ray: 76ddac21aa64b523-OSL
access-control-allow-origin: *
age: 3815
etag: W/"6359dae3-a8d"
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=64eZ.za4DHAkMzhLNTgJCblurDQq5daHgtW_H8H2eBA-1669078241-0-AR/wfVIb5IVwnxcEqilQ/SROjMLehfNCPT2iFK+d9Z3jbO2q/Fm9ItFAHw0OuflXy6Mnohf9rAxAAr/oVb+nF1C9iPBpjuozjDyMHLpJAteb; path=/; expires=Tue, 22-Nov-22 01:20:41 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=7c41cac7-28ab-4173-84b8-771bdd4ddd0c&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs | 104.16.14.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=7c41cac7-28ab-4173-84b8-771bdd4ddd0c&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs IP104.16.14.194:0
GET /userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=7c41cac7-28ab-4173-84b8-771bdd4ddd0c&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: text/html
cf-ray: 76ddac232a120b69-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: dca039d58f725797f80046377f575a87
x-runtime: 0.034061
set-cookie: __cf_bm=ndDkwuaHVxd8yR586gFDA46Pj1SGeDRlFSBlIyCNJxI-1669078241-0-AS4OVJuVLZD04S0iTQcaxaJV9tgcq3hklS5u2pxUtN/xEoo072VWj4w7p2Lc3RDOHOb9P57mEsxkzE7DpSSgs2c6XXKBUhEz+q2NBH7eBYf5; path=/; expires=Tue, 22-Nov-22 01:20:41 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/12-write-offs | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/12-write-offs IP104.16.15.194:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /12-write-offs HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: text/html; charset=utf-8
cf-ray: 76ddac1daef4b50b-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Thu, 27 Oct 2022 20:06:29 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 5348ee59d8a7c409cd9020598c397304095f86f1
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 3d93be758162bcb62420999eb6afea13
x-runtime: 0.408394
set-cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; path=/; expires=Tue, 22-Nov-22 01:20:41 GMT; domain=.www.safierussellcpa.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/assets/lander.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/assets/lander.js IP104.16.15.194:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /assets/lander.js HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: application/x-javascript
cf-ray: 76ddac1f886ab50b-OSL
access-control-allow-origin: *
age: 202
cache-control: public, max-age=1200
etag: W/"6359db3a-2391a3"
expires: Tue, 22 Nov 2022 01:10:41 GMT
last-modified: Thu, 27 Oct 2022 01:13:30 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/vendor.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/vendor.js IP104.16.15.194:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /vendor.js HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: application/javascript
cf-ray: 76ddac22c9e7b50b-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: d86dca9692f923d54f6e943e9145d7da
x-runtime: 0.018971
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/assets/pushcrew.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/assets/pushcrew.js IP104.16.15.194:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /assets/pushcrew.js HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: application/x-javascript
cf-ray: 76ddac1f8871b50b-OSL
access-control-allow-origin: *
cache-control: public, max-age=1200
etag: W/"6359dae3-27d"
expires: Tue, 22 Nov 2022 01:10:41 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/assets/lander.css | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/assets/lander.css IP104.16.15.194:0
GET /assets/lander.css HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: text/css
cf-ray: 76ddac1f685fb50b-OSL
access-control-allow-origin: *
cache-control: public, max-age=1200
etag: W/"6359dae3-6a514"
expires: Tue, 22 Nov 2022 01:10:41 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/images/closemodal.png | 104.16.14.194 | 200 OK | 0 B |
URL HTTP/2app.clickfunnels.com/images/closemodal.png IP104.16.14.194:0
GET /images/closemodal.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Cookie: __cf_bm=64eZ.za4DHAkMzhLNTgJCblurDQq5daHgtW_H8H2eBA-1669078241-0-AR/wfVIb5IVwnxcEqilQ/SROjMLehfNCPT2iFK+d9Z3jbO2q/Fm9ItFAHw0OuflXy6Mnohf9rAxAAr/oVb+nF1C9iPBpjuozjDyMHLpJAteb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:42 GMT
content-type: image/webp
cf-ray: 76ddac27fcd1b523-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2269456
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "63571ab3-314"
expires: Fri, 23 Dec 2022 00:50:42 GMT
last-modified: Mon, 24 Oct 2022 23:07:31 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=859050a3-a29c-4a39-9bb8-5bbf9df6d071&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs | 104.16.14.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=859050a3-a29c-4a39-9bb8-5bbf9df6d071&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs IP104.16.14.194:0
GET /userevents/?funnel_id=K2IrRmRndng3Ym5yNWJ2VnZYV1dTdz09LS1TcVpyOG93RzhGTU9pV0pFeDdnUFVRPT0%3D--13188700c74e5670398757038dbbb12824f6ecdf&page_id=eFI2bFdZZTE3Y1drOGVNMkI4Z1RDdz09LS1Oc2U0UjNCY3VYQUJBWXpqRS9aVkZBPT0%3D--5141a8a23adbb36360e066ff339ce9f4f194fa66&funnel_step_id=MFV6UW9zWjk1Q2tvcjJRbzJ5RGk4QT09LS00Y1hxVFg2YkExcmc0Ykc5RVNLeDBRPT0%3D--8f4d6c2827779789deb81cee230345db25354bbc&user_id=TXF4SEpWR1B6bW4zN2J3NFV2VjR2Zz09LS1Oa1Q5WnhWOTcwT1hUa1owdVN1SklRPT0%3D--1cc8a6fa18cf7df3d13f93bd6e682597b5952efa&account_id=eWZDYlhvd1o3RTRlOGtVOUVqQ3hNQT09LS1SODRpQmxvM2J4RjNXWFNvSmhSME53PT0%3D--cd85b58ceff24a3f43ec07d2f6e0b53089b00fc5&page_code=NTQ1NDIwNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=859050a3-a29c-4a39-9bb8-5bbf9df6d071&url=https%3A%2F%2Fwww.safierussellcpa.com%2F12-write-offs HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: text/html
cf-ray: 76ddac232a140b69-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: dec129bf5c7c49aafa5d8e77df4a8581
x-runtime: 0.032260
set-cookie: __cf_bm=8MK8UM3zKIEv4zplw6_hPTDbIPqsyyA1LNDL8G0mKL4-1669078241-0-AUAYl0TW8BCQZrHdL2TvlthyUeEfSZ3zDYbEfv/KJJWAbD3OYrs/LEnLdYuvJtckLQSzASP6CrtgKY9E+EIXh6E9DgiZIaQG/kYtBpZu7/Kx; path=/; expires=Tue, 22-Nov-22 01:20:41 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/images/background.png?_unique=0.6477395225638027&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.safierussellcpa.com/12-write-offs&_title=%5BFree%20Book%5D%2012%20Overlooked%20Tax%20Write-Offs%7C%20SDR%20Consulting%20Inc.&_key=vdjcof5m&_page_key=xum3fp2h74f4kofy&_fid=12090618&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.safierussellcpa.com/12-write-offs&_referrer= | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/images/background.png?_unique=0.6477395225638027&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.safierussellcpa.com/12-write-offs&_title=%5BFree%20Book%5D%2012%20Overlooked%20Tax%20Write-Offs%7C%20SDR%20Consulting%20Inc.&_key=vdjcof5m&_page_key=xum3fp2h74f4kofy&_fid=12090618&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.safierussellcpa.com/12-write-offs&_referrer= IP104.16.15.194:0
GET /images/background.png?_unique=0.6477395225638027&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.safierussellcpa.com/12-write-offs&_title=%5BFree%20Book%5D%2012%20Overlooked%20Tax%20Write-Offs%7C%20SDR%20Consulting%20Inc.&_key=vdjcof5m&_page_key=xum3fp2h74f4kofy&_fid=12090618&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.safierussellcpa.com/12-write-offs&_referrer= HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ1NDIwNzc=:visited=true; cf:visitor_id=b1e9c10d-aaf9-456d-ae77-a91b8f972d02; addevent_track_cookie=f672f087-c533-4766-8063-68359b54b949; _fbp=fb.1.1669078242393.1651152356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:42 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 76ddac280cbfb50b-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: d03b743f44ae4e7acb72ca42650d107e
x-runtime: 0.022448
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.safierussellcpa.com/assets/userevents/application.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2www.safierussellcpa.com/assets/userevents/application.js IP104.16.15.194:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /assets/userevents/application.js HTTP/1.1
Host: www.safierussellcpa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.safierussellcpa.com/12-write-offs
Cookie: __cf_bm=9.jt1nna5rRffPprCfxIfqn6uXZrpHUmdlGVnqk0uPE-1669078241-0-AR9hfKvETc13rLTs8tTCtIjxq4ft2xS+E40SaM/rIbaIvuUKqX21NpgiwoKic0W4wcmnAkOAg/lSBZt36uoQCPcj2COzkEI3Qlr+bmujDVzQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: application/x-javascript
cf-ray: 76ddac1f7866b50b-OSL
access-control-allow-origin: *
age: 494
cache-control: public, max-age=1200
etag: W/"6359dae3-147c"
expires: Tue, 22 Nov 2022 01:10:41 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 | 104.16.57.101 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.safierussellcpa.com
Connection: keep-alive
Referer: https://www.safierussellcpa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 00:50:41 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ddac200e37b527-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|