employeeretentioncredit.expert Open in urlscan Pro
70.40.220.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.employeeretentioncredit.expert/
Effective URL:
https://employeeretentioncredit.expert/
Submission: On September 05 via automatic, source certstream-suspicious (September 5th 2024, 9:55:41 am UTC) — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 20 domains to perform 63 HTTP transactions. The main IP is 70.40.220.114, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is employeeretentioncredit.expert.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 7th 2023. Valid for: a year.

This is the only time employeeretentioncredit.expert was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	70.40.220.114 70.40.220.114	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
7	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700::68... 2606:4700::6810:8bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	104.18.141.119 104.18.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:6bfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:28f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
3	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:f16c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
63	24

22 70.40.220.114 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2111.bluehost.com

www.employeeretentioncredit.expert	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
employeeretentioncredit.expert	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6bfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f16c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	employeeretentioncredit.expert 1 redirects www.employeeretentioncredit.expert employeeretentioncredit.expert	918 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	547 KB
5	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 9983 app.hubspot.com — Cisco Umbrella Rank: 10634 track.hubspot.com — Cisco Umbrella Rank: 5359	4 KB
4	wp.com i0.wp.com — Cisco Umbrella Rank: 5176 stats.wp.com — Cisco Umbrella Rank: 4519 pixel.wp.com — Cisco Umbrella Rank: 4225	13 KB
3	gstatic.com fonts.gstatic.com	48 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 9382 forms-na1.hsforms.com — Cisco Umbrella Rank: 15115	6 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	12 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 9601 forms.hscollectedforms.net — Cisco Umbrella Rank: 9837	25 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 14516	157 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414 js-na1.hs-scripts.com — Cisco Umbrella Rank: 14508	2 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 7580	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	265 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 10675	24 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 7189	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	26 KB
63	20

	Domain	Requested by
21	employeeretentioncredit.expert	employeeretentioncredit.expert
7	www.googletagmanager.com	employeeretentioncredit.expert www.googletagmanager.com js.hsadspixel.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.youtube.com	employeeretentioncredit.expert www.youtube.com
2	track.hubspot.com
2	forms-na1.hsforms.com	employeeretentioncredit.expert
2	api.hubspot.com	js.usemessages.com
2	pixel.wp.com	employeeretentioncredit.expert
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	js.hsforms.net	employeeretentioncredit.expert js.hsforms.net
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	app.hubspot.com	js.usemessages.com
1	api.hubapi.com	js.hsadspixel.net
1	fonts.googleapis.com	js.hsforms.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	forms.hsforms.com	js.hsforms.net
1	www.google.de	employeeretentioncredit.expert
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	stats.wp.com	employeeretentioncredit.expert
1	js.hs-scripts.com	employeeretentioncredit.expert
1	i0.wp.com	employeeretentioncredit.expert
1	www.employeeretentioncredit.expert	1 redirects
63	28

This site contains no links.

Subject Issuer	Validity	Valid
employeeretentioncredit.expert Sectigo RSA Domain Validation Secure Server CA	`2023-09-07` - `2024-09-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
hsforms.net WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
hscollectedforms.net WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
hsadspixel.net WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
usemessages.com WE1	`2024-08-08` - `2024-11-06`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.google.de WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
hsforms.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
hubapi.com E6	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://employeeretentioncredit.expert/
Frame ID: D9533C8F0BA7B24D2240A6CFF55FEE46
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gKmjoBmOFVQ
Frame ID: 21948D3B036C97BF4600C4303765BA41
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js?ver=11.1.40
Frame ID: 2EF180CF9F045E1932D0BED0D05CBDF3
Requests: 5 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/22692433/threads/utk/f65a24f0b3214e848c2ab08ac9ec8254?uuid=17888b821fb04a40b74da18ad2df28a7&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=employeeretentioncredit.expert&inApp53=false&messagesUtk=f65a24f0b3214e848c2ab08ac9ec8254&url=https%3A%2F%2Femployeeretentioncredit.expert%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: 003D3AF0B4A31159AA67BD6774DB7268
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Employee Retention Credit Expert - ERC Experts

Page URL History Show full URLs

https://www.employeeretentioncredit.expert/ HTTP 301
https://employeeretentioncredit.expert/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

100 %
HTTPS

74 %
IPv6

20
Domains

28
Subdomains

24
IPs

4
Countries

1833 kB
Transfer

5585 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.employeeretentioncredit.expert/ HTTP 301
https://employeeretentioncredit.expert/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
employeeretentioncredit.expert/
Redirect Chain

https://www.employeeretentioncredit.expert/
https://employeeretentioncredit.expert/

103 KB
31 KB

2521ms
2520ms

Document
text/html

70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: 5f856bfa93f6344f08f82c495bfcddc217860c7c35478b6b58b90e80f17d2090

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: max-age=7200
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 05 Sep 2024 09:55:35 GMT
expires: Thu, 05 Sep 2024 11:55:34 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
link: <https://employeeretentioncredit.expert/wp-json/>; rel="https://api.w.org/", <https://employeeretentioncredit.expert/wp-json/wp/v2/pages/2329>; rel="alternate"; title="JSON"; type="application/json", <https://employeeretentioncredit.expert/>; rel=shortlink
server: nginx/1.21.6
vary: Accept-Encoding
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-proxy-cache: MISS
x-server-cache: true

Redirect headers

cache-control: max-age=7200
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Sep 2024 09:55:32 GMT
expires: Thu, 05 Sep 2024 11:55:32 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
location: https://employeeretentioncredit.expert/
server: nginx/1.21.6
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-proxy-cache: MISS
x-redirect-by: WordPress
x-server-cache: true

GET
H2 200 block-generic-wb4wp-content.css
employeeretentioncredit.expert/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/ 717 B
354 B 409ms
407ms Stylesheet
text/css 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/block-generic-wb4wp-content.css?ver=2f8a878f4dd2fcda1a03625eadc65afd
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: fb06b363dc5c370eb474c5df27b6633c4c6e05c611a27f3166c7eb32f0bab682

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 23 Jul 2024 16:07:18 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 317
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 block-generic-section.css
employeeretentioncredit.expert/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/ 4 KB
852 B 209ms
207ms Stylesheet
text/css 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/block-generic-section.css?ver=29ffbded135d1e494ff0b47bd8c692ad
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 4af00cc8e00b8c9e2a80ea049324958c6e6a8ca4bb2413823e544874a336e99e

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 23 Jul 2024 16:07:18 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 815
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 container.css
employeeretentioncredit.expert/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/ 3 KB
552 B 209ms
207ms Stylesheet
text/css 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/container.css?ver=63371796415726a33c060cd169fcd144
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: abec005bafd9eabdfe0e50515bd88fc106db9500ff4d655f6325b5d366a1df27

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 23 Jul 2024 16:07:18 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 492
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
employeeretentioncredit.expert/wp-includes/js/mediaelement/ 11 KB
3 KB 206ms
205ms Stylesheet
text/css 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 23 May 2022 15:42:23 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3239
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 wp-mediaelement.min.css
employeeretentioncredit.expert/wp-includes/js/mediaelement/ 4 KB
1 KB 208ms
206ms Stylesheet
text/css 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.1
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 23 May 2022 15:42:23 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1298
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 utilities.css
employeeretentioncredit.expert/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/ 57 KB
12 KB 410ms
409ms Stylesheet
text/css 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.css?ver=2.4.1
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 8bf7c015afca617c6b21686e7e418f06b1ac01c0dd1c7c3427bd4258a9708a24

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 05 Sep 2024 04:38:08 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 11953
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 f574a85d1fd265e242addbdd3697bb86.min.css
employeeretentioncredit.expert/wp-content/uploads/fusion-styles/ 1011 KB
217 KB 399ms
398ms Stylesheet
text/css 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/uploads/fusion-styles/f574a85d1fd265e242addbdd3697bb86.min.css?ver=3.11.10
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 064188bdafdb8d4e792a5994ad38030fb0a4882cbce00df819e34ea3f18e501f

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 05 Sep 2024 09:07:30 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 utilities.js Show response
employeeretentioncredit.expert/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/ 2 KB
1008 B 215ms
213ms Script
text/javascript 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.js?ver=2.4.1
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 837ae650fc185e1c9cc9f8c054826b2550692acce80efe5c4e09e7c9848c788b

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 05 Sep 2024 04:38:08 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 936
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 198ms
110ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NCHFHMT

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58a43a2dd5979e1def3d78bc6e6415923035504c5b2b46e2530bb48ec2d660f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Sep 2024 09:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 141ms
54ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-241454376-1

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e662c776a5c949e8ef005d955b3ee973932aef079f89ef027c50b416838f8de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77665
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Sep 2024 09:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
94 KB 220ms
133ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-769912138

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ce8873a94d5ada534e1335474bbcfba305ba2ca504dbb357a66f8e693c7d682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96135
x-xss-protection: 0
last-modified: Thu, 05 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Sep 2024 09:55:36 GMT

GET
H2 200 awb-icons.woff
employeeretentioncredit.expert/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
20 KB 214ms
212ms Font
font/woff 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6

Request headers

Referer: https://employeeretentioncredit.expert/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
x-nginx-cache: WordPress
last-modified: Tue, 03 Sep 2024 15:43:14 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 20884
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 fa-brands-400.woff2
employeeretentioncredit.expert/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 75 KB
75 KB 403ms
401ms Font
font/woff2 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99

Request headers

Referer: https://employeeretentioncredit.expert/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
x-nginx-cache: WordPress
last-modified: Tue, 03 Sep 2024 15:43:14 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 76736
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 fa-regular-400.woff2
employeeretentioncredit.expert/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 13 KB
13 KB 601ms
600ms Font
font/woff2 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d

Request headers

Referer: https://employeeretentioncredit.expert/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
x-nginx-cache: WordPress
last-modified: Tue, 03 Sep 2024 15:43:14 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 13264
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 fa-solid-900.woff2
employeeretentioncredit.expert/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 76 KB
76 KB 600ms
599ms Font
font/woff2 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

Referer: https://employeeretentioncredit.expert/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
x-nginx-cache: WordPress
last-modified: Tue, 03 Sep 2024 15:43:14 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 78212
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 Accountant-Pro.ttf
employeeretentioncredit.expert/wp-content/uploads/fusion-icons/Accountant-Pro-v2.0/fonts/ 7 KB
7 KB 1923ms
1922ms Font
font/ttf 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/uploads/fusion-icons/Accountant-Pro-v2.0/fonts/Accountant-Pro.ttf?ym7fev
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: 240d5e3812ab8e6e75533336f3afc26da97dac68e1d331ba70b6ec747bae55e1

Request headers

Referer: https://employeeretentioncredit.expert/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Thu, 05 Sep 2024 09:55:37 GMT
x-nginx-cache: WordPress
last-modified: Mon, 23 May 2022 16:19:28 GMT
server: nginx/1.21.6
x-server-cache: true
x-endurance-cache-level: 2
content-type: font/ttf
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
content-length: 7524
expires: Fri, 06 Sep 2024 09:46:27 GMT

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
employeeretentioncredit.expert/wp-content/uploads/fusion-gfonts/ 24 KB
24 KB 599ms
598ms Font
font/woff2 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/uploads/fusion-gfonts/xn7gYHE41ni1AdIRggexSg.woff2
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

Request headers

Referer: https://employeeretentioncredit.expert/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Sep 2024 15:45:55 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 24376
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 ERC-logo.png
employeeretentioncredit.expert/wp-content/uploads/2022/05/ 49 KB
49 KB 785ms
784ms Image
image/png 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeretentioncredit.expert/wp-content/uploads/2022/05/ERC-logo.png
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 4c9df7720466d1c1b3f4b6b7459612894e9529a770aa905565df208a759520fc

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
x-nginx-cache: WordPress
last-modified: Mon, 23 May 2022 16:15:19 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 50039
expires: Fri, 06 Sep 2024 09:55:35 GMT

GET
H2 200 ERC-logo.png
i0.wp.com/employeeretentioncredit.expert/wp-content/uploads/2022/05/ 9 KB
9 KB 168ms
85ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/employeeretentioncredit.expert/wp-content/uploads/2022/05/ERC-logo.png?resize=400%2C203&ssl=1

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

57f882bc75a0c3f8cb21e95ed29c5f731a36228d4ba822141ecd1611815e161b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:35 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 9250
x-nc: MISS ams 4
last-modified: Thu, 05 Sep 2024 09:55:35 GMT
server: nginx
etag: "9726e2ce4c4104eb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://employeeretentioncredit.expert/wp-content/uploads/2022/05/ERC-logo.png>; rel="canonical"
expires: Sat, 05 Sep 2026 21:55:35 GMT

GET
H2 200 jquery.min.js Show response
employeeretentioncredit.expert/wp-includes/js/jquery/ 86 KB
38 KB 210ms
210ms Script
text/javascript 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 08 Nov 2023 18:27:44 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Fri, 06 Sep 2024 09:55:36 GMT

GET
H2 200 submit.js Show response
employeeretentioncredit.expert/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/ 3 KB
1 KB 437ms
437ms Script
text/javascript 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1715033903
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 9d8c6b74553a96d30e57c30c8a5b1496082eda51aa03d202e469042175c72e45

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 06 May 2024 22:18:23 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1450
expires: Fri, 06 Sep 2024 09:55:36 GMT

GET
H2 200 22692433.js Show response
js.hs-scripts.com/ 2 KB
1 KB 264ms
176ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/22692433.js?integration=WordPress&ver=11.1.40

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fd5c6da53255e588d46604dee10880c0c28950f0b0d46e94ab66775a79b8c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 967b9697-a8ea-41ea-81ed-302de65ca8a7
x-envoy-upstream-service-time: 9
content-length: 684
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 967b9697-a8ea-41ea-81ed-302de65ca8a7
last-modified: Thu, 05 Sep 2024 09:55:36 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://employeeretentioncredit.expert
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-rzh8b
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8be558395c8d37fc-FRA
expires: Thu, 05 Sep 2024 09:57:06 GMT

GET
H2 200 e-202436.js Show response
stats.wp.com/ 7 KB
3 KB 120ms
39ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202436.js
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166114261.106
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Sep 2025 01:31:23 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 483 KB
157 KB 184ms
127ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js?ver=11.1.40

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5999/bundles/project-v2.js&cfRay=8bd69078f80bd937-ARN
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"6baa082bb753a0d6d6e8a595ed1a8003"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5999/bundles/project-v2.js
date: Thu, 05 Sep 2024 09:55:36 GMT
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: AFaf8mWb39Qooe1K5qzICbDOfESNQB7s
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 750e4e76-6753-4990-aebf-70efc95c2a75
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 750e4e76-6753-4990-aebf-70efc95c2a75
last-modified: Tue, 03 Sep 2024 14:36:36 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BffCvpNTQP9ZFQSLv7Dtn%2BqeTIYqLfjd2mzGDWmzgZuND53dGuyDqDEkjoekCLGWKHojRtbha%2FLQHlCfnq0khKRQ0SdbVYL41is3pd8e%2BDVa504Xk41XlyMbrMTZFOkg"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-jfqmf
cf-ray: 8be558392e82bb83-FRA
x-amz-cf-id: -Klv3ybdMqwe9qfqTuhs1-IuszqdpKupD1sqfZ_Iefb-mIJEvN7Big==

GET
H2 200 9f84d13fe417d49b3cada6c1741eb305.min.js Show response
employeeretentioncredit.expert/wp-content/uploads/fusion-scripts/ 486 KB
184 KB 210ms
208ms Script
text/javascript 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/uploads/fusion-scripts/9f84d13fe417d49b3cada6c1741eb305.min.js?ver=3.11.10
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 127b565cbeba968bfb76db267fc27a78479e7de7ab8460fd998df0b9e75f7813

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 04 Sep 2024 15:46:00 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Fri, 06 Sep 2024 09:55:36 GMT

GET
H2 200 gKmjoBmOFVQ
www.youtube.com/embed/ Frame 2194 0
0 187ms
103ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/gKmjoBmOFVQ

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Sep 2024 09:55:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a905ce68b0561c98c7ca1946312acdfc31c74a8c180a5ad4b7516f47232c7e48

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 075cac2edebea085d916e6989c7c9b239c79fe89caf3f1d034dd28282e659049

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69dd3e106b70cdfb1a993ba98348ce4ad0cf329a007cd3526dcd12a85e9dfe04

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DRQNRXKVJT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-241454376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

733e7b95599b60f9192f05fb0aac08aea41c819773133101729f20c05a78aff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Sep 2024 09:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NCHFHMT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-241454376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e253124c6428a104a8b9a4ca08710193445138b9d21227fb221d792668706e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Sep 2024 09:55:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-241454376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Sep 2024 08:40:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4496
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 05 Sep 2024 10:40:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
94 KB 66ms
62ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-769912138&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-241454376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe9737044e080a69fc5cfb9b78c4011e3468eeef8bb15a7876fd0c5e633e5f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96110
x-xss-protection: 0
last-modified: Thu, 05 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Sep 2024 09:55:36 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 147ms
57ms Script
application/javascript 2606:4700::6810:6bfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22692433.js?integration=WordPress&ver=11.1.40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 577
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8be54a225f2839ce-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"ac41634810840adc02ea51748cb19c2f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.586/bundles/project.js
date: Thu, 05 Sep 2024 09:55:36 GMT
x-amz-version-id: FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 7bc47b1e-9094-440d-a537-24910df2dcf0
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7bc47b1e-9094-440d-a537-24910df2dcf0
last-modified: Tue, 23 Jul 2024 12:55:20 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-9zgcl
cf-ray: 8be5583b1f351cbf-FRA
x-amz-cf-id: CcN54EqGmus1ALYr1A9DQYspO-JzmmXStYIKyriqszDxHu1nktiaJQ==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/22692433/ 71 KB
26 KB 557ms
468ms Script
text/javascript 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/22692433/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22692433.js?integration=WordPress&ver=11.1.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb4c68516239f72e8dd5424e4261ad1b12c4efebf9b0269b232e9018285ecfd

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:37 GMT
x-amz-version-id: QxuV.DyT3fRQWJue6_gggSycnnrHtg_k
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: QHP3C1H2Q4HS7NV6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: befbee1c-2766-4a46-a57b-158cf289221c
x-envoy-upstream-service-time: 50
x-amz-id-2: V01DLUswpObvWNYxlkbVF4RnG5r3gilcyM2C4E2gglBKDyyzfkXJVFYqqyELGJCMTUPdRtbqyjk=
x-evy-trace-listener: listener_https
x-request-id: befbee1c-2766-4a46-a57b-158cf289221c
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 16:38:46 GMT
server: cloudflare
etag: W/"85ca5d32e5c74ff02cb13767773f4a54"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://employeeretentioncredit.expert
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-ll4br
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8be5583b0bb4d34c-FRA
expires: Thu, 05 Sep 2024 10:00:37 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 137ms
48ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22692433.js?integration=WordPress&ver=11.1.40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49252815d7074468985052d7175e7a8f8bdd5c0ba58f9ed899dcb817dbeb0463

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: gzip
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-amz-version-id: fm6JgpXL9JGC8WrXn9jACAOS9H560ORd
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
age: 74
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.594/bundles/pixels-release.js&cfRay=8be5566a0b80d29d-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 5fd892d5-8c42-4650-acb1-bddf2512c8b5
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5fd892d5-8c42-4650-acb1-bddf2512c8b5
last-modified: Mon, 02 Sep 2024 16:26:48 UTC
server: cloudflare
etag: W/"65da937c36d7b6d9247b2949059a974d"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-nvswq
cf-ray: 8be5583b1982d28e-FRA
x-amz-cf-id: NwW-wTza_vkMnO4pHmrMJL3KTv4J5kAxQquYdmkHjgB1b11FAP6f-w==
x-hs-target-asset: adsscriptloaderstatic/static-1.594/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 139ms
50ms Script
application/javascript 2606:4700::6810:4e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22692433.js?integration=WordPress&ver=11.1.40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c85cff899f9c3f0706cc4451589fac833a980c512d11939c80e4c317ebd63171

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: gzip
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-amz-version-id: v5ARyA8RqFEA6QwcRMIxKUTTqNjAhynp
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
age: 489
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.17895/bundles/project.js&cfRay=8be54c466b73371d-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: fb731b4e-8d9e-43d4-b779-224054a43b85
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fb731b4e-8d9e-43d4-b779-224054a43b85
last-modified: Tue, 03 Sep 2024 15:23:02 UTC
server: cloudflare
etag: W/"af1d95d8e9331455dd6d3df0360e4a77"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-vdr9x
cf-ray: 8be5583b1ecbd354-FRA
x-amz-cf-id: xUty1MHc7BZMsi5oI0DhGk7W-MdcoGkLtuGL1tEqRkNgw7oug9rDqg==
x-hs-target-asset: conversations-embed/static-1.17895/bundles/project.js

GET
H2 200 22692433.js Show response
js.hs-analytics.net/analytics/1725530100000/ 68 KB
25 KB 292ms
203ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1725530100000/22692433.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22692433.js?integration=WordPress&ver=11.1.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b28065abf063d9dd5338d8623d75b0e7d2c9f986d4c802aec172bc12e6303dd

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: H0AWYPDNQ961T2AP
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: edd66a26-2ed7-4657-8db7-f481fe4e5890
x-envoy-upstream-service-time: 45
x-amz-id-2: micCXoEeLckSGjVxNOrzHtwVeHlXz6p3h8Hd/TGaQw+50n6USAis2RsMSoiYpgjWAAAplHlyie0=
x-evy-trace-listener: listener_https
x-request-id: edd66a26-2ed7-4657-8db7-f481fe4e5890
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 23 Aug 2024 14:03:57 GMT
server: cloudflare
etag: W/"9892f2fd07e75fb07f742c4307c5d5b8"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-ll4br
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8be5583b1852d26e-FRA
expires: Thu, 05 Sep 2024 10:00:36 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
178 B 50ms
39ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=207237438&post=2329&tz=0&srv=employeeretentioncredit.expert&j=1%3A13.8&host=employeeretentioncredit.expert&ref=&fcp=6181&rand=0.4210739365594254
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Sep 2024 09:55:36 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 hero-women-accountant.jpg
employeeretentioncredit.expert/wp-content/uploads/2020/08/ 145 KB
145 KB 204ms
204ms Image
image/jpeg 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeeretentioncredit.expert/wp-content/uploads/2020/08/hero-women-accountant.jpg
Requested by: Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: 66681551d19fba987d306b3e1bc7ef14c8d1e2b5fab078748835205f740475c8

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
x-nginx-cache: WordPress
last-modified: Mon, 23 May 2022 16:19:02 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 148458
expires: Fri, 06 Sep 2024 09:55:36 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 138ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DRQNRXKVJT&gtm=45Pe4930v9121838903za200&_p=1725530136425&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1942937218.1725530137&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725530136&sct=1&seg=0&dl=https%3A%2F%2Femployeeretentioncredit.expert%2F&dt=Employee%20Retention%20Credit%20Expert%20-%20ERC%20Experts&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6484
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NCHFHMT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 09:55:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employeeretentioncredit.expert
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
265 B 143ms
49ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DRQNRXKVJT&cid=1942937218.1725530137&gtm=45Pe4930v9121838903za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NCHFHMT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 09:55:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employeeretentioncredit.expert
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 123ms
74ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DRQNRXKVJT&cid=1942937218.1725530137&gtm=45Pe4930v9121838903za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=392910047

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 09:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/22692433/375e2c44-6685-4d26-9c89-031747218e4f/ 23 KB
5 KB 264ms
214ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/22692433/375e2c44-6685-4d26-9c89-031747218e4f/json?hs_static_app=forms-embed&hs_static_app_version=1.5999&X-HubSpot-Static-App-Info=forms-embed-1.5999

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js?ver=11.1.40

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae666e5f597af685af3a5461ded77618d0192fc703082c343af202dd329ae79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 05 Sep 2024 09:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cee36cf2-d574-4bfa-a16e-f2abacec22fc
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cee36cf2-d574-4bfa-a16e-f2abacec22fc
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://employeeretentioncredit.expert
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8be5583b9d83ca95-HAM
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-hrcvg

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 146ms
62ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/wp-content/uploads/fusion-scripts/9f84d13fe417d49b3cada6c1741eb305.min.js?ver=3.11.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62d46bd19914a6662719761126830278933d1c7ef0dcac88e81ad9175af487bf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script'
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 05 Sep 2024 09:55:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
217 B 50ms
49ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=666148051&t=pageview&_s=1&dl=https%3A%2F%2Femployeeretentioncredit.expert%2F&ul=de-de&de=UTF-8&dt=Employee%20Retention%20Credit%20Expert%20-%20ERC%20Experts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=654715325&gjid=1260207511&cid=1942937218.1725530137&tid=UA-241454376-1&_gid=1345854627.1725530137&_r=1&gtm=457e4930za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&npa=1&z=658478171

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 09:55:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employeeretentioncredit.expert
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 263ms
160ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=22692433&conversations-embed=static-1.17895&mobile=false&messagesUtk=f65a24f0b3214e848c2ab08ac9ec8254&traceId=f65a24f0b3214e848c2ab08ac9ec8254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://employeeretentioncredit.expert
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://employeeretentioncredit.expert
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8be5583c3a88d396-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 05 Sep 2024 09:55:37 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fo4tJWsjsQLaQPfHc%2FKcEKX6p4kGm8pdm43yxppWEZKcr%2BkFE0%2FJSUB3TktVAxLhH7RhuAIQax%2FkKMI4Q%2FxFyKpyHstso%2Bo0JusuYoMNwO%2B3LmEXWcbrGCbkEY4Z28g2dT21No6F5zL0DalgNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-25xnc
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: e98ad9c3-44b2-4453-8dc3-db212a651b96
x-request-id: e98ad9c3-44b2-4453-8dc3-db212a651b96

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 331ms
330ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8fafa160d23933200faa72fe1eceba7958a44962118c2caedb7d9094813ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
X-HubSpot-Messages-Uri: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4e8f38b6-add0-4a19-983f-4ed38d8d4f35
x-envoy-upstream-service-time: 171
content-length: 1549
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4e8f38b6-add0-4a19-983f-4ed38d8d4f35
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://employeeretentioncredit.expert
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-vs8xg
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wk83U0zjixZ3bVKcKsASgkMoYAb1906zPEbhsnoKv08f9%2FVA8TQFlXcfkG6KKgjOcxdKi%2FODhJ7ZHIcnpeKcTfjWjo%2BlVisSRSjyt22EVM0tZ7JrdMD3324w91OhpHLuYRISpQH2HX8avFjI6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8be5583d3dabd396-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 134 B
463 B 151ms
149ms XHR
application/json 2606:4700::6810:6bfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=22692433&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7494a048731255f135fe8bfdcf0bf6f5ae2b9966568cef63b9a31862db2098c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 07d84cbf-cd68-4c74-81f7-9a7c70268833
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 07d84cbf-cd68-4c74-81f7-9a7c70268833
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://employeeretentioncredit.expert
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-vnhwp
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8be5583bb8001cbf-FRA

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5f8f5b0f/www-widgetapi.vflset/ 31 KB
11 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5f8f5b0f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10546
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 04:14:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Sep 2025 09:30:15 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame 2EF1 483 KB
0 0ms
0ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js?ver=11.1.40

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js?ver=11.1.40

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5999/bundles/project-v2.js&cfRay=8bd69078f80bd937-ARN
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"6baa082bb753a0d6d6e8a595ed1a8003"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5999/bundles/project-v2.js
date: Thu, 05 Sep 2024 09:55:36 GMT
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: AFaf8mWb39Qooe1K5qzICbDOfESNQB7s
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 750e4e76-6753-4990-aebf-70efc95c2a75
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 750e4e76-6753-4990-aebf-70efc95c2a75
last-modified: Tue, 03 Sep 2024 14:36:36 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BffCvpNTQP9ZFQSLv7Dtn%2BqeTIYqLfjd2mzGDWmzgZuND53dGuyDqDEkjoekCLGWKHojRtbha%2FLQHlCfnq0khKRQ0SdbVYL41is3pd8e%2BDVa504Xk41XlyMbrMTZFOkg"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-jfqmf
cf-ray: 8be558392e82bb83-FRA
x-amz-cf-id: -Klv3ybdMqwe9qfqTuhs1-IuszqdpKupD1sqfZ_Iefb-mIJEvN7Big==

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
852 B 235ms
175ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 45fb35a5-66ca-4315-85d0-47439d62fbb0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 45fb35a5-66ca-4315-85d0-47439d62fbb0
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-t5gvb
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8be5583d8e4062df-HAM

GET
H2 200 css2
fonts.googleapis.com/ Frame 2EF1 5 KB
1 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js?ver=11.1.40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4fe076c04035b35834c207707a25817a8ebe8dd1e056a7853020b24f6f01b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Sep 2024 09:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Sep 2024 09:43:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Sep 2024 09:55:37 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
887 B 202ms
174ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: employeeretentioncredit.expert
URL: https://employeeretentioncredit.expert/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 99db7979-7b20-42c7-afad-2bf0be34d19a
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 99db7979-7b20-42c7-afad-2bf0be34d19a
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-57rnd
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8be5583d8e3b62df-HAM

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 115 B
1 KB 300ms
209ms XHR
application/json 2606:4700::6812:f16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=22692433

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92ae10b2f9126e1d083cffa916dcf4873f7b8da8a30ce7ff3ced088011424d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ad12878f-fa97-47fd-95da-fae55dfc27c3
content-encoding: br
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ad12878f-fa97-47fd-95da-fae55dfc27c3
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://employeeretentioncredit.expert
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-kgq4r
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=74KOVyJMfTN7AoDHDyq%2FPDnILBHeFjioWoZT4Zpe5y3PJXIvrKNRyJAfRFgd5GB2PDgMKDe2xrGJkuCTBSF0w0zxcbahR59KAF1eoNQ2ZVCiTn831Vg9xBZAxftZ5tDHS2Ow3u39TB7l70Ys"}],"group":"cf-nel","max_age":604800}
cf-ray: 8be5583e98a1372f-FRA
access-control-allow-headers: *

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ Frame 2EF1 47 KB
48 KB 124ms
41ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 14:52:02 GMT
x-content-type-options: nosniff
age: 587015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 14:52:02 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ Frame 2EF1 47 KB
0 125ms
125ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 14:52:02 GMT
x-content-type-options: nosniff
age: 587015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 14:52:02 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ Frame 2EF1 47 KB
0 126ms
126ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeeretentioncredit.expert
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 14:52:02 GMT
x-content-type-options: nosniff
age: 587015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 14:52:02 GMT

GET
H2 200 f65a24f0b3214e848c2ab08ac9ec8254
app.hubspot.com/conversations-visitor/22692433/threads/utk/ Frame 003D 0
0 244ms
165ms Document
text/html 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/22692433/threads/utk/f65a24f0b3214e848c2ab08ac9ec8254?uuid=17888b821fb04a40b74da18ad2df28a7&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=employeeretentioncredit.expert&inApp53=false&messagesUtk=f65a24f0b3214e848c2ab08ac9ec8254&url=https%3A%2F%2Femployeeretentioncredit.expert%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://employeeretentioncredit.expert/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
age: 2172
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8be5583fde9ed2fa-FRA
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20345/html/index.html&cfRay=8be5583fde9ed2fa&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F22692433%2Fthreads%2Futk%2Ff65a24f0b3214e848c2ab08ac9ec8254%3Fuuid%3D17888b821fb04a40b74da18ad2df28a7%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Demployeeretentioncredit.expert%26inApp53%3Dfalse%26messagesUtk%3Df65a24f0b3214e848c2ab08ac9ec8254%26url%3Dhttps%253A%252F%252Femployeeretentioncredit.expert%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Femployeeretentioncredit.expert%2F&cfenv=prod&pdt=2024-09-05&csp=ro
content-type: text/html; charset=utf-8
date: Thu, 05 Sep 2024 09:55:37 GMT
etag: W/"f7974ae1ebd4e36649c8ca42cff5c6ab"
last-modified: Tue, 03 Sep 2024 15:23:02 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8be5583fde9ed2fa&resource=conversations-visitor-ui/static-1.20345/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-amz-cf-id: 7D2sHMQWlQTGduBwfDD3lmRmBhxaJGuiEKDZsOI3G4_h63POjqe4dA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: XYv9gcHcSGoAssDebQ3uvbE0wlXINh3z
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-jctkj
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.20345/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 470a0e3c-d520-4d0b-aff5-c031c8db9253
x-request-id: 470a0e3c-d520-4d0b-aff5-c031c8db9253

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-769912138

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ce8873a94d5ada534e1335474bbcfba305ba2ca504dbb357a66f8e693c7d682

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:36 GMT
content-encoding: br
last-modified: Thu, 05 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Sep 2024 09:55:36 GMT

GET
H2 200 22692433.js Show response
js-na1.hs-scripts.com/ 2 KB
776 B 64ms
62ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/22692433.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1725530100000/22692433.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad906985dd069b36dc4dfbba7decb3efbef16d9220a36f58c97f754d4ffb0f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1819f691-37e2-4cc9-8c99-b93793f04cef
cf-polished: origSize=2507
age: 577
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1819f691-37e2-4cc9-8c99-b93793f04cef
cf-bgj: minify
last-modified: Thu, 05 Sep 2024 09:46:01 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://employeeretentioncredit.expert
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-brlsd
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cf-ray: 8be55843a96837fc-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
936 B 246ms
164ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2507617663&v=1.1&a=22692433&ct=standard-page&pu=https%3A%2F%2Femployeeretentioncredit.expert%2F&t=Employee+Retention+Credit+Expert+-+ERC+Experts&cts=1725530138167&vi=3617eba457e71f3b76202562e83b9cf6&nc=true&u=231198272.3617eba457e71f3b76202562e83b9cf6.1725530138164.1725530138164.1725530138164.1&b=231198272.1.1725530138164&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dad95d63-8949-453e-80e6-c7f465d331db
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dad95d63-8949-453e-80e6-c7f465d331db
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DW6jBlnKWPztXj9xt45KzV%2FYRD66gQlWqKcQANMeEfGmyKGkCxXAdyyYh3IO26cVamJmnPpF8Q29ayWlDTTFWnCNGchuLAKqySPsEuVVkKDxAEWI%2BreSr4sz5885VptzcF2nhmH7LewdRJJ3s%2BXQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-jw98k
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8be558442aad1b36-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
438 B 247ms
169ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=375e2c44-6685-4d26-9c89-031747218e4f&fci=654ad896-2a9c-4625-b6da-e84e1ecde78f&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2507617663&v=1.1&a=22692433&ct=standard-page&pu=https%3A%2F%2Femployeeretentioncredit.expert%2F&t=Employee+Retention+Credit+Expert+-+ERC+Experts&cts=1725530138168&vi=3617eba457e71f3b76202562e83b9cf6&nc=true&u=231198272.3617eba457e71f3b76202562e83b9cf6.1725530138164.1725530138164.1725530138164.1&b=231198272.1.1725530138164&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 102202e7-a861-4303-b899-0ed7bb45a62a
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 102202e7-a861-4303-b899-0ed7bb45a62a
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lh7XxIiHozczAr2naEiwPIigRrY7NCcTOO3YnXZoys7KmsHJ5vyRsTzeAxcyT2Mj%2BZRaT9CSbH106NAxshgUrZR7y1oP3YcaMlu%2Fkk6iPRvwMSPBQY0ZLvx4Cq5KFRKNy%2BHtKSI4JXDEx3Bm9RXb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-xvjxl
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8be558442ab21b36-FRA
x-robots-tag: none

GET
H2 200 ERC-favicon.png
employeeretentioncredit.expert/wp-content/uploads/2022/05/ 17 KB
18 KB 209ms
209ms Other
image/png 70.40.220.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://employeeretentioncredit.expert/wp-content/uploads/2022/05/ERC-favicon.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 70.40.220.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2111.bluehost.com
Software: Apache /
Resource Hash: eafe5d75a8cc5238f17ec214efea0c9471e9bbb18dc325927a2a8135e4b9d364

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:55:38 GMT
x-nginx-cache: WordPress
last-modified: Mon, 23 May 2022 17:46:27 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 17866
expires: Fri, 06 Sep 2024 09:55:38 GMT

GET
H2 200 t.gif
pixel.wp.com/ 43 B
171 B 39ms
39ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/t.gif?blog=207237438&post=2329&blog_id=207237438&jetpack_version=13.8&_ui=q1LNa56kfTP0C8PLMj8fYDIa&_ut=anon&_en=jetpack_pageview_timing&_ts=1725530138250&_tz=-2&_lg=de-DE&_pf=Linux%20x86_64&_ht=1200&_wd=1600&_sx=0&_sy=0&_dl=https%3A%2F%2Femployeeretentioncredit.expert%2F&_dr=&conn_type=4g&conn_rtt=150&conn_downlink=10&protocol=h2&dns_latency=0&conn_latency=0&resp_latency=2520&resp_duration=5&dom_interact=6452&dom_load=6468&page_load=7847&files_origin=24&files_ext=28&files_ssl=52&files_http1=30&files_http2=21&files_js=15&files_css=7&files_img=6&files_font=6&files_other=18&duration_js=7866&duration_css=2665&duration_img=1686&duration_font=4389&duration_other=6822&first_paint=6181&first_cf_paint=6181&rand=0.9019912655540587
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://employeeretentioncredit.expert/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Sep 2024 09:55:38 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hsforms.net/	1970-01-20 23:18:51	Name: __cf_bm Value: PypqL3O0Q14t7FxSz3Dt7j6ER5RFo.ni.ogwiwzHIzU-1725530136-1.0.1.1-JKlkQDDhHIbz8KAW5yyp6q2LnAS33vIGqPwIOG5fczSiKeHsg2Jk0wg3uZpq.Y_kSOW.0uCRBA2_ed8ayi2tFQ
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: dEhRClIpo4E
.youtube.com/	1970-01-21 03:38:02	Name: VISITOR_INFO1_LIVE Value: GCfDxg9E-dg
.youtube.com/	1970-01-21 03:38:02	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgPw%3D%3D
.employeeretentioncredit.expert/	1970-01-21 08:54:50	Name: _ga_DRQNRXKVJT Value: GS1.1.1725530136.1.0.1725530136.60.0.0
.employeeretentioncredit.expert/	1970-01-21 01:28:26	Name: _gcl_au Value: 1.1.1578730869.1725530137
.employeeretentioncredit.expert/	1970-01-21 08:54:50	Name: _ga Value: GA1.2.1942937218.1725530137
.employeeretentioncredit.expert/	1970-01-20 23:20:16	Name: _gid Value: GA1.2.1345854627.1725530137
.employeeretentioncredit.expert/	1970-01-20 23:18:50	Name: _gat_gtag_UA_241454376_1 Value: 1
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: _zj5Ut1SYs9lmE9CcOoPyP_5UNKjV7.WSv362TRZr.o-1725530137337-0.0.1.1-604800000
.hsforms.com/	1970-01-20 23:18:51	Name: __cf_bm Value: rj6uhgZG02jwRuaf0ahz31qGp0jbUXgzSpKn4zZsuu8-1725530137-1.0.1.1-WSDpKfJ9YX0Z.ynalGZQTMFpi86Oc3WQP1ZCv.ZVi20gn5XwnOZcu496Z94g8RF5oFW1ozHTK8dnbbR3RJmnYQ
.employeeretentioncredit.expert/	1970-01-21 03:38:02	Name: __hstc Value: 231198272.3617eba457e71f3b76202562e83b9cf6.1725530138164.1725530138164.1725530138164.1
.employeeretentioncredit.expert/	1970-01-21 03:38:02	Name: hubspotutk Value: 3617eba457e71f3b76202562e83b9cf6
.employeeretentioncredit.expert/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.employeeretentioncredit.expert/	1970-01-20 23:18:51	Name: __hssc Value: 231198272.1.1725530138164
.employeeretentioncredit.expert/	1970-01-21 03:38:02	Name: messagesUtk Value: f65a24f0b3214e848c2ab08ac9ec8254
.hubspot.com/	1970-01-20 23:18:51	Name: __cf_bm Value: qtlBhA1boyXH1cXbpdNd_cu.8cQ60CAl6ymGyhGGhko-1725530138-1.0.1.1-sQUQJontGw1kuCOtO1n.QlSi57.KN5OzhVunnwdgLhqjzOEh1ggw3Kx8PU95yLTFjntuUnTPJGrgihJx3m2Ulw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: mWCDLKzDtam.rtzAPP0Y_9UmiqZtyWwGEhcFnXR3Xyo-1725530138337-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
app.hubspot.com
employeeretentioncredit.expert
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
i0.wp.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
pixel.wp.com
region1.analytics.google.com
stats.g.doubleclick.net
stats.wp.com
track.hubspot.com
www.employeeretentioncredit.expert
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.18.141.119
104.18.80.204
192.0.76.3
192.0.77.2
2001:4860:4802:34::36
216.58.206.35
2606:4700:4400::6812:28f0
2606:4700::6810:4e8e
2606:4700::6810:6bfe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8bd1
2606:4700::6810:a0a8
2606:4700::6811:df98
2606:4700::6812:f16c
2a00:1450:4001:81c::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c04::9a
70.40.220.114
064188bdafdb8d4e792a5994ad38030fb0a4882cbce00df819e34ea3f18e501f
075cac2edebea085d916e6989c7c9b239c79fe89caf3f1d034dd28282e659049
0ce8873a94d5ada534e1335474bbcfba305ba2ca504dbb357a66f8e693c7d682
127b565cbeba968bfb76db267fc27a78479e7de7ab8460fd998df0b9e75f7813
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
1b28065abf063d9dd5338d8623d75b0e7d2c9f986d4c802aec172bc12e6303dd
240d5e3812ab8e6e75533336f3afc26da97dac68e1d331ba70b6ec747bae55e1
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eb4c68516239f72e8dd5424e4261ad1b12c4efebf9b0269b232e9018285ecfd
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
49252815d7074468985052d7175e7a8f8bdd5c0ba58f9ed899dcb817dbeb0463
4af00cc8e00b8c9e2a80ea049324958c6e6a8ca4bb2413823e544874a336e99e
4c9df7720466d1c1b3f4b6b7459612894e9529a770aa905565df208a759520fc
57f882bc75a0c3f8cb21e95ed29c5f731a36228d4ba822141ecd1611815e161b
58a43a2dd5979e1def3d78bc6e6415923035504c5b2b46e2530bb48ec2d660f1
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5f856bfa93f6344f08f82c495bfcddc217860c7c35478b6b58b90e80f17d2090
5fd5c6da53255e588d46604dee10880c0c28950f0b0d46e94ab66775a79b8c5e
62d46bd19914a6662719761126830278933d1c7ef0dcac88e81ad9175af487bf
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
66681551d19fba987d306b3e1bc7ef14c8d1e2b5fab078748835205f740475c8
69dd3e106b70cdfb1a993ba98348ce4ad0cf329a007cd3526dcd12a85e9dfe04
69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
733e7b95599b60f9192f05fb0aac08aea41c819773133101729f20c05a78aff7
7494a048731255f135fe8bfdcf0bf6f5ae2b9966568cef63b9a31862db2098c3
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
837ae650fc185e1c9cc9f8c054826b2550692acce80efe5c4e09e7c9848c788b
8bf7c015afca617c6b21686e7e418f06b1ac01c0dd1c7c3427bd4258a9708a24
92ae10b2f9126e1d083cffa916dcf4873f7b8da8a30ce7ff3ced088011424d42
9d8c6b74553a96d30e57c30c8a5b1496082eda51aa03d202e469042175c72e45
a905ce68b0561c98c7ca1946312acdfc31c74a8c180a5ad4b7516f47232c7e48
aad906985dd069b36dc4dfbba7decb3efbef16d9220a36f58c97f754d4ffb0f0
abec005bafd9eabdfe0e50515bd88fc106db9500ff4d655f6325b5d366a1df27
ae666e5f597af685af3a5461ded77618d0192fc703082c343af202dd329ae79c
b4fe076c04035b35834c207707a25817a8ebe8dd1e056a7853020b24f6f01b98
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bf8fafa160d23933200faa72fe1eceba7958a44962118c2caedb7d9094813ac0
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
c85cff899f9c3f0706cc4451589fac833a980c512d11939c80e4c317ebd63171
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e253124c6428a104a8b9a4ca08710193445138b9d21227fb221d792668706e49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e662c776a5c949e8ef005d955b3ee973932aef079f89ef027c50b416838f8de6
eafe5d75a8cc5238f17ec214efea0c9471e9bbb18dc325927a2a8135e4b9d364
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fb06b363dc5c370eb474c5df27b6633c4c6e05c611a27f3166c7eb32f0bab682
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6
fe9737044e080a69fc5cfb9b78c4011e3468eeef8bb15a7876fd0c5e633e5f2c

employeeretentioncredit.expert Open in urlscan Pro 70.40.220.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

74 %IPv6

20 Domains

28 Subdomains

24 IPs

4 Countries

1833 kBTransfer

5585 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

employeeretentioncredit.expert Open in urlscan Pro
70.40.220.114 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

74 %
IPv6

20
Domains

28
Subdomains

24
IPs

4
Countries

1833 kB
Transfer

5585 kB
Size

18
Cookies

63 HTTP transactions
3 data transactions