Submitted URL: http://myspeedytax.com/
Effective URL: https://askrfg.com/taxes/
Submission Tags: @phish_report
Submission: On December 01 via api from FI — Scanned from FI

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 66 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is askrfg.com.
TLS certificate: Issued by E6 on October 14th 2024. Valid for: 3 months.
This is the only time askrfg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 141.193.213.10 209242 (CLOUDFLAR...)
37 141.193.213.11 209242 (CLOUDFLAR...)
3 104.18.141.119 13335 (CLOUDFLAR...)
2 104.16.139.209 13335 (CLOUDFLAR...)
2 216.58.206.72 15169 (GOOGLE)
5 104.19.175.188 13335 (CLOUDFLAR...)
1 172.64.147.16 13335 (CLOUDFLAR...)
2 104.16.109.254 13335 (CLOUDFLAR...)
1 104.16.75.142 13335 (CLOUDFLAR...)
1 104.17.175.201 13335 (CLOUDFLAR...)
2 216.239.38.178 15169 (GOOGLE)
1 18.245.46.112 16509 (AMAZON-02)
2 142.250.185.74 15169 (GOOGLE)
3 104.16.117.116 13335 (CLOUDFLAR...)
1 216.239.32.36 15169 (GOOGLE)
3 104.16.118.116 13335 (CLOUDFLAR...)
66 16
Apex Domain
Subdomains
Transfer
37 askrfg.com
askrfg.com
2 MB
6 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 5268
app.hubspot.com — Cisco Umbrella Rank: 5921
track.hubspot.com — Cisco Umbrella Rank: 2477
5 KB
5 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4839
forms-na1.hsforms.com — Cisco Umbrella Rank: 7269
9 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
22 KB
3 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6979
157 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
907 B
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4811
forms.hscollectedforms.net — Cisco Umbrella Rank: 4960
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
180 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2580
js-na1.hs-scripts.com — Cisco Umbrella Rank: 6680
2 KB
1 callrail.com
cdn.callrail.com — Cisco Umbrella Rank: 10001
577 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2358
25 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5194
27 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
26 KB
1 myspeedytax.com
myspeedytax.com
324 B
66 14
Domain Requested by
37 askrfg.com askrfg.com
4 forms-na1.hsforms.com askrfg.com
3 track.hubspot.com
3 js.hsforms.net askrfg.com
js.hsforms.net
2 api.hubspot.com js.usemessages.com
2 fonts.googleapis.com js.hsforms.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com askrfg.com
www.google-analytics.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 region1.google-analytics.com www.googletagmanager.com
1 app.hubspot.com js.usemessages.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 cdn.callrail.com www.googletagmanager.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 forms.hsforms.com js.hsforms.net
1 js.hs-scripts.com askrfg.com
1 myspeedytax.com 1 redirects
66 20

This site contains links to these domains. Also see Links.

Domain
myspeedytax.clientportal.com
leadtoconversion.com
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
askrfg.com
E6
2024-10-14 -
2025-01-12
3 months crt.sh
hsforms.net
WE1
2024-10-09 -
2025-01-07
3 months crt.sh
hs-scripts.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
hsforms.com
WE1
2024-10-10 -
2025-01-08
3 months crt.sh
hs-banner.com
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
hscollectedforms.net
WE1
2024-11-20 -
2025-02-18
3 months crt.sh
usemessages.com
WE1
2024-10-06 -
2025-01-04
3 months crt.sh
hs-analytics.net
WE1
2024-10-07 -
2025-01-05
3 months crt.sh
swappy.callrail.com
Amazon RSA 2048 M03
2024-06-10 -
2025-07-09
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
hubspot.com
WE1
2024-11-30 -
2025-02-28
3 months crt.sh

This page contains 4 frames:

Primary Page: https://askrfg.com/taxes/
Frame ID: 148C0A7275C2E203216F58F46A6BCB6B
Requests: 64 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/shell.js
Frame ID: 7EA47CB8F4859BB43E10A46A8F10AFB2
Requests: 2 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/20301640/threads/utk/fe6912511697472fa0e66e1a456c9ca2?uuid=1dd9952af6ea43239eab37273bf078ba&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=askrfg.com&inApp53=false&messagesUtk=fe6912511697472fa0e66e1a456c9ca2&url=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: DC92F6D04C478073720B08CA2AC0A965
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/shell.js
Frame ID: 4527565C03C2F7E1A3DF1C21E34CBAE9
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Home | Speedy Tax Service

Page URL History Show full URLs

  1. http://myspeedytax.com/ HTTP 307
    https://myspeedytax.com/ HTTP 301
    https://askrfg.com/taxes/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics


Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

16
IPs

2
Countries

2477 kB
Transfer

6025 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://myspeedytax.com/ HTTP 307
    https://myspeedytax.com/ HTTP 301
    https://askrfg.com/taxes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
askrfg.com/taxes/
Redirect Chain
  • http://myspeedytax.com/
  • https://myspeedytax.com/
  • https://askrfg.com/taxes/
65 KB
13 KB
Document
General
Full URL
https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
2864c11779d941a4546446bdf30b3a528e36ce24906409fbe32ac97d1c704229

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8eb23d8d4d658d8f-HEL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 01 Dec 2024 10:02:14 GMT
link
<https://askrfg.com/taxes/wp-json/>; rel="https://api.w.org/" <https://askrfg.com/taxes/wp-json/wp/v2/pages/18685>; rel="alternate"; title="JSON"; type="application/json" <https://askrfg.com/taxes/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb23d86bd118d77-HEL
content-type
text/html
date
Sun, 01 Dec 2024 10:02:13 GMT
location
https://askrfg.com/taxes/
server
cloudflare
admin-ajax.php
askrfg.com/taxes/wp-admin/
144 KB
25 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-admin/admin-ajax.php?action=frmpro_css&ver=10141802
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
ca3acff6a38f62aa27ef1bca42f2da8ac8d9b73a55b071e7d8b13c40ba782417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
DYNAMIC
x-pass-why
wp-admin
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
x-cacheable
NO:Passed
alt-svc
h3=":443"; ma=86400
x-cache
MISS
date
Sun, 01 Dec 2024 10:02:20 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=0, must-revalidate, private
referrer-policy
strict-origin-when-cross-origin
cf-ray
8eb23d957b8d8d8f-HEL
x-powered-by
WP Engine
server
cloudflare
page-list.css
askrfg.com/taxes/wp-content/plugins/page-list/css/
1 KB
593 B
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/page-list/css/page-list.css?ver=5.7
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df1c78b5de3fbced3280f4f256b2d8812b6e22a73c1a4b92cea4f94e5783c20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670d5a6e-4e3"
cf-ray
8eb23d957b8e8d8f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:52:46 GMT
_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css
askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/
1 MB
157 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2353125b54dbbcb77c9cc6d61a9343ec136f2101a7a9d3224d08b12e7ab5e87f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670d5d51-117b84"
cf-ray
8eb23d957b8f8d8f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 18:05:05 GMT
style.css
askrfg.com/taxes/wp-content/themes/Avada-Child/
178 B
289 B
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/themes/Avada-Child/style.css?ver=6.7
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c01450c66a83a2d0b69d9ed380398cf037cd0527c9f24cc4f258e69b3da9e6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"61016e3e-b2"
cf-ray
8eb23d957b908d8f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 28 Jul 2021 14:48:30 GMT
Speedy-Tax-Logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
7 KB
8 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Speedy-Tax-Logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c62806025dc31d0a68e0127054b3bbf25ab3bf5bf2eab78a4bfe5f4094f483f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61ba4688-37f9"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=14329
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:15 GMT
content-type
image/webp
content-disposition
inline; filename="Speedy-Tax-Logo.webp"
vary
Accept
last-modified
Wed, 15 Dec 2021 19:48:24 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23d97ee1f376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
7536
server
cloudflare
shell.js
js.hsforms.net/forms/
484 KB
157 KB
Script
General
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-request-id
bba7f4e7-de61-4a5c-a7e5-051f4fd1f305
content-encoding
gzip
cf-cache-status
HIT
etag
W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id
kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
age
171
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8p6t9Cc%2BlmF1JFD1BVpYKP60w6xa92iXhM%2Bjz8A4T6oIRSm93nuiwIhvlbGnlJeIuuZXNUoKQc3%2F9fuRyVynow%2Fqqy2I78C8en9M0lzJrjlnlwibO8FPrcZt%2F9lAnVu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
d4e2Fod2Wbl7R_q1dtWhlmiYpvV59Lr8hRhy7uUV_2iOAa3EEH_xRQ==
x-hubspot-correlation-id
bba7f4e7-de61-4a5c-a7e5-051f4fd1f305
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 17:07:16 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-7zwm9
x-envoy-upstream-service-time
3
x-hs-target-asset
forms-embed/static-1.6227/bundles/project-v2.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Sun, 01 Dec 2024 10:02:16 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8eb239704c8a4e21-AMS
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-ray
8eb23d9ef944f5c1-AMS
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
owl.carousel.min.css
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/assets/owl.carousel.min.css?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"672b5276-d1c"
cf-ray
8eb23d9c88db376f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:16 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Nov 2024 11:26:46 GMT
owl.theme.default.min.css
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/assets/
1018 B
628 B
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/assets/owl.theme.default.min.css?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505fff817f37d43899275853aa6d6f4f3644b6abe2c420ad9cd6caab1ef147cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"672b5276-3fa"
cf-ray
8eb23d9e7a4f376f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:16 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Nov 2024 11:26:46 GMT
logosliderwppublic-dep.min.css
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/css/
60 KB
5 KB
Stylesheet
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/css/logosliderwppublic-dep.min.css?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b7bf7927da302b3f049f3059cb10311b524ff714d7eca4dbb679e281f43cb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"672b5276-f105"
cf-ray
8eb23da0ebe0376f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:17 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Nov 2024 11:26:46 GMT
20301640.js
js.hs-scripts.com/
2 KB
1010 B
Script
General
Full URL
https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.73
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.139.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d2e9613dbeae15cf98995948a95d5fcde7314424884f012014a8d9048efd428
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
EXPIRED
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 10:03:48 GMT
date
Sun, 01 Dec 2024 10:02:18 GMT
x-hubspot-correlation-id
8caa944b-446b-4e75-8422-13fd972be549
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Sun, 01 Dec 2024 10:02:18 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8eb23da83e357278-HAM
accept-ranges
bytes
access-control-allow-origin
https://askrfg.com
content-length
642
server
cloudflare
jquery.min.js
askrfg.com/taxes/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://askrfg.com/taxes/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"64ecd5ef-15601"
cf-ray
8eb23da2fd23376f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:17 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
owl.carousel.js
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/
91 KB
21 KB
Script
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/libs/owl/owl.carousel.js?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ab8ae2581efb90c20445709b7402e82bf74100b1446860305bb5d118917775

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670d5a6d-16d00"
cf-ray
8eb23da67f53376f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:18 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 17:52:45 GMT
logosliderwppublic-dep.js
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/js/
3 KB
1 KB
Script
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/js/logosliderwppublic-dep.js?ver=1.0.0
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978f8bcabef11fa12eb0d102b8d0b8ffb9eb4f3223c434c5222ffc16258a73db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"672b5276-b4c"
cf-ray
8eb23dac5b2e376f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:19 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Nov 2024 11:26:46 GMT
f8bb3596274a1f8646af452d5795aa97.min.js
askrfg.com/taxes/wp-content/uploads/sites/3/fusion-scripts/
512 KB
134 KB
Script
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-scripts/f8bb3596274a1f8646af452d5795aa97.min.js?ver=3.11.10
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3f0da61d69919d48cd8fbbcecfb64243f01fef96b1cfb32190bba65125b5ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670d5d51-80017"
cf-ray
8eb23db3efa7376f-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:20 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 18:05:05 GMT
gtm.js
www.googletagmanager.com/
218 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MT2R79G
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bd02cd2e1fe772bb560627479c571c1f88339b03621105ab7611ef2afd02a061
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 01 Dec 2024 10:02:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 10:02:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 01 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80209
x-xss-protection
0
server
Google Tag Manager
truncated
/
145 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd4011d3e8db1fb5644c77ed010538e25f693bf80194dedbf922aa7a2b7b3f81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
142 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b03f0da2ffc5d9247e84195447cdd315ef0001a13612224a3366e130a0b7e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
142 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c2d28708e9b0f46c891e19c6d99e5a1fdcbc0dc427b503af47015e70c0fd9a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
148 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f43992d81148f1a926b3e84b79efb1699e37a9979bcda52ce5561454e61d87ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
askrfg.com/taxes/wp-content/uploads/sites/3/fusion-gfonts/
36 KB
36 KB
Font
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-gfonts/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"670d5d50-8ff0"
cf-ray
8eb23db84a87376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
36848
date
Sun, 01 Dec 2024 10:02:21 GMT
content-type
font/woff2
last-modified
Mon, 14 Oct 2024 18:05:04 GMT
vary
Accept-Encoding
server
cloudflare
fa-solid-900.woff2
askrfg.com/taxes/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://askrfg.com/taxes/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"670d5abb-13184"
cf-ray
8eb23db85a8d376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
78212
date
Sun, 01 Dec 2024 10:02:21 GMT
content-type
font/woff2
last-modified
Mon, 14 Oct 2024 17:54:03 GMT
vary
Accept-Encoding
server
cloudflare
rP2Wp2ywxg089UriCZaSExd86J3t9jz86MvyyKy58Q.woff2
askrfg.com/taxes/wp-content/uploads/sites/3/fusion-gfonts/
39 KB
39 KB
Font
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-gfonts/rP2Wp2ywxg089UriCZaSExd86J3t9jz86MvyyKy58Q.woff2
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5042714b45298a9022f0f1e03cee6b117bd00104760945d9bfef6f7b9c6a86d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"670d5d50-9ae8"
cf-ray
8eb23db85a8e376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
39656
date
Sun, 01 Dec 2024 10:02:21 GMT
content-type
font/woff2
last-modified
Mon, 14 Oct 2024 18:05:04 GMT
vary
Accept-Encoding
server
cloudflare
json
forms.hsforms.com/embed/v3/form/20301640/35a393e2-bee7-4dcb-b03e-6448dabee29c/
11 KB
4 KB
XHR
General
Full URL
https://forms.hsforms.com/embed/v3/form/20301640/35a393e2-bee7-4dcb-b03e-6448dabee29c/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95eb77f4f4eebeb82560b27e2d5eaada34dff75f88816ea466c1f5f165247491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
8d0f5359-4dc4-4343-8031-4fccf7f64237
access-control-expose-headers
X-Origin-Hublet
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
x-origin-hublet
na1
access-control-allow-methods
OPTIONS, GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Sun, 01 Dec 2024 10:02:22 GMT
x-hubspot-correlation-id
8d0f5359-4dc4-4343-8031-4fccf7f64237
Content-Type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
*
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-q5dzg
x-envoy-upstream-service-time
45
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8eb23dbf588962d3-HAM
access-control-allow-origin
https://askrfg.com
x-evy-trace-route-configuration
listener_https/all
Server
cloudflare
x-evy-trace-virtual-host
all
banner.js
js.hs-banner.com/v2/20301640/
71 KB
26 KB
Script
General
Full URL
https://js.hs-banner.com/v2/20301640/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.16 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95abdd2060c299adb600ad2eaa669a47e73f4596dc34150237a3020e0ee8adcf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
215e2c1c-d465-4b87-b511-50890793d5e4
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"77391d6f9a860c7d3c990247cfca977b"
x-amz-version-id
3.DXwTTM8IfTtlIcFUOn4l6f66mTjoEv
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Sun, 01 Dec 2024 10:07:27 GMT
x-evy-trace-listener
listener_https
date
Sun, 01 Dec 2024 10:02:27 GMT
x-hubspot-correlation-id
215e2c1c-d465-4b87-b511-50890793d5e4
content-type
text/javascript; charset=UTF-8
last-modified
Fri, 23 Aug 2024 15:13:20 GMT
vary
origin, Accept-Encoding
x-amz-id-2
D3NXEufcvghdvm5y2QkZip5lNUGOtuRT/5brfSSTVhqC8ogGqHOxcwaJczrlAkx2ZTLIpOpbDng=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-ds2fh
x-envoy-upstream-service-time
92
access-control-allow-credentials
true
x-amz-request-id
SMAT0ZBDWQ7S36NX
cf-ray
8eb23ddd4f918d71-HEL
access-control-allow-origin
https://www.google.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.109.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/

Response headers

x-request-id
a1077262-bb14-4973-b810-77e91134d368
content-encoding
gzip
cf-cache-status
EXPIRED
x-amz-version-id
_vUoUmuymk3IT7Uikz585Nn8PzBEJUsn
etag
W/"216a00fb66fa9b149d5f8b5557f0f563"
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
hSJ5fm_0N2f7X6T1zpCR1BzQ1sPMMMDOzV5BGn6lsKJC16mhuaHhkg==
x-hubspot-correlation-id
a1077262-bb14-4973-b810-77e91134d368
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 17:09:02 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-w6fkb
x-envoy-upstream-service-time
37
x-hs-target-asset
collected-forms-embed-js/static-1.885/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Sun, 01 Dec 2024 10:02:27 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.885/bundles/project.js&cfRay=8eb23ddddb286313-FRA
via
1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
cf-ray
8eb23ddddb286313-HAM
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
conversations-embed.js
js.usemessages.com/
93 KB
27 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.75.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa4aed518b4728e6d4b4bdd1c5fe289c63a0d071a4edf329f560171f6e7b472
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
11f0c3f7-e564-46d3-9718-644f62878d9b
content-encoding
gzip
cf-cache-status
HIT
etag
W/"f5e6ced71ecd77db318b3b7bdbcea12d"
x-amz-version-id
WSFuba_L2anScNSxi1bmQJTKzwhQ1N0F
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age
76
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
83UjrSfWt6q4jI8jtfINMNLC7dRSepzrmUW87dFhEOjcJrMXpyeJPA==
date
Sun, 01 Dec 2024 10:02:27 GMT
x-hubspot-correlation-id
11f0c3f7-e564-46d3-9718-644f62878d9b
content-type
application/javascript; charset=utf-8
last-modified
Tue, 26 Nov 2024 17:11:20 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-q8977
x-envoy-upstream-service-time
3
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18938/bundles/project.js&cfRay=8e8b8e35aa64ee6e-FRA
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-ray
8eb23de48bd262f0-HAM
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
conversations-embed/static-1.18938/bundles/project.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
20301640.js
js.hs-analytics.net/analytics/1733047200000/
68 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1733047200000/20301640.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20301640.js?integration=WordPress&ver=11.1.73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.175.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6dff246533a92d5de2c383859ca37b8b1a7a935dda41852213c2c401ad075e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
c9c62ba5-c70d-4e24-99b0-ad86bb7df7ed
content-encoding
gzip
cf-cache-status
MISS
etag
W/"cb8102948348b4cca64358d4185940bf"
x-amz-version-id
null
expires
Sun, 01 Dec 2024 10:07:28 GMT
x-evy-trace-listener
listener_https
date
Sun, 01 Dec 2024 10:02:28 GMT
x-hubspot-correlation-id
c9c62ba5-c70d-4e24-99b0-ad86bb7df7ed
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 21:00:28 GMT
vary
origin, Accept-Encoding
x-amz-id-2
mvvIniZBruZOAZdHVBz0CWm7m8g+/flm6k7ixsHHgA3pgdOeclVxbqm1ajgM+sVvO4yHp1A2LoM=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-dc4x5
x-envoy-upstream-service-time
36
access-control-allow-credentials
false
x-amz-request-id
W1C8CV7ZRH8DQHKW
cf-ray
8eb23de57b878dd4-HEL
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
awb-icons.woff
askrfg.com/taxes/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/
20 KB
21 KB
Font
General
Full URL
https://askrfg.com/taxes/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://askrfg.com
Referer
https://askrfg.com/taxes/wp-content/uploads/sites/3/fusion-styles/_blog-3-a2bb515db413b7db079c1d2fbe9513ec.min.css?ver=3.11.10

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"670d5abb-5194"
cf-ray
8eb23db86a9a376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
20884
date
Sun, 01 Dec 2024 10:02:21 GMT
content-type
font/woff
last-modified
Mon, 14 Oct 2024 17:54:03 GMT
vary
Accept-Encoding
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2R79G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

content-encoding
gzip
age
5932
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 10:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 08:23:36 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
swap.js
cdn.callrail.com/companies/538738154/4fdd39b972488729355d/12/
32 B
577 B
Script
General
Full URL
https://cdn.callrail.com/companies/538738154/4fdd39b972488729355d/12/swap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2R79G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-112.fra56.r.cloudfront.net
Software
/
Resource Hash
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-request-id
c9e78e69-2408-456c-a7eb-e664ad1d97ba
etag
W/"d18beba8a6db32dd84b24258cf6542ac"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
_x3fF4t9CLr3ylHpQRFr393vv2e6fQ0ffH65-gyPg0MTJFOyOgwTUA==
date
Sun, 01 Dec 2024 10:02:28 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.004125
x-frame-options
SAMEORIGIN
cache-control
max-age=3600, public
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
content-length
32
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P9
speedy_taxe_services_billboard-400x597.png
askrfg.com/taxes/wp-content/uploads/sites/3/
186 KB
187 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/speedy_taxe_services_billboard-400x597.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ddbbc6ff81fd6347cc4cbc8be2e748b58a1cab2e349412cf748587244195df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b26fa1-48f54"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=298836
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:23 GMT
content-type
image/webp
content-disposition
inline; filename="speedy_taxe_services_billboard-400x597.webp"
vary
Accept
last-modified
Thu, 09 Dec 2021 21:05:37 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23dc85cb0376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
190610
server
cloudflare
office_background.jpg
askrfg.com/taxes/wp-content/uploads/sites/3/
907 KB
908 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/office_background.jpg
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3548dac233d4774bbf6391ec312bb9deceec95dc42795c3635086a471e4d997

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"61b26f8e-ed250"
cf-cache-status
HIT
cf-ray
8eb23dc86cb5376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=971344
content-length
928781
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:23 GMT
content-type
image/jpeg
last-modified
Thu, 09 Dec 2021 21:05:18 GMT
vary
Accept-Encoding
server
cloudflare
shell.js
js.hsforms.net/forms/ Frame 7EA4
484 KB
0
Script
General
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id
bba7f4e7-de61-4a5c-a7e5-051f4fd1f305
content-encoding
gzip
cf-cache-status
HIT
etag
W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id
kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
age
171
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8p6t9Cc%2BlmF1JFD1BVpYKP60w6xa92iXhM%2Bjz8A4T6oIRSm93nuiwIhvlbGnlJeIuuZXNUoKQc3%2F9fuRyVynow%2Fqqy2I78C8en9M0lzJrjlnlwibO8FPrcZt%2F9lAnVu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
d4e2Fod2Wbl7R_q1dtWhlmiYpvV59Lr8hRhy7uUV_2iOAa3EEH_xRQ==
x-hubspot-correlation-id
bba7f4e7-de61-4a5c-a7e5-051f4fd1f305
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 17:07:16 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-7zwm9
x-envoy-upstream-service-time
3
x-hs-target-asset
forms-embed/static-1.6227/bundles/project-v2.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Sun, 01 Dec 2024 10:02:16 GMT
vary
accept-encoding
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8eb239704c8a4e21-AMS
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-ray
8eb23d9ef944f5c1-AMS
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
prev.png
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/img/
486 B
725 B
Image
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/img/prev.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5bdc19a3aad1fe06a20691744a0161ff06db521b54ed2a67b5153daad0b4bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"672b5276-54a"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1354
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:27 GMT
content-type
image/webp
content-disposition
inline; filename="prev.webp"
vary
Accept
last-modified
Wed, 06 Nov 2024 11:26:46 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23de39e0c376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
486
server
cloudflare
next.png
askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/img/
486 B
724 B
Image
General
Full URL
https://askrfg.com/taxes/wp-content/plugins/logo-slider-wp/public/assets/img/next.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1e40c1b4013e9ced069778cfa5d9336ad45c057be9df4b60ade5c089718890

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"672b5276-53e"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1342
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:29 GMT
content-type
image/webp
content-disposition
inline; filename="next.webp"
vary
Accept
last-modified
Wed, 06 Nov 2024 11:26:46 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23dea9a82376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
486
server
cloudflare
Cigna_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
21 KB
21 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Cigna_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d531c37ec407479d295fe8c6bdb2fb7a272f57d0f065751d6cc55c1376d344ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36abb-14265"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=82533
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:29 GMT
content-type
image/webp
content-disposition
inline; filename="Cigna_logo.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:56:59 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23deedd71376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
21556
server
cloudflare
Aetna_Logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
7 KB
7 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Aetna_Logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ddd48ef48abb196591dcd4f0de176dee92574af6f87ace65bab5c1df086c974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36aba-44a7"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=17575
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:29 GMT
content-type
image/webp
content-disposition
inline; filename="Aetna_Logo.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:56:58 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23deefd82376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
7230
server
cloudflare
universal_property.png
askrfg.com/taxes/wp-content/uploads/sites/3/
66 KB
67 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/universal_property.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4fb5853298fe914f8d403740413a1c397fc830bddb394b4a419e46f62462ca6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36ad6-2aadd"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=174813
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:29 GMT
content-type
image/webp
content-disposition
inline; filename="universal_property.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:57:26 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23deefd85376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
68050
server
cloudflare
Unitedhealthcare_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
34 KB
34 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Unitedhealthcare_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6abe0fa2daa4102d2e9c847fb3acc6bbb7c723f9e88231ab7eeedbb6416c79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36ad4-e004"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=57348
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:33 GMT
content-type
image/webp
content-disposition
inline; filename="Unitedhealthcare_logo.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:57:24 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e04aa9e376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
34810
server
cloudflare
Stillwater_logo-1.png
askrfg.com/taxes/wp-content/uploads/sites/3/
41 KB
42 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Stillwater_logo-1.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
513cbe56ae73021741467a87279706185c02cc74c7bf66c8419b8a14d0179e8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b3963b-179d2"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=96722
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:33 GMT
content-type
image/webp
content-disposition
inline; filename="Stillwater_logo-1.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 18:02:35 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e04aa9f376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
42470
server
cloudflare
Sagesure_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
26 KB
26 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Sagesure_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de03225b0f0e2de75873decc917821ecbcfd498c9c44bb2edc4e9454524878f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36ad0-faa3"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=64163
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:33 GMT
content-type
image/webp
content-disposition
inline; filename="Sagesure_logo.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:57:20 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e04aaa0376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
26736
server
cloudflare
Safeco_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
39 KB
40 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Safeco_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12cbc7f14afe69cc599f9f0538bdbd8ded01db603c4e7762462e0f7079e3d033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36acd-15e80"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=89728
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:33 GMT
content-type
image/webp
content-disposition
inline; filename="Safeco_logo.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:57:17 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e04aaa2376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
40316
server
cloudflare
Refund-Advantage.png
askrfg.com/taxes/wp-content/uploads/sites/3/
24 KB
24 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Refund-Advantage.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b747c6d5fd58c62438f55f07701729c7c390139965411d10d95b7b375b80c33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36aca-b7dd"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=47069
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:33 GMT
content-type
image/webp
content-disposition
inline; filename="Refund-Advantage.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:57:14 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e04aaa5376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
24192
server
cloudflare
Progressive_Logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
8 KB
8 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Progressive_Logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839574e06f9ad7ab9cb28c61185f9ab709037d561324e6903a1df3b1f3491531

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36ac8-4f09"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=20233
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:33 GMT
content-type
image/webp
content-disposition
inline; filename="Progressive_Logo.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:57:12 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e07cc97376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
7876
server
cloudflare
nationwide-mutual-insurance-logo-1.png
askrfg.com/taxes/wp-content/uploads/sites/3/
7 KB
7 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/nationwide-mutual-insurance-logo-1.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9cc4b2c639789116cba0b0e117135c31edbf6dd4e5f420faed94496cc6f92c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b39627-79f7"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=31223
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:33 GMT
content-type
image/webp
content-disposition
inline; filename="nationwide-mutual-insurance-logo-1.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 18:02:15 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e07cc98376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
6848
server
cloudflare
json
forms.hscollectedforms.net/collected-forms/v1/config/
133 B
393 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20301640&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.109.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e128b3cb61a2fa35c82703a15965e65cf8a7169fa759369da27db1e16e10df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
a2a85495-42b0-4303-a3b9-66b54f31d55e
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Sun, 01 Dec 2024 10:02:27 GMT
x-hubspot-correlation-id
a2a85495-42b0-4303-a3b9-66b54f31d55e
content-type
application/json;charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
*
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-w6fkb
x-envoy-upstream-service-time
11
cf-ray
8eb23de01cce6313-HAM
access-control-allow-origin
https://askrfg.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
b923390d-1822-47fb-b42d-60dd25024169
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Sun, 01 Dec 2024 10:02:34 GMT
x-hubspot-correlation-id
b923390d-1822-47fb-b42d-60dd25024169
Content-Type
image/gif
vary
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-4nb5b
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8eb23e0ecb5ed957-HEL
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
css2
fonts.googleapis.com/ Frame 7EA4
3 KB
907 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=DM%20Sans:wght@400;500;700&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
3152c018f548899e2da6fe638841ef215a059d73007f3986a28153dc39983201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 10:02:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 10:02:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 01 Dec 2024 08:36:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
53aaa45d-4b89-47da-9ef2-fb3262babf39
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Sun, 01 Dec 2024 10:02:34 GMT
x-hubspot-correlation-id
53aaa45d-4b89-47da-9ef2-fb3262babf39
Content-Type
image/gif
vary
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-br7c8
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8eb23e0f39018d69-HEL
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
public
api.hubspot.com/livechat-public/v1/message/
3 KB
2 KB
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=20301640&conversations-embed=static-1.18938&mobile=false&messagesUtk=fe6912511697472fa0e66e1a456c9ca2&traceId=fe6912511697472fa0e66e1a456c9ca2
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1faca0e669cb70aacef5bf5420115cb32bc13336d9c3cb101fa6cd232ce6cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri
https://askrfg.com/taxes/
Referer
https://askrfg.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KKaf%2B%2FZPImwHW479lDZ4N9QHbvLsJBRD3kKGz%2FUftvAWh6CNfGIdrwOqfHZlj59lmG5igyGF85Ns6vJA2VXamVJDtXP3g%2Bh%2BYpbuTQxihCKJ4ClnTYe5vV7jO9sUnWObNA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 10:02:29 GMT
x-hubspot-correlation-id
12c0f929-954f-489f-bf47-a2c155e9f60c
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8eb23dec7c0fcaa5-HAM
access-control-allow-origin
https://askrfg.com
content-length
1387
server
cloudflare
public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=20301640&conversations-embed=static-1.18938&mobile=false&messagesUtk=fe6912511697472fa0e66e1a456c9ca2&traceId=fe6912511697472fa0e66e1a456c9ca2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://askrfg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://askrfg.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8eb23dea8aa7caa5-HAM
content-length
18
content-type
text/plain; charset=utf-8
date
Sun, 01 Dec 2024 10:02:29 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ocDRJtr0VLyJX2G30R1yQ8LbSww9BpjGTQspnF%2B5R6PzuufPRbvckC5zC289zBRzhBjqOR0JTaPvUu0VigDuhyih9v3%2Fj5yhOmcLOGEEgJRH%2FlsPkV23AtYDHm1FOx1bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-hubspot-correlation-id
d406de85-b5c7-4285-8429-70c68602b5e2
National-General_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
8 KB
8 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/National-General_logo.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
396240ee4456b16cb00a512647034d7df5c6c97b866258aabb8c3ea570f32697

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36ac4-4cfb"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=19707
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:34 GMT
content-type
image/webp
content-disposition
inline; filename="National-General_logo.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:57:08 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e0a1e06376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
7844
server
cloudflare
collect
www.google-analytics.com/j/
15 B
430 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1913956907&t=pageview&_s=1&dl=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&ul=fi-fi&de=UTF-8&dt=Home%20%7C%20Speedy%20Tax%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=324756210&gjid=166510801&cid=2024873052.1733047349&tid=UA-205429051-1&_gid=481951948.1733047349&_r=1&_slc=1&gtm=45He4bk0n81MT2R79Gv850202114za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=1969042326
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8add98de5ef04b6631832246a7bc7b92fdf893b8749068ccb24956ae7e9a3dc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://askrfg.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 10:02:28 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://askrfg.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/
289 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SQ8W95QY6M&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b70cb535e92905f1b096465b3a13a88f0513604a0bf206dd5aed957c3012dcf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 01 Dec 2024 10:02:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 10:02:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102627
x-xss-protection
0
server
Google Tag Manager
fe6912511697472fa0e66e1a456c9ca2
app.hubspot.com/conversations-visitor/20301640/threads/utk/ Frame DC92
0
0
Document
General
Full URL
https://app.hubspot.com/conversations-visitor/20301640/threads/utk/fe6912511697472fa0e66e1a456c9ca2?uuid=1dd9952af6ea43239eab37273bf078ba&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=askrfg.com&inApp53=false&messagesUtk=fe6912511697472fa0e66e1a456c9ca2&url=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Referer
https://askrfg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
age
353
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
8eb23df4683462f0-HAM
content-encoding
gzip
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.21387/html/index.html&cfRay=8eb23df4683462f0&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F20301640%2Fthreads%2Futk%2Ffe6912511697472fa0e66e1a456c9ca2%3Fuuid%3D1dd9952af6ea43239eab37273bf078ba%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Daskrfg.com%26inApp53%3Dfalse%26messagesUtk%3Dfe6912511697472fa0e66e1a456c9ca2%26url%3Dhttps%253A%252F%252Faskrfg.com%252Ftaxes%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Faskrfg.com%2F&cfenv=prod&pdt=2024-12-01&csp=ro
content-type
text/html; charset=utf-8
date
Sun, 01 Dec 2024 10:02:30 GMT
etag
W/"f99dd387ff382d255d4a4892942c6d9b"
last-modified
Tue, 26 Nov 2024 17:11:20 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8eb23df4683462f0&resource=conversations-visitor-ui/static-1.21387/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-id
IwTAIH8EzJ0fjSP24ovTIiGeHwC3DbQitTqsu_vjtGMJGizoSDN63Q==
x-amz-cf-pop
IAD12-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
sITMwZlDV6tI.A1NL.u6wsMTzebcpP9_
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
4
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-fngld
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.21387/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
0366d0c3-06b6-4b60-883e-895d205d63bb
x-request-id
0366d0c3-06b6-4b60-883e-895d205d63bb
Mercury_logonew.png
askrfg.com/taxes/wp-content/uploads/sites/3/
8 KB
9 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Mercury_logonew.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ccb6c22b68b69a97bcef20d3b9f3b5aa8cf3307d829f655fabd6e2b728b2894

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b3b7af-5579"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=21881
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:34 GMT
content-type
image/webp
content-disposition
inline; filename="Mercury_logonew.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 20:25:19 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e0bff27376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
8602
server
cloudflare
Kemper_logonew.png
askrfg.com/taxes/wp-content/uploads/sites/3/
21 KB
22 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Kemper_logonew.png
Requested by
Host: askrfg.com
URL: https://askrfg.com/taxes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e55c0a5f6a85bc0b41c6ceb5e084ca14362860af105d88b17b75aa80cb4c4d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b3b7b1-8b12"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=35602
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:34 GMT
content-type
image/webp
content-disposition
inline; filename="Kemper_logonew.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 20:25:21 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e0ccfa2376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
21794
server
cloudflare
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SQ8W95QY6M&gtm=45je4bk0v9126131349za200&_p=1733047340732&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=fi-fi&sr=1600x1200&cid=2024873052.1733047349&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&dt=Home%20%7C%20Speedy%20Tax%20Service&sid=1733047354&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=21890
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SQ8W95QY6M&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://askrfg.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 10:02:35 GMT
content-type
text/plain
server
Golfe2
shell.js
js.hsforms.net/forms/ Frame 4527
484 KB
0
Script
General
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id
bba7f4e7-de61-4a5c-a7e5-051f4fd1f305
content-encoding
gzip
cf-cache-status
HIT
etag
W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id
kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
age
171
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8p6t9Cc%2BlmF1JFD1BVpYKP60w6xa92iXhM%2Bjz8A4T6oIRSm93nuiwIhvlbGnlJeIuuZXNUoKQc3%2F9fuRyVynow%2Fqqy2I78C8en9M0lzJrjlnlwibO8FPrcZt%2F9lAnVu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
d4e2Fod2Wbl7R_q1dtWhlmiYpvV59Lr8hRhy7uUV_2iOAa3EEH_xRQ==
x-hubspot-correlation-id
bba7f4e7-de61-4a5c-a7e5-051f4fd1f305
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 17:07:16 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-7zwm9
x-envoy-upstream-service-time
3
x-hs-target-asset
forms-embed/static-1.6227/bundles/project-v2.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Sun, 01 Dec 2024 10:02:16 GMT
vary
accept-encoding
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8eb239704c8a4e21-AMS
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-ray
8eb23d9ef944f5c1-AMS
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
Speedy-Tax-Logo@2x.png
askrfg.com/taxes/wp-content/uploads/sites/3/
15 KB
15 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Speedy-Tax-Logo@2x.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
638e7ea262d05d509d4def857d461ab4a056accdf91c6098bf73268364aa8ee8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61ba4688-8033"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=32819
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:35 GMT
content-type
image/webp
content-disposition
inline; filename="Speedy-Tax-Logo@2x.webp"
vary
Accept
last-modified
Wed, 15 Dec 2021 19:48:24 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e121ac1376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
15000
server
cloudflare
20301640.js
js-na1.hs-scripts.com/
2 KB
793 B
Script
General
Full URL
https://js-na1.hs-scripts.com/20301640.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1733047200000/20301640.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.139.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1afc1a7563366d92f0fa602977ce266c3ad63bb7e02707aac5c2e11f52e3af4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
EXPIRED
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8eb23e125a747278-HAM
accept-ranges
bytes
access-control-allow-origin
https://askrfg.com
content-length
655
date
Sun, 01 Dec 2024 10:02:35 GMT
x-hubspot-correlation-id
0cd114ba-6e7c-47de-8761-1a72f4491ef9
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
server
cloudflare
last-modified
Sun, 01 Dec 2024 10:02:35 GMT
__ptq.gif
track.hubspot.com/
45 B
736 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fi-fi&bfp=10578507&v=1.1&a=20301640&ct=standard-page&rcu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&pu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&t=Home+%7C+Speedy+Tax+Service&cts=1733047355112&vi=5d21c8959f826bcde665e554750ee324&nc=true&u=66923761.5d21c8959f826bcde665e554750ee324.1733047355111.1733047355111.1733047355111.1&b=66923761.1.1733047355111&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
19aa819c-b49a-46b8-b117-d29da015b8ed
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmcwKiFUUlyW%2B8nOUOXsyhs4R7KOo5R%2BWpwrdbitDlYJLajOqNbRpOM2VIibPVCUznjjxKH6dTTvdReUfzhkjr11CZCjJH2yXEgB%2FhiOYlqqMo0XFCobHe%2FSvA%2FcQvgyJV2x"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Sun, 01 Dec 2024 10:02:36 GMT
x-hubspot-correlation-id
19aa819c-b49a-46b8-b117-d29da015b8ed
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-6v7t5
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8eb23e172cb18da4-HEL
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track.hubspot.com/
45 B
739 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=35a393e2-bee7-4dcb-b03e-6448dabee29c&fci=1a0ef746-7529-4bd0-baec-3d2f9bc657b6&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fi-fi&bfp=10578507&v=1.1&a=20301640&ct=standard-page&rcu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&pu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&t=Home+%7C+Speedy+Tax+Service&cts=1733047355113&vi=5d21c8959f826bcde665e554750ee324&nc=true&u=66923761.5d21c8959f826bcde665e554750ee324.1733047355111.1733047355111.1733047355111.1&b=66923761.1.1733047355111&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
eaf83ad2-bc43-486d-a8fe-b6cd5ab69410
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teXltLCqqxQ%2FVGD9TVuapuLdRtXKUzCVlHX1WGOcbBNzHkTtycJhQHVMaZAxyFaTROhbE%2BCg6aVj0RNmJk%2FTyq%2FA7BJxgoEUIQmilWWcIMT08iBLy8N4HE%2Bfjclqs2mc7RU3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Sun, 01 Dec 2024 10:02:36 GMT
x-hubspot-correlation-id
eaf83ad2-bc43-486d-a8fe-b6cd5ab69410
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-nc9kd
x-envoy-upstream-service-time
5
access-control-allow-credentials
false
cf-ray
8eb23e173cba8da4-HEL
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
Humana_logo.png
askrfg.com/taxes/wp-content/uploads/sites/3/
4 KB
5 KB
Image
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Humana_logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9ec89529f7217db16605159624e23e51aeb73bab40e00567a2ee421db464b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61b36ac0-36a0"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=13984
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:35 GMT
content-type
image/webp
content-disposition
inline; filename="Humana_logo.webp"
vary
Accept
last-modified
Fri, 10 Dec 2021 14:57:04 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e124add376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
4480
server
cloudflare
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
944 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
4d1a1570-861f-4921-8e64-2da610c1fb0b
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Sun, 01 Dec 2024 10:02:36 GMT
x-hubspot-correlation-id
4d1a1570-861f-4921-8e64-2da610c1fb0b
Content-Type
image/gif
vary
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-9cthp
x-envoy-upstream-service-time
3
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8eb23e169ebc8d69-HEL
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
Speedy-Tax-service-icon.png
askrfg.com/taxes/wp-content/uploads/sites/3/
2 KB
2 KB
Other
General
Full URL
https://askrfg.com/taxes/wp-content/uploads/sites/3/Speedy-Tax-service-icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e90e5bb84d61d4e7b96223575d3c3d2f91a1dafe02151bfd3dc7ee1379fd0fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/taxes/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61c2151a-f41"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=3905
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 10:02:35 GMT
content-type
image/webp
content-disposition
inline; filename="Speedy-Tax-service-icon.webp"
vary
Accept
last-modified
Tue, 21 Dec 2021 17:55:38 GMT
cache-control
public, max-age=31536000
cf-ray
8eb23e129b18376f-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
1888
server
cloudflare
css2
fonts.googleapis.com/ Frame 4527
3 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=DM%20Sans:wght@400;500;700&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
3152c018f548899e2da6fe638841ef215a059d73007f3986a28153dc39983201
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 10:02:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 10:02:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 01 Dec 2024 08:36:31 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=35a393e2-bee7-4dcb-b03e-6448dabee29c&fci=1a0ef746-7529-4bd0-baec-3d2f9bc657b6&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fi-fi&bfp=10578507&v=1.1&a=20301640&ct=standard-page&rcu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&pu=https%3A%2F%2Faskrfg.com%2Ftaxes%2F&t=Home+%7C+Speedy+Tax+Service&cts=1733047355147&vi=5d21c8959f826bcde665e554750ee324&nc=true&u=66923761.5d21c8959f826bcde665e554750ee324.1733047355111.1733047355111.1733047355111.1&b=66923761.1.1733047355111&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
9b06a64c-364b-46af-8055-7a70d3126b6e
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhqceO6BMX%2FeDwPlMbWxuIY68hF%2FhR%2Bdot0Q08PBNNbm6pjtDl%2Ba7Rl61WfXqGaVKxd62LVBa865y1wWEsbD9p2xQvkvd2DGz2A47hBYvCJsowO6TJiQQOFekCa0yWTv7sCi"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Sun, 01 Dec 2024 10:02:36 GMT
x-hubspot-correlation-id
9b06a64c-364b-46af-8055-7a70d3126b6e
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-c4hxf
x-envoy-upstream-service-time
4
access-control-allow-credentials
false
cf-ray
8eb23e172cb38da4-HEL
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
944 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://askrfg.com/

Response headers

x-robots-tag
none
x-request-id
03776cfc-faaf-4382-9408-6897afd4837e
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Sun, 01 Dec 2024 10:02:36 GMT
x-hubspot-correlation-id
03776cfc-faaf-4382-9408-6897afd4837e
Content-Type
image/gif
vary
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-br7c8
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8eb23e16a9c3d957-HEL
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _hsq object| dataLayer object| doc object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| leadin_wordpress object| _hsp function| jQuery object| logosliderwp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| cssua object| fusionJSVars object| fusion function| Swiper object| fusionLightboxVideoVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| fusionInitTooltips function| checkHoverTouchState function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionFlexSliderStrToBool object| fusionAnimationsVars function| fusionSetAnimationData function| getScrollBarWidth object| fusionTabVars function| fusionInitStickyTabs object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| fusionIsWholeElementInViewport function| initSwiperScrollingSection function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| awbScrollToTarget object| fusionVideoVars function| fusionInitStickyColumns object| html5 object| Modernizr object| browserPrefixes object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances object| lazySizes object| awb_oc_timeouts object| awbOffCanvas object| awbAnimationObservers function| awbScrollSpy string| responsiveTypeElements string| fusionBaseFontSize number| _fusionWindowHeight number| _fusionWindowWidth object| __hsCollectedFormsDebug object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| hubspot_live_messages_running object| HubSpotConversations object| gaplugins object| gaGlobal object| gaData function| sanitizeKey boolean| _hstc_loaded object| fusionVimeoPlayers number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $stickyTrigger_position number| sticky_header_type number| $site_width number| $standardLogoHeight number| $logoMarginTop number| $logoMarginBottom number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

13 Cookies

Domain/Path Name / Value
.hsforms.net/ Name: __cf_bm
Value: Q3FZKNpCZJQ484Mr01Up0YtQkkkA6kwJ1SbHD6LkmsM-1733047336-1.0.1.1-ETp.1egdHxLCUgVqz6HsAD6pJj3d21DqZ3Sd2R0.TrPxBq0BuxszyOIkktSfllTA64wCn5zkqv_mTIYsVHpgfg
.askrfg.com/ Name: _ga
Value: GA1.2.2024873052.1733047349
.askrfg.com/ Name: _gid
Value: GA1.2.481951948.1733047349
.askrfg.com/ Name: _gat_UA-205429051-1
Value: 1
.askrfg.com/ Name: _ga_SQ8W95QY6M
Value: GS1.2.1733047354.1.0.1733047354.0.0.0
.hsforms.com/ Name: __cf_bm
Value: mxN2VnrybpgcRaqX6ehN9R.MIcWsk.LmayTbxgpCxbI-1733047354-1.0.1.1-EnXAEB88QNOFqn6MSsWyh.VrJIlSsFjiAii8oqTyiSPK8RKT4S8dOYaouDmZVaBxG9zr9LSjamUy9tFBbWGekw
.hsforms.com/ Name: _cfuvid
Value: 4IjwlARxeqNI2blvNFpznHXYWPLJJz6.l7SlzR3DU20-1733047354899-0.0.1.1-604800000
askrfg.com/ Name: __hstc
Value: 66923761.5d21c8959f826bcde665e554750ee324.1733047355111.1733047355111.1733047355111.1
askrfg.com/ Name: hubspotutk
Value: 5d21c8959f826bcde665e554750ee324
askrfg.com/ Name: __hssrc
Value: 1
askrfg.com/ Name: __hssc
Value: 66923761.1.1733047355111
.hubspot.com/ Name: __cf_bm
Value: cjn.X.ZbNvfF00A3zE_ZUNAOzktrLurS3NqxIlPa.SA-1733047356-1.0.1.1-dAX9LdkjJ1HqupjdwAnKbSa8OSANixCAIwyvKeYF_PSa1VsmHBFu5Zey.Z363JPmQkEo4XSnD7oXG2FGCKw6eg
.hubspot.com/ Name: _cfuvid
Value: z2KTQZ.3F_Ll02XjdAUXRO6vPl9BQLm1uyya4ccaaJk-1733047356183-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
askrfg.com
cdn.callrail.com
fonts.googleapis.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
myspeedytax.com
region1.google-analytics.com
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
104.16.109.254
104.16.117.116
104.16.118.116
104.16.139.209
104.16.75.142
104.17.175.201
104.18.141.119
104.19.175.188
141.193.213.10
141.193.213.11
142.250.185.74
172.64.147.16
18.245.46.112
216.239.32.36
216.239.38.178
216.58.206.72
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
0ccb6c22b68b69a97bcef20d3b9f3b5aa8cf3307d829f655fabd6e2b728b2894
0e5bdc19a3aad1fe06a20691744a0161ff06db521b54ed2a67b5153daad0b4bb
12cbc7f14afe69cc599f9f0538bdbd8ded01db603c4e7762462e0f7079e3d033
1a6dff246533a92d5de2c383859ca37b8b1a7a935dda41852213c2c401ad075e
1b747c6d5fd58c62438f55f07701729c7c390139965411d10d95b7b375b80c33
2353125b54dbbcb77c9cc6d61a9343ec136f2101a7a9d3224d08b12e7ab5e87f
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
2864c11779d941a4546446bdf30b3a528e36ce24906409fbe32ac97d1c704229
2c2d28708e9b0f46c891e19c6d99e5a1fdcbc0dc427b503af47015e70c0fd9a5
2de03225b0f0e2de75873decc917821ecbcfd498c9c44bb2edc4e9454524878f
2df1c78b5de3fbced3280f4f256b2d8812b6e22a73c1a4b92cea4f94e5783c20
3152c018f548899e2da6fe638841ef215a059d73007f3986a28153dc39983201
396240ee4456b16cb00a512647034d7df5c6c97b866258aabb8c3ea570f32697
3b03f0da2ffc5d9247e84195447cdd315ef0001a13612224a3366e130a0b7e87
3b9ec89529f7217db16605159624e23e51aeb73bab40e00567a2ee421db464b3
3e90e5bb84d61d4e7b96223575d3c3d2f91a1dafe02151bfd3dc7ee1379fd0fe
4c01450c66a83a2d0b69d9ed380398cf037cd0527c9f24cc4f258e69b3da9e6b
5042714b45298a9022f0f1e03cee6b117bd00104760945d9bfef6f7b9c6a86d4
505fff817f37d43899275853aa6d6f4f3644b6abe2c420ad9cd6caab1ef147cb
513cbe56ae73021741467a87279706185c02cc74c7bf66c8419b8a14d0179e8c
57b7bf7927da302b3f049f3059cb10311b524ff714d7eca4dbb679e281f43cb7
5d2e9613dbeae15cf98995948a95d5fcde7314424884f012014a8d9048efd428
5ddd48ef48abb196591dcd4f0de176dee92574af6f87ace65bab5c1df086c974
638e7ea262d05d509d4def857d461ab4a056accdf91c6098bf73268364aa8ee8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c1e40c1b4013e9ced069778cfa5d9336ad45c057be9df4b60ade5c089718890
7c6abe0fa2daa4102d2e9c847fb3acc6bbb7c723f9e88231ab7eeedbb6416c79
839574e06f9ad7ab9cb28c61185f9ab709037d561324e6903a1df3b1f3491531
8add98de5ef04b6631832246a7bc7b92fdf893b8749068ccb24956ae7e9a3dc6
8b3f0da61d69919d48cd8fbbcecfb64243f01fef96b1cfb32190bba65125b5ff
93ab8ae2581efb90c20445709b7402e82bf74100b1446860305bb5d118917775
95abdd2060c299adb600ad2eaa669a47e73f4596dc34150237a3020e0ee8adcf
95eb77f4f4eebeb82560b27e2d5eaada34dff75f88816ea466c1f5f165247491
978f8bcabef11fa12eb0d102b8d0b8ffb9eb4f3223c434c5222ffc16258a73db
9e55c0a5f6a85bc0b41c6ceb5e084ca14362860af105d88b17b75aa80cb4c4d7
a1faca0e669cb70aacef5bf5420115cb32bc13336d9c3cb101fa6cd232ce6cca
b4fb5853298fe914f8d403740413a1c397fc830bddb394b4a419e46f62462ca6
b70cb535e92905f1b096465b3a13a88f0513604a0bf206dd5aed957c3012dcf9
bd02cd2e1fe772bb560627479c571c1f88339b03621105ab7611ef2afd02a061
bd9cc4b2c639789116cba0b0e117135c31edbf6dd4e5f420faed94496cc6f92c
c1afc1a7563366d92f0fa602977ce266c3ad63bb7e02707aac5c2e11f52e3af4
c62806025dc31d0a68e0127054b3bbf25ab3bf5bf2eab78a4bfe5f4094f483f8
ca3acff6a38f62aa27ef1bca42f2da8ac8d9b73a55b071e7d8b13c40ba782417
ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d531c37ec407479d295fe8c6bdb2fb7a272f57d0f065751d6cc55c1376d344ae
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd4011d3e8db1fb5644c77ed010538e25f693bf80194dedbf922aa7a2b7b3f81
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3548dac233d4774bbf6391ec312bb9deceec95dc42795c3635086a471e4d997
e4e128b3cb61a2fa35c82703a15965e65cf8a7169fa759369da27db1e16e10df
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
efa4aed518b4728e6d4b4bdd1c5fe289c63a0d071a4edf329f560171f6e7b472
f43992d81148f1a926b3e84b79efb1699e37a9979bcda52ce5561454e61d87ef
f8ddbbc6ff81fd6347cc4cbc8be2e748b58a1cab2e349412cf748587244195df
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6