Submitted URL: http://www.myspeedytax.com/
Effective URL: https://askrfg.com/taxes/
Submission Tags: @phish_report
Submission: On October 14 via api from FI — Scanned from FI

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 67 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is askrfg.com.
TLS certificate: Issued by E6 on October 14th 2024. Valid for: 3 months.
This is the only time askrfg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 38 141.193.213.10 209242 (CLOUDFLAR...)
1 1 141.193.213.11 209242 (CLOUDFLAR...)
3 104.18.142.119 13335 (CLOUDFLAR...)
2 104.16.138.209 13335 (CLOUDFLAR...)
2 216.58.206.72 15169 (GOOGLE)
1 104.19.175.188 13335 (CLOUDFLAR...)
1 104.16.77.142 13335 (CLOUDFLAR...)
1 104.16.160.168 13335 (CLOUDFLAR...)
1 172.64.147.16 13335 (CLOUDFLAR...)
2 104.16.108.254 13335 (CLOUDFLAR...)
3 104.16.118.116 13335 (CLOUDFLAR...)
2 142.250.186.78 15169 (GOOGLE)
1 18.245.60.17 16509 (AMAZON-02)
4 104.18.80.204 13335 (CLOUDFLAR...)
2 142.250.74.202 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
3 104.16.117.116 13335 (CLOUDFLAR...)
67 17
Apex Domain
Subdomains
Transfer
37 askrfg.com
askrfg.com
3 MB
6 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 5132
app.hubspot.com — Cisco Umbrella Rank: 5859
track.hubspot.com — Cisco Umbrella Rank: 2324
4 KB
5 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4621
forms-na1.hsforms.com — Cisco Umbrella Rank: 7161
9 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
3 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6770
157 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
849 B
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4567
forms.hscollectedforms.net — Cisco Umbrella Rank: 4719
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
176 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2500
js-na1.hs-scripts.com — Cisco Umbrella Rank: 6488
2 KB
2 myspeedytax.com
www.myspeedytax.com
myspeedytax.com
614 B
1 callrail.com
cdn.callrail.com — Cisco Umbrella Rank: 9316
576 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2172
26 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2191
25 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5048
26 KB
67 14
Domain Requested by
37 askrfg.com askrfg.com
4 forms-na1.hsforms.com askrfg.com
3 track.hubspot.com
3 js.hsforms.net askrfg.com
js.hsforms.net
2 fonts.googleapis.com js.hsforms.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 api.hubspot.com js.usemessages.com
2 www.googletagmanager.com askrfg.com
www.google-analytics.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 region1.google-analytics.com www.googletagmanager.com
1 app.hubspot.com js.usemessages.com
1 cdn.callrail.com www.googletagmanager.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 forms.hsforms.com js.hsforms.net
1 js.hs-scripts.com askrfg.com
1 myspeedytax.com 1 redirects
1 www.myspeedytax.com 1 redirects
67 21

This site contains links to these domains. Also see Links.

Domain
myspeedytax.clientportal.com
leadtoconversion.com
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
askrfg.com
E6
2024-10-14 -
2025-01-12
3 months crt.sh
hsforms.net
WE1
2024-10-09 -
2025-01-07
3 months crt.sh
hs-scripts.com
WE1
2024-09-26 -
2024-12-25
3 months crt.sh
*.google-analytics.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
hsforms.com
WE1
2024-10-10 -
2025-01-08
3 months crt.sh
usemessages.com
WE1
2024-10-06 -
2025-01-04
3 months crt.sh
hs-analytics.net
WE1
2024-10-07 -
2025-01-05
3 months crt.sh
hs-banner.com
WE1
2024-09-24 -
2024-12-23
3 months crt.sh
hscollectedforms.net
WE1
2024-09-22 -
2024-12-21
3 months crt.sh
hubspot.com
WE1
2024-10-03 -
2025-01-01
3 months crt.sh
swappy.callrail.com
Amazon RSA 2048 M03
2024-06-10 -
2025-07-09
a year crt.sh
upload.video.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh

This page contains 4 frames:

Primary Page: https://askrfg.com/taxes/
Frame ID: BFD9403A881D4A4E144B0CBB0A411D52
Requests: 65 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/shell.js
Frame ID: C4B3785DF86B28041F5D00E09E96E267
Requests: 2 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/20301640/threads/utk/ff44606c1a354506af737fea7badab60?uuid=0b4a39faef6a4464a69dae36328e80e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=askrfg.com&inApp53=false&messagesUtk=ff44606c1a354506af737fea7badab60&url=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: 0DEBEA25EC8397BC1B411DF067F54AE3
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/shell.js
Frame ID: 13641BCDCECB776E9ADF94572812530A
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Home | Speedy Tax Service

Page URL History Show full URLs

  1. http://www.myspeedytax.com/ HTTP 307
    https://www.myspeedytax.com/ HTTP 307
    http://www.myspeedytax.com/ HTTP 307
    https://www.myspeedytax.com/ HTTP 301
    http://myspeedytax.com/ HTTP 307
    https://myspeedytax.com/ HTTP 307
    http://myspeedytax.com/ HTTP 301
    https://askrfg.com/taxes/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics


Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

99 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

17
IPs

2
Countries

3096 kB
Transfer

6779 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.myspeedytax.com/ HTTP 307
    https://www.myspeedytax.com/ HTTP 307
    http://www.myspeedytax.com/ HTTP 307
    https://www.myspeedytax.com/ HTTP 301
    http://myspeedytax.com/ HTTP 307
    https://myspeedytax.com/ HTTP 307
    http://myspeedytax.com/ HTTP 301
    https://askrfg.com/taxes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
askrfg.com/taxes/
Redirect Chain
  • http://www.myspeedytax.com/
  • https://www.myspeedytax.com/
  • http://www.myspeedytax.com/
  • https://www.myspeedytax.com/
  • http://myspeedytax.com/
  • https://myspeedytax.com/
  • http://myspeedytax.com/
  • https://askrfg.com/taxes/
74 KB
15 KB
Document
General
Full URL
https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
a6eb20fa7f58691a1657719f8e2973f14f469b20192d7977fff5c9c02a8a10e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d2979ff7c838d6d-HEL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 18:01:49 GMT
link
<https://askrfg.com/taxes/wp-json/>; rel="https://api.w.org/" <https://askrfg.com/taxes/wp-json/wp/v2/pages/18685>; rel="alternate"; title="JSON"; type="application/json" <https://askrfg.com/taxes/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
MISS
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
8d2979d9ef728d79-HEL
Connection
keep-alive
Content-Type
text/html
Date
Mon, 14 Oct 2024 18:01:40 GMT
Location
https://askrfg.com/taxes/
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
admin-ajax.php
askrfg.com/taxes/wp-admin/
146 KB
25 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-admin/admin-ajax.php?action=frmpro_css&ver=1301454
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
48dbdddc779e06c8a8ea0defa52595d9fc307349744f2f8a6b0973d78263c81e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
DYNAMIC
x-pass-why
wp-admin
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
x-cacheable
NO:Passed
alt-svc
h3=":443"; ma=86400
x-cache
MISS
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=0, must-revalidate, private
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d297a1929878d6d-HEL
x-powered-by
WP Engine
server
cloudflare
page-list.css
askrfg.com/taxes/wp-content/plugins/page-list/css/
1 KB
593 B
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/page-list/css/page-list.css?ver=5.7
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df1c78b5de3fbced3280f4f256b2d8812b6e22a73c1a4b92cea4f94e5783c20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d5a6e-4e3"
cf-ray
8d297a1929888d6d-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 18:01:50 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:52:46 GMT
_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css
askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/
1 MB
163 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2181474cb1b4aa79793756df8d744eed2a2ff10b181823683dd96f63e46ed681

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d5b5c-1212e2"
cf-ray
8d297a1929898d6d-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 18:01:50 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:56:44 GMT
style.css
askrfg.com/taxes/wp-content/themes/Avada-Child/
178 B
290 B
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/themes/Avada-Child/style.css?ver=6.6.2
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c01450c66a83a2d0b69d9ed380398cf037cd0527c9f24cc4f258e69b3da9e6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"61016e3e-b2"
cf-ray
8d297a19298a8d6d-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 18:01:50 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Jul 2021 14:48:30 GMT
Speedy-Tax-Logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
14 KB
14 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Speedy-Tax-Logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd75e4ae995198cdc042c0756ece74e2808882951b4e1ed14202e0ae1f2629b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61ba4688-37f9"
cf-ray
8d297a1cae598d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
14329
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
image/png
last-modified
Wed, 15 Dec 2021 19:48:24 GMT
vary
Accept-Encoding
server
cloudflare
shell.js
js.hsforms.net/forms/
484 KB
157 KB
Script
General
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-request-id
9516c3ea-80d2-4bc8-8019-b095596d9050
content-encoding
gzip
cf-cache-status
HIT
etag
W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id
kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
age
331
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ssKbBNrF77cUjX2Hpm1U3AoXpBF7IYZf7jnNSB2BPfFvix3Ts%2F%2FO%2BOOWL3aW3HRlxNPneFfOCNOG24yWE%2F1tsIzWsWNEoAcM3tMC1h%2FWkEQEiVD0pmsGH0GE8elqXGS"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
L2krScuoFFbiG1PmmEMTny_EIrI7gs8pyHfYTemNdb_jukQ6wngrfg==
x-hubspot-correlation-id
9516c3ea-80d2-4bc8-8019-b095596d9050
content-type
application/javascript; charset=utf-8
last-modified
Mon, 30 Sep 2024 16:16:42 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6c6dd6864-hdccc
x-envoy-upstream-service-time
4
x-hs-target-asset
forms-embed/static-1.6227/bundles/project-v2.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Mon, 14 Oct 2024 18:01:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8cfd2930dfda4e19-HEL
via
1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront)
cf-ray
8d297a236a21d98d-HEL
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD61-P1
owl.carousel.min.css
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/assets/owl.carousel.min.css?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d5a6d-d1c"
cf-ray
8d297a214af68d69-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:52:45 GMT
owl.theme.default.min.css
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/assets/
1018 B
648 B
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/assets/owl.theme.default.min.css?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
505fff817f37d43899275853aa6d6f4f3644b6abe2c420ad9cd6caab1ef147cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d5a6d-3fa"
cf-ray
8d297a21bb5f8d69-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:52:45 GMT
logosliderwppublic-dep.min.css
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/css/
60 KB
5 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/css/logosliderwppublic-dep.min.css?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b7bf7927da302b3f049f3059cb10311b524ff714d7eca4dbb679e281f43cb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d5a6d-f105"
cf-ray
8d297a21bb628d69-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:52:45 GMT
style.min.css
askrfg.com/taxes/wp-includes/css/dist/block-library/
110 KB
15 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d59e5-1b72b"
cf-ray
8d297a21bb668d69-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:50:29 GMT
20301640.js
js.hs-scripts.com/
2 KB
1021 B
Script
General
Full URL
https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.65
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.138.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22931798f41481766d3affe69109b9cbfa501fae6cbacacb752c03d9fafa2e6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 18:03:23 GMT
date
Mon, 14 Oct 2024 18:01:53 GMT
x-hubspot-correlation-id
f8feb10f-8b10-4303-8a20-3d633212dd92
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Mon, 14 Oct 2024 18:01:53 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8d297a2a58f78da4-HEL
accept-ranges
bytes
access-control-allow-origin
https://askrfg.com
content-length
656
server
cloudflare
jquery.min.js
askrfg.com/taxes/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://askrfg.com/taxes/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"64ecd5ef-15601"
cf-ray
8d297a21bb6b8d69-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
owl.carousel.js
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/
91 KB
21 KB
Script
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/owl.carousel.js?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ab8ae2581efb90c20445709b7402e82bf74100b1446860305bb5d118917775

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d5a6d-16d00"
cf-ray
8d297a36a9648d69-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:55 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:52:45 GMT
logosliderwppublic-dep.js
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/js/
3 KB
1 KB
Script
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/js/logosliderwppublic-dep.js?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
978f8bcabef11fa12eb0d102b8d0b8ffb9eb4f3223c434c5222ffc16258a73db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d5a6d-b4c"
cf-ray
8d297a7ccd008d69-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:06 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:52:45 GMT
29db1ed636e039b5ef86544c16e624e8.min.js
askrfg.com/taxes/wp-content/uploads/sites/3/fusion-scripts/
518 KB
135 KB
Script
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-scripts/29db1ed636e039b5ef86544c16e624e8.min.js?ver=3.11.10
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05f8bea58ed24a6d84866397c9a5501de21b3a03c2a936fb64091933a9c7208

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
W/"670d5b5d-81847"
cf-ray
8d297a7ccd028d69-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:06 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:56:45 GMT
gtm.js
www.googletagmanager.com/
214 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MT2R79G
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2e65b8fb2c76dbdea7e8a3b051ee510a0d4e46e9917c9ae40f9b08027f6f2f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 14 Oct 2024 18:02:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 18:02:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78751
x-xss-protection
0
server
Google Tag Manager
truncated
/
145 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd4011d3e8db1fb5644c77ed010538e25f693bf80194dedbf922aa7a2b7b3f81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
142 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b03f0da2ffc5d9247e84195447cdd315ef0001a13612224a3366e130a0b7e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
142 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c2d28708e9b0f46c891e19c6d99e5a1fdcbc0dc427b503af47015e70c0fd9a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
148 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f43992d81148f1a926b3e84b79efb1699e37a9979bcda52ce5561454e61d87ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
askrfg.com/taxes/wp-content/uploads/sites/3/fusion-gfonts/
36 KB
36 KB
Font
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-gfonts/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"670d5b5c-8ff0"
cf-ray
8d297a21bb6e8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
36848
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
font/woff2
last-modified
Mon, 14 Oct 2024 17:56:44 GMT
vary
Accept-Encoding
server
cloudflare
fa-solid-900.woff2
askrfg.com/taxes/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://askrfg.com/taxes/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"670d5abb-13184"
cf-ray
8d297a21bb728d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
78212
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
font/woff2
last-modified
Mon, 14 Oct 2024 17:54:03 GMT
vary
Accept-Encoding
server
cloudflare
rP2Wp2ywxg089UriCZaSExd86J3t9jz86MvyyKy58Q.woff2
askrfg.com/taxes/wp-content/uploads/sites/3/fusion-gfonts/
39 KB
39 KB
Font
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-gfonts/rP2Wp2ywxg089UriCZaSExd86J3t9jz86MvyyKy58Q.woff2
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5042714b45298a9022f0f1e03cee6b117bd00104760945d9bfef6f7b9c6a86d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"670d5b5c-9ae8"
cf-ray
8d297a21bb748d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
39656
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:51 GMT
content-type
font/woff2
last-modified
Mon, 14 Oct 2024 17:56:44 GMT
vary
Accept-Encoding
server
cloudflare
json
forms.hsforms.com/embed/v3/form/20301640/35a393e2-bee7-4dcb-b03e-6448dabee29c/
11 KB
4 KB
XHR
General
Full URL
https://forms.hsforms.com/embed/v3/form/20301640/35a393e2-bee7-4dcb-b03e-6448dabee29c/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed8974ee1918ec3c23a3c12f4fd0df0c57ac83459e8aa2e2b8797aeda9efb3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
d117c530-39f9-4c0c-a13d-fc59823bf4f1
access-control-expose-headers
X-Origin-Hublet
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
x-origin-hublet
na1
access-control-allow-methods
OPTIONS, GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 14 Oct 2024 18:01:54 GMT
x-hubspot-correlation-id
d117c530-39f9-4c0c-a13d-fc59823bf4f1
Content-Type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
*
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-df9486764-vvlh7
x-envoy-upstream-service-time
23
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8d297a30bdf070fe-HEL
access-control-allow-origin
https://askrfg.com
x-evy-trace-route-configuration
listener_https/all
Server
cloudflare
x-evy-trace-virtual-host
all
awb-icons.woff
askrfg.com/taxes/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/
20 KB
21 KB
Font
General
Full URL
https://askrfg.com/taxes/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-eca06ce202f967ba96e70e658c5b3439.min.css?ver=3.11.10

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"670d5abb-5194"
cf-ray
8d297a27f9528d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
20884
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:01:52 GMT
content-type
font/woff
last-modified
Mon, 14 Oct 2024 17:54:03 GMT
vary
Accept-Encoding
server
cloudflare
conversations-embed.js
js.usemessages.com/
92 KB
26 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.77.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cab0419b164dcc4f088f1e0a7323a1946392d5fab985bbe28dee6cbd64968bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
15923cfd-be1a-4464-8172-38cd5ba3edbb
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
QAekLcYWw0cej5k03UV_U6bNGaydPrik
etag
W/"cbf40f4d575cea01322e310ad869afde"
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age
367
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
LdofsV5nwSZMNuDZkFWY_lITNaRDOm2DzrvF7AIvJXk3zpsT_rHYPw==
date
Mon, 14 Oct 2024 18:02:07 GMT
x-hubspot-correlation-id
15923cfd-be1a-4464-8172-38cd5ba3edbb
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 14:57:21 UTC
vary
Accept-Encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6c6dd6864-jsvmw
x-envoy-upstream-service-time
2
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18322/bundles/project.js&cfRay=8d0fc28c7f888da4-FRA
via
1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
cf-ray
8d297a837b058d50-HEL
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
conversations-embed/static-1.18322/bundles/project.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
20301640.js
js.hs-analytics.net/analytics/1728928800000/
68 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1728928800000/20301640.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6dff246533a92d5de2c383859ca37b8b1a7a935dda41852213c2c401ad075e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
8f111ea3-eaba-45a3-87c0-a6de2040f883
content-encoding
gzip
cf-cache-status
MISS
etag
W/"cb8102948348b4cca64358d4185940bf"
x-amz-version-id
null
expires
Mon, 14 Oct 2024 18:07:07 GMT
x-evy-trace-listener
listener_https
date
Mon, 14 Oct 2024 18:02:07 GMT
x-hubspot-correlation-id
8f111ea3-eaba-45a3-87c0-a6de2040f883
content-type
text/javascript
last-modified
Tue, 01 Oct 2024 15:52:08 GMT
vary
origin, Accept-Encoding
x-amz-id-2
Qtwgp4SFgMb+ab6mqKvILdxZyQNxPc2stdf2bA+a2hb8ca8gUMf5a5qp7QkbBq44jAJdDvvHR5g=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-jv2nf
x-envoy-upstream-service-time
133
access-control-allow-credentials
false
x-amz-request-id
SRP6QWGE0QSXPBF4
cf-ray
8d297a837b488dc2-HEL
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
banner.js
js.hs-banner.com/v2/20301640/
71 KB
26 KB
Script
General
Full URL
https://js.hs-banner.com/v2/20301640/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.16 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95abdd2060c299adb600ad2eaa669a47e73f4596dc34150237a3020e0ee8adcf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
bbfd6859-b372-4513-981f-2a28227394de
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
MISS
etag
W/"77391d6f9a860c7d3c990247cfca977b"
x-amz-version-id
3.DXwTTM8IfTtlIcFUOn4l6f66mTjoEv
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Mon, 14 Oct 2024 18:07:07 GMT
x-evy-trace-listener
listener_https
date
Mon, 14 Oct 2024 18:02:07 GMT
x-hubspot-correlation-id
bbfd6859-b372-4513-981f-2a28227394de
content-type
text/javascript; charset=UTF-8
last-modified
Fri, 23 Aug 2024 15:13:20 GMT
vary
origin, Accept-Encoding
x-amz-id-2
1vqWiahK3N05PD+Gso79yBXXgUDG567l82GEyugLIUalGz8P3OUUyOkvh1xv8PryZlXAajlLsf8=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-phvh4
x-envoy-upstream-service-time
118
access-control-allow-credentials
true
x-amz-request-id
SRPCSJNAR9KGTXWV
cf-ray
8d297a84db708dd5-HEL
access-control-allow-origin
https://askrfg.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
collectedforms.js
js.hscollectedforms.net/
69 KB
24 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/

Response headers

x-request-id
213d26a1-0cd7-4cf3-a0ea-6ec8354cb2b1
content-encoding
gzip
cf-cache-status
MISS
x-amz-version-id
_vUoUmuymk3IT7Uikz585Nn8PzBEJUsn
etag
W/"216a00fb66fa9b149d5f8b5557f0f563"
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
sy60V9Wfadr8ZALNBUNZ-VF-CAQpvRMsbcxsmtg64Y8aP2AgGRWVnw==
x-hubspot-correlation-id
213d26a1-0cd7-4cf3-a0ea-6ec8354cb2b1
content-type
application/javascript; charset=utf-8
last-modified
Mon, 14 Oct 2024 10:34:35 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7df4f6b649-7m749
x-envoy-upstream-service-time
8
x-hs-target-asset
collected-forms-embed-js/static-1.885/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Mon, 14 Oct 2024 18:02:07 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.885/bundles/project.js&cfRay=8d297a84d8f5d97b-FRA
via
1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
cf-ray
8d297a84d8f5d97b-HEL
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
speedy_taxe_services_billboard-400x597.png
askrfg.com/taxes/wp-content/uploads/sites/3/
292 KB
292 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/speedy_taxe_services_billboard-400x597.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd4d95b17dda195054ce0f48ada0558123f5123b868f7c97fc7f82a147c6305

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b26fa1-48f54"
cf-ray
8d297a852e5a8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
298836
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:07 GMT
content-type
image/png
last-modified
Thu, 09 Dec 2021 21:05:37 GMT
vary
Accept-Encoding
server
cloudflare
office_background.jpg
askrfg.com/taxes/wp-content/uploads/sites/3/
949 KB
949 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/office_background.jpg
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b522635bb6e027716e9f36a73c682792327de8057a27a8b9d359a6a8992f94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b26f8e-ed250"
cf-ray
8d297a852e5c8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
971344
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:07 GMT
content-type
image/jpeg
last-modified
Thu, 09 Dec 2021 21:05:18 GMT
vary
Accept-Encoding
server
cloudflare
shell.js
js.hsforms.net/forms/ Frame C4B3
484 KB
299 B
Script
General
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-request-id
9516c3ea-80d2-4bc8-8019-b095596d9050
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
age
349
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
etag
W/"53fa063fb1734ce6bb187c96e7665972"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FhjTnJixzJYvqFYbmO1TD7GjiHSkU5W%2BY1DpZYNbGV4FlLhm%2BnkXIlpea%2FV4rIPDkx3UF2IBUnnf6V5EZbbEOqHguRtqw9mB3F3vTWnZ0I%2BaUsr1h%2FseT3xjbaKbFAS"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
L2krScuoFFbiG1PmmEMTny_EIrI7gs8pyHfYTemNdb_jukQ6wngrfg==
x-hubspot-correlation-id
9516c3ea-80d2-4bc8-8019-b095596d9050
last-modified
Mon, 30 Sep 2024 16:16:42 UTC
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6c6dd6864-hdccc
x-envoy-upstream-service-time
4
x-hs-target-asset
forms-embed/static-1.6227/bundles/project-v2.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Mon, 14 Oct 2024 18:02:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8cfd2930dfda4e19-HEL
via
1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront)
cf-ray
8d297a902908d98d-HEL
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD61-P1
prev.png
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/img/
1 KB
2 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/img/prev.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
71a3c4b86870ea13d02cd4effc181dfe5b1582109bff2b79a998b64fbdc25e7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"670d5a6d-54a"
cf-ray
8d297a902a6e8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1354
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:09 GMT
content-type
image/png
last-modified
Mon, 14 Oct 2024 17:52:45 GMT
vary
Accept-Encoding
server
cloudflare
next.png
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/img/
1 KB
1 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/img/next.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3616f8f2aa610e535c677b50a8e617ee4168aba7c0c050f0cfac69c4682458

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"670d5a6d-53e"
cf-ray
8d297a917bbe8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1342
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:09 GMT
content-type
image/png
last-modified
Mon, 14 Oct 2024 17:52:45 GMT
vary
Accept-Encoding
server
cloudflare
Cigna_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
81 KB
81 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Cigna_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d9c6d2799fbef992c74e988126a8e771eb66b7aacce0a827cb4c4ee8950a589

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36abb-14265"
cf-ray
8d297a917bc08d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
82533
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:09 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:56:59 GMT
vary
Accept-Encoding
server
cloudflare
Aetna_Logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
17 KB
17 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Aetna_Logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ac25977541c9b191588a32e19d9b256967a91fa5ba37ab3c0fc2b3a6127546

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36aba-44a7"
cf-ray
8d297a917bc38d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
17575
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:09 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:56:58 GMT
vary
Accept-Encoding
server
cloudflare
universal_property.png
askrfg.com/taxes/wp-content/uploads/sites/3/
171 KB
171 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/universal_property.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ec81707706084b796f8a6b460a8c6adac908091560562b9c04404140b9c782

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36ad6-2aadd"
cf-ray
8d297a9fabb68d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
174813
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:12 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:57:26 GMT
vary
Accept-Encoding
server
cloudflare
Unitedhealthcare_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
56 KB
56 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Unitedhealthcare_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
240b6b779c587a067094a65bfc5995cf7e1244a4b59bebd3d78eac0e3758e45e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36ad4-e004"
cf-ray
8d297a9fabb88d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
57348
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:12 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:57:24 GMT
vary
Accept-Encoding
server
cloudflare
Stillwater_logo-1.png
askrfg.com/taxes/wp-content/uploads/sites/3/
94 KB
95 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Stillwater_logo-1.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
042b9af82ca635cf4b2bfc719fe5b19bfdf641658630ead042cd335a285832a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b3963b-179d2"
cf-ray
8d297a9fcbeb8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
96722
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:12 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 18:02:35 GMT
vary
Accept-Encoding
server
cloudflare
Sagesure_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
63 KB
63 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Sagesure_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c43638789e8f3c5918236af062070a3a648c70188587d956194265bdd9a1c1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36ad0-faa3"
cf-ray
8d297a9fcbef8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
64163
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:12 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:57:20 GMT
vary
Accept-Encoding
server
cloudflare
Safeco_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
88 KB
88 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Safeco_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4635b8a968c4eca400e6e2e056250d1f98f514dc46f59f121725396661239c80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36acd-15e80"
cf-ray
8d297a9fec168d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
89728
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:12 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:57:17 GMT
vary
Accept-Encoding
server
cloudflare
Refund-Advantage.png
askrfg.com/taxes/wp-content/uploads/sites/3/
46 KB
46 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Refund-Advantage.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d839b1a8b5db1c4933322e06b71723488b8edf4bb81de5481fa6f90777cc8249

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36aca-b7dd"
cf-ray
8d297aa3a92d8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
47069
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:12 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:57:14 GMT
vary
Accept-Encoding
server
cloudflare
Progressive_Logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
20 KB
20 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Progressive_Logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98636ba901eaab64503a4661fc02b704a9d61cf8e65a33569b3267309952b835

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36ac8-4f09"
cf-ray
8d297aa3a9318d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
20233
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:12 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:57:12 GMT
vary
Accept-Encoding
server
cloudflare
public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=20301640&conversations-embed=static-1.18322&mobile=false&messagesUtk=ff44606c1a354506af737fea7badab60&traceId=ff44606c1a354506af737fea7badab60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://askrfg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://askrfg.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8d297a8bbd678d5e-HEL
content-length
18
content-type
text/plain; charset=utf-8
date
Mon, 14 Oct 2024 18:02:08 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgcIjpNcSm6YYiz1cUjuAMsgPTS6s%2BBpMIHsos2wlZggb5ARdelmyLAnpK9qZ9OpEyDJrKaB2DEeNTxmrC5JQKS2gFAYlNf12OPISrSt%2FS162rkX3TJx8HoSL6Gf2gxJNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-hubspot-correlation-id
d397f56c-d8bd-4a23-80cd-1d9a12b1c352
public
api.hubspot.com/livechat-public/v1/message/
3 KB
2 KB
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=20301640&conversations-embed=static-1.18322&mobile=false&messagesUtk=ff44606c1a354506af737fea7badab60&traceId=ff44606c1a354506af737fea7badab60
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5092dcebffba45141318475b8c9b49fd5500c6ab820cd83485ecdf684793ee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri
https://askrfg.com/taxes/
Referer
https://askrfg.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbhg3PU0OVil79%2FdPGGtAe8Ux0GS4DcQr69aUI4t9Bvw5c%2FWKp2wrsCXtjLIzyh1ZeY0PEuUWdFtXjQ6x48xzleHe%2B6UFOAkVtTATAKsvlGDJMoUU%2BHUi0aKaCrCLdJvAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Mon, 14 Oct 2024 18:02:09 GMT
x-hubspot-correlation-id
4db99638-492b-44b2-bba7-ac15a59aa89a
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8d297a917b2d8d5e-HEL
access-control-allow-origin
https://askrfg.com
content-length
1437
server
cloudflare
json
forms.hscollectedforms.net/collected-forms/v1/config/
133 B
448 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20301640&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e128b3cb61a2fa35c82703a15965e65cf8a7169fa759369da27db1e16e10df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
dcb84401-7856-4693-a617-46c8a61ce911
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Mon, 14 Oct 2024 18:02:08 GMT
x-hubspot-correlation-id
dcb84401-7856-4693-a617-46c8a61ce911
content-type
application/json;charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
*
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7df4f6b649-2hwgm
x-envoy-upstream-service-time
3
cf-ray
8d297a873be2d97b-HEL
access-control-allow-origin
https://askrfg.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2R79G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

content-encoding
gzip
age
2158
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 19:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 17:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
swap.js
cdn.callrail.com/companies/538738154/4fdd39b972488729355d/12/
32 B
576 B
Script
General
Full URL
https://cdn.callrail.com/companies/538738154/4fdd39b972488729355d/12/swap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2R79G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-17.fra60.r.cloudfront.net
Software
/
Resource Hash
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-request-id
f53afe8b-291c-4d36-8cdf-34ce113b2b7e
etag
W/"d18beba8a6db32dd84b24258cf6542ac"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
lZtnbbKnfbcHmsI4_q_VcsUvuwBvlhfyQSXz2PGvutYVtfSyZO8byQ==
date
Mon, 14 Oct 2024 18:02:13 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.006364
x-frame-options
SAMEORIGIN
cache-control
max-age=3600, public
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
content-length
32
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P5
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
708673c5-81f1-4b31-b1fb-efcf91beff43
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 14 Oct 2024 18:02:14 GMT
x-hubspot-correlation-id
708673c5-81f1-4b31-b1fb-efcf91beff43
Content-Type
image/gif
vary
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-df9486764-tg725
x-envoy-upstream-service-time
1
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8d297ab23ca28dad-HEL
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
css2
fonts.googleapis.com/ Frame C4B3
2 KB
849 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=DM%20Sans:wght@400;500;700&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
ESF /
Resource Hash
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 18:02:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 18:02:11 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 16:14:02 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
dd4ccedc-5f85-48c4-bf25-d3b5af21f5fa
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 14 Oct 2024 18:02:14 GMT
x-hubspot-correlation-id
dd4ccedc-5f85-48c4-bf25-d3b5af21f5fa
Content-Type
image/gif
vary
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-df9486764-tg725
x-envoy-upstream-service-time
3
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8d297ab23e538d8d-HEL
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
ff44606c1a354506af737fea7badab60
app.hubspot.com/conversations-visitor/20301640/threads/utk/ Frame 0DEB
0
0
Document
General
Full URL
https://app.hubspot.com/conversations-visitor/20301640/threads/utk/ff44606c1a354506af737fea7badab60?uuid=0b4a39faef6a4464a69dae36328e80e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=askrfg.com&inApp53=false&messagesUtk=ff44606c1a354506af737fea7badab60&url=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Referer
https://askrfg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
age
1013
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
8d297a9fcd518da7-HEL
content-encoding
gzip
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20771/html/index.html&cfRay=8d297a9fcd518da7&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F20301640%2Fthreads%2Futk%2Fff44606c1a354506af737fea7badab60%3Fuuid%3D0b4a39faef6a4464a69dae36328e80e4%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Daskrfg.com%26inApp53%3Dfalse%26messagesUtk%3Dff44606c1a354506af737fea7badab60%26url%3Dhttps%253A%252F%252Faskrfg.com%252Ftaxes%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Faskrfg.com%2F&cfenv=prod&pdt=2024-10-14&csp=ro
content-type
text/html; charset=utf-8
date
Mon, 14 Oct 2024 18:02:11 GMT
etag
W/"6107b2e0da8eeacea45b106b628dbde0"
last-modified
Fri, 11 Oct 2024 14:57:21 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8d297a9fcd518da7&resource=conversations-visitor-ui/static-1.20771/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-amz-cf-id
IAjFvvAHhIJLa4L4NVjGpSTjYMLSnzfyXWj5JIvvxryMdTuN8vFvng==
x-amz-cf-pop
IAD12-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
66Hq1qUDM6LRD_hsc3mLt7jJB29oBPdu
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
8
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7df4f6b649-hbx7k
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.20771/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
f3593aab-11a4-4353-bbdc-d1d7168bfda1
x-request-id
f3593aab-11a4-4353-bbdc-d1d7168bfda1
nationwide-mutual-insurance-logo-1.png
askrfg.com/taxes/wp-content/uploads/sites/3/
30 KB
31 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/nationwide-mutual-insurance-logo-1.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c93b6f332598919109ce6797fe97f20b9ce4b9e879c933726d2981d2f8a1e86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b39627-79f7"
cf-ray
8d297aa79d6b8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
31223
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:13 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 18:02:15 GMT
vary
Accept-Encoding
server
cloudflare
National-General_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
19 KB
19 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/National-General_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcf220777e0b0e9dd452aa722c6c0997f1dc89f833cc75c9901ee70624740d79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b36ac4-4cfb"
cf-ray
8d297aa8eea98d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
19707
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:13 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 14:57:08 GMT
vary
Accept-Encoding
server
cloudflare
collect
www.google-analytics.com/j/
15 B
430 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1576823917&t=pageview&_s=1&dl=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&ul=fi-fi&de=UTF-8&dt=Home%20%7C%20Speedy%20Tax%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=235186241&gjid=1120243746&cid=312814383.1728928934&tid=UA-205429051-1&_gid=2042413302.1728928934&_r=1&_slc=1&gtm=45He4a90n81MT2R79Gv850202114za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&npa=1&z=24081269
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8add98de5ef04b6631832246a7bc7b92fdf893b8749068ccb24956ae7e9a3dc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://askrfg.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 18:02:13 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://askrfg.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/
283 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SQ8W95QY6M&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
59dd1e12096d98cef62c5049f2d03492e50d605843ba8a40752321451d5543f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 18:02:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 18:02:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100355
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SQ8W95QY6M&gtm=45je4a90v9126131349za200&_p=1728928911465&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&ul=fi-fi&sr=1600x1200&cid=312814383.1728928934&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&dt=Home%20%7C%20Speedy%20Tax%20Service&sid=1728928935&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=48265
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SQ8W95QY6M&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://askrfg.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 18:02:16 GMT
content-type
text/plain
server
Golfe2
shell.js
js.hsforms.net/forms/ Frame 1364
484 KB
292 B
Script
General
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-request-id
9516c3ea-80d2-4bc8-8019-b095596d9050
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
age
355
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
etag
W/"53fa063fb1734ce6bb187c96e7665972"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEcmp1CSJiqBiwqDjs%2BJqx4XtUQ%2FtpusnHhdQVylSKe2WLXSGsedWJtvL0YhEExttkZWF2pibObXJnLKA9VE4a7KU7LX7ARb1YsX30QGLqucaYp1cj1RmmoiKWPbLS4X"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
L2krScuoFFbiG1PmmEMTny_EIrI7gs8pyHfYTemNdb_jukQ6wngrfg==
x-hubspot-correlation-id
9516c3ea-80d2-4bc8-8019-b095596d9050
last-modified
Mon, 30 Sep 2024 16:16:42 UTC
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6c6dd6864-hdccc
x-envoy-upstream-service-time
4
x-hs-target-asset
forms-embed/static-1.6227/bundles/project-v2.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Mon, 14 Oct 2024 18:02:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8cfd2930dfda4e19-HEL
via
1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront)
cf-ray
8d297ab7a864d98d-HEL
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD61-P1
Speedy-Tax-Logo@2x.png
askrfg.com/taxes/wp-content/uploads/sites/3/
32 KB
32 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Speedy-Tax-Logo@2x.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e82b6630f239b2a8aef6fa4715550b865ee93d8b9dbdb61bd7e6651d1e32e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61ba4688-8033"
cf-ray
8d297ab7af768d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
32819
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:15 GMT
content-type
image/png
last-modified
Wed, 15 Dec 2021 19:48:24 GMT
vary
Accept-Encoding
server
cloudflare
20301640.js
js-na1.hs-scripts.com/
2 KB
791 B
Script
General
Full URL
https://js-na1.hs-scripts.com/20301640.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1728928800000/20301640.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.138.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22931798f41481766d3affe69109b9cbfa501fae6cbacacb752c03d9fafa2e6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
MISS
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8d297ab7ad058da4-HEL
accept-ranges
bytes
access-control-allow-origin
https://askrfg.com
content-length
656
date
Mon, 14 Oct 2024 18:02:15 GMT
x-hubspot-correlation-id
5be3cd75-3575-4cf8-9d6b-fb10597df45d
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 18:02:15 GMT
__ptq.gif
track.hubspot.com/
45 B
420 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fi-fi&bfp=2643074195&v=1.1&a=20301640&ct=standard-page&rcu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&pu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&t=Home+%7C+Speedy+Tax+Service&cts=1728928935350&vi=9de2f26a39541dcd5c62ed64804d4418&nc=true&u=66923761.9de2f26a39541dcd5c62ed64804d4418.1728928935346.1728928935346.1728928935346.1&b=66923761.1.1728928935346&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
323284d1-164f-43e3-8eee-6523fd5d0711
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGy61b4QoFzF%2FyuJd9Q5kpdWTAj2FdJrDChn1ptp79ezpEfOfanqYd0kemtDkN3Hnp%2FUT3lWe8j%2BWawxbBM0mnvfY3fFBXDHT63I2nVrcXDvwP4sMSrA1Lqbm2lQbSQorvXO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 14 Oct 2024 18:02:16 GMT
x-hubspot-correlation-id
323284d1-164f-43e3-8eee-6523fd5d0711
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-6c8f7f4884-shpjg
x-envoy-upstream-service-time
5
access-control-allow-credentials
false
cf-ray
8d297abb698b8d62-HEL
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track.hubspot.com/
45 B
919 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=35a393e2-bee7-4dcb-b03e-6448dabee29c&fci=c7dd51f4-9aa6-49c5-92bb-1f34b1fc7895&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fi-fi&bfp=2643074195&v=1.1&a=20301640&ct=standard-page&rcu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&pu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&t=Home+%7C+Speedy+Tax+Service&cts=1728928935355&vi=9de2f26a39541dcd5c62ed64804d4418&nc=true&u=66923761.9de2f26a39541dcd5c62ed64804d4418.1728928935346.1728928935346.1728928935346.1&b=66923761.1.1728928935346&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
9f44af17-cb00-4b55-b07e-7a36f165f826
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbmOY7I9IWB0FwzrDncrhxqriUFlUKOcDxytzmVyESM5zf%2Bz0iOHSwyeLd5V2KaWDHyodCIISVeMHyin0hr%2FAAm4qpbfVhzA1oXmeHdJX25E88AJWYXlW%2Brb2jIjSaeUqYr6"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 14 Oct 2024 18:02:16 GMT
x-hubspot-correlation-id
9f44af17-cb00-4b55-b07e-7a36f165f826
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-6c8f7f4884-hvsjt
x-envoy-upstream-service-time
5
access-control-allow-credentials
false
cf-ray
8d297abb69918d62-HEL
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
Mercury_logonew.png
askrfg.com/taxes/wp-content/uploads/sites/3/
21 KB
22 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Mercury_logonew.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68426a5757a2c5e2836ad34baa2e1722864d6381054606e3d7fbf22649a8ee4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b3b7af-5579"
cf-ray
8d297aba6aad8d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21881
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:16 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 20:25:19 GMT
vary
Accept-Encoding
server
cloudflare
Speedy-Tax-service-icon.png
askrfg.com/taxes/wp-content/uploads/sites/3/
4 KB
4 KB
Other
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Speedy-Tax-service-icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b599943377e8bf78fec154359826b4ee8cea39190d9cc1bf17df6fb88ece6e68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61c2151a-f41"
cf-ray
8d297ab7af788d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
3905
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:15 GMT
content-type
image/png
last-modified
Tue, 21 Dec 2021 17:55:38 GMT
vary
Accept-Encoding
server
cloudflare
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
944 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
cc8573a6-95bf-45ab-b58d-388a85deaccf
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 14 Oct 2024 18:02:16 GMT
x-hubspot-correlation-id
cc8573a6-95bf-45ab-b58d-388a85deaccf
Content-Type
image/gif
vary
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-df9486764-s7h2c
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8d297abc6ea88dad-HEL
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
css2
fonts.googleapis.com/ Frame 1364
2 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=DM%20Sans:wght@400;500;700&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
ESF /
Resource Hash
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 18:02:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 18:02:11 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 16:14:02 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
__ptq.gif
track.hubspot.com/
45 B
736 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=35a393e2-bee7-4dcb-b03e-6448dabee29c&fci=c7dd51f4-9aa6-49c5-92bb-1f34b1fc7895&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fi-fi&bfp=2643074195&v=1.1&a=20301640&ct=standard-page&rcu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&pu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&t=Home+%7C+Speedy+Tax+Service&cts=1728928936036&vi=9de2f26a39541dcd5c62ed64804d4418&nc=true&u=66923761.9de2f26a39541dcd5c62ed64804d4418.1728928935346.1728928935346.1728928935346.1&b=66923761.1.1728928935346&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
2dac56ca-e27e-445f-b248-0d8d2c2fd189
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmO%2BFwA0kDKmjWDkQUAdSjQpHjNwveY%2B6JMGWEhwrXBhN8LeRbPcC5HZmKwMStP6s%2FQnlKrCigD%2FISUUKqQRwwywWaufc3FyRfsus6jKlKMgZU0tMD83gjlIr3T4qmt7cPqR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 14 Oct 2024 18:02:16 GMT
x-hubspot-correlation-id
2dac56ca-e27e-445f-b248-0d8d2c2fd189
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-6c8f7f4884-l8phn
x-envoy-upstream-service-time
5
access-control-allow-credentials
false
cf-ray
8d297abb698f8d62-HEL
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
944 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
c461cd94-e24e-4e71-9b78-38538330b037
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 14 Oct 2024 18:02:16 GMT
x-hubspot-correlation-id
c461cd94-e24e-4e71-9b78-38538330b037
Content-Type
image/gif
vary
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-df9486764-sddc2
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8d297abef8cd8dad-HEL
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
Kemper_logonew.png
askrfg.com/taxes/wp-content/uploads/sites/3/
35 KB
35 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Kemper_logonew.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3d068683bdec7ee04b6ab42b4cf7815d21d7c25e93ac146d65ceec2145b2d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"61b3b7b1-8b12"
cf-ray
8d297abd7e428d69-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
35602
server-timing
cfExtPri
date
Mon, 14 Oct 2024 18:02:16 GMT
content-type
image/png
last-modified
Fri, 10 Dec 2021 20:25:21 GMT
vary
Accept-Encoding
server
cloudflare
Humana_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
askrfg.com
URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Humana_logo.png

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _hsq object| dataLayer object| doc object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| leadin_wordpress object| _hsp function| jQuery object| logosliderwp object| cssua object| fusionJSVars object| fusion function| Swiper object| fusionLightboxVideoVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| fusionInitTooltips object| fusionTimeout function| registerYoutubePlayers function| onPlayerReady function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| ytVidId function| insertParam function| fusionYouTubeTimeout function| onYouTubeIframeAPIReady function| checkHoverTouchState function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionFlexSliderStrToBool object| fusionAnimationsVars function| fusionSetAnimationData function| getScrollBarWidth object| fusionTabVars function| fusionInitStickyTabs object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| fusionIsWholeElementInViewport function| initSwiperScrollingSection function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| awbScrollToTarget object| fusionVideoVars function| fusionInitStickyColumns object| html5 object| Modernizr object| browserPrefixes object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances function| onYouTubePlayerAPIReady function| YTReady object| lazySizes object| awb_oc_timeouts object| awbOffCanvas object| awbAnimationObservers function| awbScrollSpy string| responsiveTypeElements string| fusionBaseFontSize number| _fusionWindowHeight number| _fusionWindowWidth boolean| hubspot_live_messages_running object| HubSpotConversations object| __hsCollectedFormsDebug function| sanitizeKey boolean| _hstc_loaded object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| gaplugins object| gaGlobal object| gaData object| fusionVimeoPlayers number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $stickyTrigger_position number| sticky_header_type number| $site_width number| $standardLogoHeight number| $logoMarginTop number| $logoMarginBottom number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

14 Cookies

Domain/Path Name / Value
.hsforms.net/ Name: __cf_bm
Value: .R06ItuQ3rXKBes_diFAYjX.aU8KKQSSWIKx555B5uQ-1728928911-1.0.1.1-VNY.utZ9dQVuQqndGpezN0nzGKJ4ZtKiZVObjyoV_vy0rSah2fxK2b4Ce32bRb_3.HdoaXlHb9IbjEkqeeKmQg
.askrfg.com/ Name: _ga
Value: GA1.2.312814383.1728928934
.askrfg.com/ Name: _gid
Value: GA1.2.2042413302.1728928934
.askrfg.com/ Name: _gat_UA-205429051-1
Value: 1
.hsforms.com/ Name: __cf_bm
Value: EX39JasYz9roMCV3WZ6QgDTo1wIkol4713zwCHZ1hBY-1728928934-1.0.1.1-FcpsAnMd8w40zXquwGUWAK4qVL9LtKYGnUd_fjyk8BU.0a2ZtnOfGaD2fizcJ3MGg8Fm4.gLkMWlstUBps63bA
.hsforms.com/ Name: _cfuvid
Value: X9v8.ahd0UNbbqVk80ZHp_v.g6ruhjbsFRwa02dwH3M-1728928934879-0.0.1.1-604800000
.askrfg.com/ Name: _ga_SQ8W95QY6M
Value: GS1.2.1728928935.1.0.1728928935.0.0.0
askrfg.com/ Name: __hstc
Value: 66923761.9de2f26a39541dcd5c62ed64804d4418.1728928935346.1728928935346.1728928935346.1
askrfg.com/ Name: hubspotutk
Value: 9de2f26a39541dcd5c62ed64804d4418
askrfg.com/ Name: __hssrc
Value: 1
askrfg.com/ Name: __hssc
Value: 66923761.1.1728928935346
.hubspot.com/ Name: __cf_bm
Value: BCj4mFcNOlA9NqNsfukHPZPJEIMZrom_KrE1YTSpKyI-1728928936-1.0.1.1-KeIKfD_wNZeBEIvieBLnGGr.UTrz.IOKFbDQFYhcnkt3TdZo5F56C7d0l6J9gNDawbFMM.EkX6BrqJ1QUV4Q5A
.hubspot.com/ Name: _cfuvid
Value: HlWeuB..nq80xh_fEOOKVE6f.D9P0buLVfab9WwG3F4-1728928936748-0.0.1.1-604800000
.nr-data.net/ Name: JSESSIONID
Value: 3bbea5f90231e037

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
askrfg.com
cdn.callrail.com
fonts.googleapis.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
myspeedytax.com
region1.google-analytics.com
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.myspeedytax.com
askrfg.com
104.16.108.254
104.16.117.116
104.16.118.116
104.16.138.209
104.16.160.168
104.16.77.142
104.18.142.119
104.18.80.204
104.19.175.188
141.193.213.10
141.193.213.11
142.250.186.78
142.250.74.202
172.64.147.16
18.245.60.17
216.239.32.36
216.58.206.72
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
042b9af82ca635cf4b2bfc719fe5b19bfdf641658630ead042cd335a285832a8
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
0c43638789e8f3c5918236af062070a3a648c70188587d956194265bdd9a1c1b
1a6dff246533a92d5de2c383859ca37b8b1a7a935dda41852213c2c401ad075e
1d9c6d2799fbef992c74e988126a8e771eb66b7aacce0a827cb4c4ee8950a589
1dd4d95b17dda195054ce0f48ada0558123f5123b868f7c97fc7f82a147c6305
1ed8974ee1918ec3c23a3c12f4fd0df0c57ac83459e8aa2e2b8797aeda9efb3d
2181474cb1b4aa79793756df8d744eed2a2ff10b181823683dd96f63e46ed681
22931798f41481766d3affe69109b9cbfa501fae6cbacacb752c03d9fafa2e6e
240b6b779c587a067094a65bfc5995cf7e1244a4b59bebd3d78eac0e3758e45e
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
2c2d28708e9b0f46c891e19c6d99e5a1fdcbc0dc427b503af47015e70c0fd9a5
2cab0419b164dcc4f088f1e0a7323a1946392d5fab985bbe28dee6cbd64968bc
2df1c78b5de3fbced3280f4f256b2d8812b6e22a73c1a4b92cea4f94e5783c20
2e3d068683bdec7ee04b6ab42b4cf7815d21d7c25e93ac146d65ceec2145b2d5
2e65b8fb2c76dbdea7e8a3b051ee510a0d4e46e9917c9ae40f9b08027f6f2f18
3b03f0da2ffc5d9247e84195447cdd315ef0001a13612224a3366e130a0b7e87
4635b8a968c4eca400e6e2e056250d1f98f514dc46f59f121725396661239c80
48dbdddc779e06c8a8ea0defa52595d9fc307349744f2f8a6b0973d78263c81e
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
4c01450c66a83a2d0b69d9ed380398cf037cd0527c9f24cc4f258e69b3da9e6b
5042714b45298a9022f0f1e03cee6b117bd00104760945d9bfef6f7b9c6a86d4
505fff817f37d43899275853aa6d6f4f3644b6abe2c420ad9cd6caab1ef147cb
57b7bf7927da302b3f049f3059cb10311b524ff714d7eca4dbb679e281f43cb7
58e82b6630f239b2a8aef6fa4715550b865ee93d8b9dbdb61bd7e6651d1e32e2
59dd1e12096d98cef62c5049f2d03492e50d605843ba8a40752321451d5543f0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71a3c4b86870ea13d02cd4effc181dfe5b1582109bff2b79a998b64fbdc25e7a
7c93b6f332598919109ce6797fe97f20b9ce4b9e879c933726d2981d2f8a1e86
8add98de5ef04b6631832246a7bc7b92fdf893b8749068ccb24956ae7e9a3dc6
93ab8ae2581efb90c20445709b7402e82bf74100b1446860305bb5d118917775
95abdd2060c299adb600ad2eaa669a47e73f4596dc34150237a3020e0ee8adcf
978f8bcabef11fa12eb0d102b8d0b8ffb9eb4f3223c434c5222ffc16258a73db
98636ba901eaab64503a4661fc02b704a9d61cf8e65a33569b3267309952b835
a0b522635bb6e027716e9f36a73c682792327de8057a27a8b9d359a6a8992f94
a4ec81707706084b796f8a6b460a8c6adac908091560562b9c04404140b9c782
a6eb20fa7f58691a1657719f8e2973f14f469b20192d7977fff5c9c02a8a10e2
ad3616f8f2aa610e535c677b50a8e617ee4168aba7c0c050f0cfac69c4682458
b599943377e8bf78fec154359826b4ee8cea39190d9cc1bf17df6fb88ece6e68
bbd75e4ae995198cdc042c0756ece74e2808882951b4e1ed14202e0ae1f2629b
c05f8bea58ed24a6d84866397c9a5501de21b3a03c2a936fb64091933a9c7208
c3ac25977541c9b191588a32e19d9b256967a91fa5ba37ab3c0fc2b3a6127546
c68426a5757a2c5e2836ad34baa2e1722864d6381054606e3d7fbf22649a8ee4
ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d839b1a8b5db1c4933322e06b71723488b8edf4bb81de5481fa6f90777cc8249
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf220777e0b0e9dd452aa722c6c0997f1dc89f833cc75c9901ee70624740d79
dd4011d3e8db1fb5644c77ed010538e25f693bf80194dedbf922aa7a2b7b3f81
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e4e128b3cb61a2fa35c82703a15965e65cf8a7169fa759369da27db1e16e10df
e5092dcebffba45141318475b8c9b49fd5500c6ab820cd83485ecdf684793ee4
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f43992d81148f1a926b3e84b79efb1699e37a9979bcda52ce5561454e61d87ef
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6