ertcadvisors.org Open in urlscan Pro
35.185.208.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coviderctaxrefund.com/
Effective URL:
https://ertcadvisors.org/
Submission Tags: falconsandbox
Submission: On October 08 via api (October 8th 2022, 2:27:42 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 73 HTTP transactions. The main IP is 35.185.208.177, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ertcadvisors.org.
TLS certificate: Issued by R3 on September 17th 2022. Valid for: 3 months.

This is the only time ertcadvisors.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
21	35.185.208.177 35.185.208.177	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01f:6:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	184.86.103.7 184.86.103.7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3034::6815:4f51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.99.236 52.217.99.236	16509 (AMAZON-02) (AMAZON-02)
73	22

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

coviderctaxrefund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 35.185.208.177 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.208.185.35.bc.googleusercontent.com

ertcadvisors.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01f:6:face:b00c:0:3 (Pantin, France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.86.103.7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-7.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4f51 (United States)

ASN13335 (CLOUDFLARENET, US)

app.conversiobot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

conversiobotapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.99.236 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

conv-avatar.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ertcadvisors.org ertcadvisors.org	684 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	229 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2144	20 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1028	91 KB
4	googleadservices.com 3 redirects www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	274 KB
3	google.sk www.google.sk — Cisco Umbrella Rank: 17109	763 B
3	google.com www.google.com — Cisco Umbrella Rank: 19	763 B
3	google.de www.google.de — Cisco Umbrella Rank: 3460	787 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 171	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 665	12 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 492	43 KB
2	conversiobotapp.com conversiobotapp.com — Cisco Umbrella Rank: 509564	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	32 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	222 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	111 KB
1	amazonaws.com conv-avatar.s3.amazonaws.com	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	conversiobot.com app.conversiobot.com — Cisco Umbrella Rank: 472028	37 KB
1	coviderctaxrefund.com 1 redirects coviderctaxrefund.com	294 B
73	20

	Domain	Requested by
21	ertcadvisors.org	ertcadvisors.org
7	fonts.gstatic.com	ertcadvisors.org fonts.googleapis.com
4	analytics.tiktok.com	ertcadvisors.org analytics.tiktok.com
4	www.googleadservices.com	3 redirects www.googletagmanager.com
4	www.googletagmanager.com	ertcadvisors.org www.googletagmanager.com
3	www.google.sk	ertcadvisors.org
3	www.google.com	ertcadvisors.org
3	www.google.de	ertcadvisors.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com ertcadvisors.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn.jsdelivr.net	ertcadvisors.org
2	conversiobotapp.com	app.conversiobot.com
2	cdnjs.cloudflare.com	app.conversiobot.com
2	www.facebook.com	ertcadvisors.org
2	googleads.g.doubleclick.net	www.googleadservices.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	ertcadvisors.org connect.facebook.net
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
1	conv-avatar.s3.amazonaws.com
1	fonts.googleapis.com	ertcadvisors.org
1	app.conversiobot.com	ertcadvisors.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	coviderctaxrefund.com	1 redirects
73	23

This site contains links to these domains. Also see Links.

Domain
www.leadpoisoningclaim.com

Subject Issuer	Validity	Valid
ertcadvisors.org R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-17` - `2022-10-15`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.sk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ertcadvisors.org/
Frame ID: 8A7C5D65D300B672FA564841DED4ABF9
Requests: 72 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AD6AD5107E9870117D2828AD9E38F21E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - ERTC Advisors

Page URL History Show full URLs

http://coviderctaxrefund.com/ HTTP 301
https://ertcadvisors.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

73
Requests

96 %
HTTPS

78 %
IPv6

20
Domains

23
Subdomains

22
IPs

4
Countries

1583 kB
Transfer

3558 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.leadpoisoningclaim.com/clkn/https/privacypolicy.caring-attorneys.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coviderctaxrefund.com/ HTTP 301
https://ertcadvisors.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.googleadservices.com/pagead/conversion/10896600823/wcm?cc=ZZ&dn=8002229000&cl=bxZOCI6AqsUDEPfd88so&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8002229000&cl=bxZOCI6AqsUDEPfd88so

Request Chain 57

https://www.googleadservices.com/pagead/conversion/10860729696/wcm?cc=ZZ&dn=8882991680&cl=TpyZCIT3prwDEOCq5roo&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8882991680&cl=TpyZCIT3prwDEOCq5roo

Request Chain 61

https://www.googleadservices.com/pagead/conversion/10860729696/wcm?cc=ZZ&dn=8002229000&cl=Xhu_CIqDlcQDEOCq5roo&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8002229000&cl=Xhu_CIqDlcQDEOCq5roo

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ertcadvisors.org/
Redirect Chain

http://coviderctaxrefund.com/
https://ertcadvisors.org/

238 KB
36 KB

792ms
245ms

Document
text/html

35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 6bd8bc32f3989f523c2e2a06650df148d412192b50de51b4afd68ae8f07c82fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 08 Oct 2022 14:27:32 GMT
link: <https://ertcadvisors.org/wp-json/>; rel="https://api.w.org/" <https://ertcadvisors.org/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json" <https://ertcadvisors.org/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 59
Content-Type: text/html; charset=utf-8
Date: Sat, 08 Oct 2022 14:27:31 GMT
Location: https://ertcadvisors.org
Server: ip-100-74-3-86.eu-west-2.compute.internal
X-Request-Id: ee34b030-47f8-4cf9-b369-67d3777aa847

GET
H2 200 style.css
ertcadvisors.org/wp-content/themes/Divi-child/ 564 B
588 B 182ms
182ms Stylesheet
text/css 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/wp-content/themes/Divi-child/style.css?ver=4.9.0.1648841179
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c0ba9e868abe3eb4d80c8442b3690f8cd4abda0b934ad3cbdbde7750cff96f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
last-modified: Fri, 01 Apr 2022 19:26:19 GMT
server: nginx
etag: W/"624751db-234"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/ 141 KB
22 KB 91ms
42ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/bootstrap.min.css

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9262437
x-jsd-version: 4.0.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-itm18842-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"235ed-iVElpFIqOxDuetoG7mUDWHy/lcU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3Q4yV8Hm009LZJHvkITsOie%2F8o1l%2B6DpyuoF2e%2F8zm%2BlPVdpL5%2BQf4RoK26i9pht%2FpwQzyKM7aWbZmuLGIaEPT%2BF2CDUGhQzYp7AOUjrd8wVg%2Bn%2BmXX5g2JwEPR2bJ0jOKlNGf0G2kpB6u4Zcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 756f8ed01a29bbad-FRA

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/ 48 KB
14 KB 85ms
36ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/bootstrap.min.js

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9265897
x-jsd-version: 4.0.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-iad-kiad7000146-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"bf30-qVRYMYA7E1nP7tR+O01rrmjkDpk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTbTmZQvEjlL2oh59bSeAKMMEEBfDedFvoyZU%2FSzbiD68EgwrOUQuKxdLnTj3%2BEZbZetUh5OZd%2F66IRj68kmSe%2FQ7j7sUGclNStepOEXxZQrGBTeLmEBWz%2B37P1AkSQH4qokaQjeaVvI%2B11X59M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 756f8ed01a2bbbad-FRA

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/ 19 KB
7 KB 96ms
48ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/popper.min.js

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17384729
x-jsd-version: 1.12.9
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19133-FRA, cache-hhn4042-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"4af4-w7l3qkuN+2nWUeBwFQMdOF3tlks"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKBto3BG7YYIXRpQ%2BnXqO%2BPoFnMGIMwIqRZp9bw9a5zviEzymVdIJBhqnzg5GQNwa3gbrrGi0zNI7Ly%2Fw5V2Vxp3druZ9r7DpvUOgIK%2Blwcam2D%2B%2F0CyfSbbIM0TfRD%2FnEvdiiSRW6sjfJOlQD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 756f8ed01a2dbbad-FRA

GET
H2 200 et-core-unified-9.min.css
ertcadvisors.org/wp-content/et-cache/9/ 842 B
550 B 358ms
358ms Stylesheet
text/css 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/wp-content/et-cache/9/et-core-unified-9.min.css?ver=1664393118
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4994f72e2987265764901d2689cddee6bfbb51e4e0e5e4826532152dcf79e8b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 19:25:18 GMT
server: nginx
etag: W/"63349f9e-34a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 et-core-unified-tb-0-deferred-9.min.css
ertcadvisors.org/wp-content/et-cache/9/ 11 KB
2 KB 357ms
357ms Stylesheet
text/css 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/wp-content/et-cache/9/et-core-unified-tb-0-deferred-9.min.css?ver=1664393118
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 072208a64423c7113f8a765bc48a87062643b281dbf0f14b325b8f84a8f998d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 19:25:18 GMT
server: nginx
etag: W/"63349f9e-2a9a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 Lake-Law-DIGITAL-RGB_Horizontal-Logo-White-1.png
ertcadvisors.org/wp-content/uploads/2022/04/ 48 KB
49 KB 419ms
417ms Image
image/png 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/Lake-Law-DIGITAL-RGB_Horizontal-Logo-White-1.png
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ac6c8effe311e818509511e7429107e085e1765ee3cbb18fc487fc0ecf84bca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Mon, 25 Apr 2022 21:23:10 GMT
server: nginx
etag: "6267113e-c1b4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49588

GET
H2 200 we-can-help-you-claim-your-ertc-credits-01.jpg
ertcadvisors.org/wp-content/uploads/2022/04/ 71 KB
71 KB 419ms
418ms Image
image/jpeg 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/we-can-help-you-claim-your-ertc-credits-01.jpg
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dd613bc053a3b0b0877753352f1c4a5628165afeccfd4cf107727e5874f8aa2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Thu, 14 Jul 2022 20:26:50 GMT
server: nginx
etag: "62d07c0a-11c4a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 72778

GET
H2 200 economic-security-act.jpg
ertcadvisors.org/wp-content/uploads/2022/04/ 34 KB
35 KB 420ms
419ms Image
image/jpeg 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/economic-security-act.jpg
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 74df562dd07af9ff97a1ad34837b4fcf5c643fde9341c9f21dc0d74e10d373f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Thu, 14 Jul 2022 20:19:29 GMT
server: nginx
etag: "62d07a51-89fb"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35323

GET
H2 200 simply-apply-online-by-completing-the-form-below-1.png
ertcadvisors.org/wp-content/uploads/2022/04/ 6 KB
6 KB 420ms
419ms Image
image/png 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/simply-apply-online-by-completing-the-form-below-1.png
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 312bedd36bc86df514cf884bde6a7e23d945b1e5741234f92d5b3922d2c7113a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Fri, 15 Jul 2022 02:25:17 GMT
server: nginx
etag: "62d0d00d-1770"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6000

GET
H2 200 jquery.min.js Show response
ertcadvisors.org/wp-includes/js/jquery/ 87 KB
31 KB 419ms
417ms Script
application/javascript 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
ertcadvisors.org/wp-includes/js/jquery/ 11 KB
4 KB 191ms
189ms Script
application/javascript 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts.min.js Show response
ertcadvisors.org/wp-content/themes/Divi/js/ 268 KB
60 KB 191ms
189ms Script
application/javascript 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 543abcc9b648e8163b776c15632a566251717566a4d724f9939bef59399eefc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
last-modified: Fri, 12 Aug 2022 02:49:15 GMT
server: nginx
etag: W/"62f5bfab-42e58"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 common.js Show response
ertcadvisors.org/wp-content/themes/Divi/core/admin/js/ 1 KB
815 B 422ms
420ms Script
application/javascript 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
last-modified: Fri, 12 Aug 2022 02:49:15 GMT
server: nginx
etag: W/"62f5bfab-53f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
71 KB 97ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K29WS35

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8c60aa7cdad02e1279bea037fa7b55c18828b25ec6207a00c7f15195c71e27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72845
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Oct 2022 14:27:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
54 KB 92ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL5TFVD

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80d683d34571cf66d4f0a1ff3bee584f6bded9a66e449de2b82d3b643303b097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54505
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Oct 2022 14:27:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL5TFVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Oct 2022 13:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4295
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 08 Oct 2022 15:15:57 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 102ms
49ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL5TFVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 14:27:32 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL5TFVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 13:47:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Oct 2022 14:47:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
75 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P59ZZZR51R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL5TFVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9fadd6758e6c09f09030d41e17d580635a6a8ad31204249dcc407ad20c1c70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 08 Oct 2022 14:27:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 108ms
49ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K29WS35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF835B8B19F6466CAEF057EF661D56CF Ref B: FRA31EDGE0119 Ref C: 2022-10-08T14:27:32Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 105ms
36ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Oct 2022 14:27:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: V4jyKuF1FvQePEEk9U4M8h7a1uy/cCnHUZDMLihAeXiwGq5H1SfTPsG3Sm8qbL069sBqOAI6FHJZjvjOmsqI8g==
x-fb-trip-id: 1460883810
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 136 KB
40 KB 310ms
208ms Script
application/javascript 184.86.103.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCH55G3C77U3SM0S1MF0&lib=ttq
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-7.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9a57722f1b63611971fda47ee19090160f3c11b21405e65327bf6d1a4a6891cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id: 13276d7.264f2a9d
date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 171,184.86.102.7
server-timing: cdn-cache; desc=MISS, edge; dur=121, origin; dur=50, inner; dur=3
content-length: 39870
pragma: no-cache
server: nginx
x-tt-logid: 2022100814273310732E1A97F9F1F4804C
x-cache-remote: TCP_MISS from a23-48-215-78.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 50,23.48.215.78
x-tt-trace-host: 0162cc7c110e0d51de27a0ff1acaae247d003f42c6dbcb75d1346de88e6aba2543a828bf96a6c04f76e55a7887993559be10b099680abd14b714d9db6ca3a93217e9621101a946cefe0a470909c579131834099541b47774406c3507f1b3fb47e2
expires: Sat, 08 Oct 2022 14:27:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8H0RK5XPX2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K29WS35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b5279f25f580fee03b30d20033a90176ff88b84c36041abb48eb2d3dffee0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75498
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 08 Oct 2022 14:27:32 GMT

GET
H2 200 claim-your-employee-retention-tax-credit-.jpg
ertcadvisors.org/wp-content/uploads/2022/04/ 32 KB
32 KB 320ms
320ms Image
image/jpeg 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/claim-your-employee-retention-tax-credit-.jpg
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b233da785e1311a22affeb05fa67b9b617d3e21b4cbd1907eef7320c77e34c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Thu, 14 Jul 2022 20:19:56 GMT
server: nginx
etag: "62d07a6c-805d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 32861

GET
H2 200 modules.ttf
ertcadvisors.org/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 317ms
316ms Font
application/octet-stream 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcadvisors.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Fri, 12 Aug 2022 02:49:15 GMT
server: nginx
etag: "62f5bfab-168f0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92400

GET
H2 200 or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbLi4J__WTA.woff2
fonts.gstatic.com/s/literata/v30/ 31 KB
32 KB 74ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v30/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbLi4J__WTA.woff2

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce5112a23a2d4bfe76fec1db6b9a18f022f940b35219fe6bc203a1267fb479f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 09:39:47 GMT
x-content-type-options: nosniff
age: 103665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31672
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:44:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 09:39:47 GMT

GET
H2 200 or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbCO_J__WTA.woff2
fonts.gstatic.com/s/literata/v30/ 32 KB
32 KB 96ms
44ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v30/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbCO_J__WTA.woff2

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b570a634bf866fc371ada9f3a2188900699198ba49f30fc4047727d9622dd7df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:26:41 GMT
x-content-type-options: nosniff
age: 115251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32548
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:51:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 06:26:41 GMT

GET
H2 200 or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbE-_J__WTA.woff2
fonts.gstatic.com/s/literata/v30/ 31 KB
31 KB 113ms
61ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v30/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbE-_J__WTA.woff2

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f402044f988fcdbce2ef4b79e59542eafdea3e4a6f9a6488c5446b39386b07a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:26:41 GMT
x-content-type-options: nosniff
age: 115251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32092
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:50:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 06:26:41 GMT

GET
H2 200 or3NQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKoRYzNiCp1OUedn8GLLmQEiS.woff2
fonts.gstatic.com/s/literata/v30/ 33 KB
34 KB 130ms
78ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v30/or3NQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKoRYzNiCp1OUedn8GLLmQEiS.woff2

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b992e2e8023319d738a24cf10854cc27fc9c6ecdd88a27b1a77aa03e7942fa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 02:10:04 GMT
x-content-type-options: nosniff
age: 130648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:38:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 02:10:04 GMT

GET
H2 200 or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbPa4J__WTA.woff2
fonts.gstatic.com/s/literata/v30/ 32 KB
32 KB 119ms
85ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v30/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbPa4J__WTA.woff2

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9ced25d5a2f99bd42704c9da790bc6108a368fb9dcf6bd4b1247a1cdc22024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:37:24 GMT
x-content-type-options: nosniff
age: 186608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:44:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:37:24 GMT

GET
H2 200 or3NQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKoRYzNiCp1OUedn8zbXmQEiS.woff2
fonts.gstatic.com/s/literata/v30/ 33 KB
33 KB 98ms
69ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v30/or3NQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKoRYzNiCp1OUedn8zbXmQEiS.woff2

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cda6dd6ac965917643fb54242a4dede895ed5fa5e3560c227e56a224ecf68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ertcadvisors.org/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 01:38:54 GMT
x-content-type-options: nosniff
age: 132518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:38:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 01:38:54 GMT

GET
H2 200 icon-our-experienced-team-calculates-your-maximum-credit-eligibility.png
ertcadvisors.org/wp-content/uploads/2022/04/ 9 KB
9 KB 286ms
284ms Image
image/png 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/icon-our-experienced-team-calculates-your-maximum-credit-eligibility.png
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 05e27154406fa5431615925b2ca4dfdf2c6367f155753704af7de37cfa170404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Fri, 15 Jul 2022 02:25:39 GMT
server: nginx
etag: "62d0d023-2267"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8807

GET
H2 200 icon-we-file-and-send-all-necessary-IRS-forms-and-documentation-3.png
ertcadvisors.org/wp-content/uploads/2022/04/ 7 KB
8 KB 341ms
339ms Image
image/png 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/icon-we-file-and-send-all-necessary-IRS-forms-and-documentation-3.png
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a66647beb5d255e39b958d1dc3496efdad0416d4fb34c6a44932db9e435b5c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Fri, 15 Jul 2022 02:27:28 GMT
server: nginx
etag: "62d0d090-1d41"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7489

GET
H2 200 icon-receive-a-refund-directly-from-the-IRS-no-need-to-take-any-action.png
ertcadvisors.org/wp-content/uploads/2022/04/ 8 KB
8 KB 341ms
339ms Image
image/png 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/icon-receive-a-refund-directly-from-the-IRS-no-need-to-take-any-action.png
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc38b816ac459d0731b61a0b8eef6cad9fea8e2488c6e05e0ca0f3fd3a217f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Fri, 15 Jul 2022 02:26:58 GMT
server: nginx
etag: "62d0d072-1ef7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7927

GET
H2 200 employee-retention-tax-credit-counseling-03.jpg
ertcadvisors.org/wp-content/uploads/2022/07/ 58 KB
59 KB 341ms
340ms Image
image/jpeg 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/07/employee-retention-tax-credit-counseling-03.jpg
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 33365e6bfe5dd82887b15fe4ad5b93582d27c86dab82451c0a20d828a4b282f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Fri, 15 Jul 2022 02:58:04 GMT
server: nginx
etag: "62d0d7bc-e954"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 59732

GET
H2 200 employee-withholding-tax-credit-2.jpg
ertcadvisors.org/wp-content/uploads/2022/04/ 70 KB
70 KB 336ms
336ms Image
image/jpeg 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/employee-withholding-tax-credit-2.jpg
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/wp-content/et-cache/9/et-core-unified-tb-0-deferred-9.min.css?ver=1664393118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e4e38b28b512c23f41fbdd7574f324a6016acb58f74c06b89ea3f89bd2d77d6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/wp-content/et-cache/9/et-core-unified-tb-0-deferred-9.min.css?ver=1664393118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Fri, 15 Jul 2022 02:22:42 GMT
server: nginx
etag: "62d0cf72-11708"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 71432

GET
H2 200 footer-empleado-retencion-fiscal-credito-asesores.jpg
ertcadvisors.org/wp-content/uploads/2022/04/ 62 KB
63 KB 333ms
332ms Image
image/jpeg 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/footer-empleado-retencion-fiscal-credito-asesores.jpg
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/wp-content/et-cache/9/et-core-unified-tb-0-deferred-9.min.css?ver=1664393118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2a95edaed787d43ca7882a5c279874b1665c908a8088ebd461673f5085c648b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/wp-content/et-cache/9/et-core-unified-tb-0-deferred-9.min.css?ver=1664393118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:32 GMT
last-modified: Fri, 15 Jul 2022 02:22:14 GMT
server: nginx
etag: "62d0cf56-f978"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 63864

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 83ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P59ZZZR51R&gtm=2oea50&_p=849690295&cid=65846236.1665239253&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665239252&sct=1&seg=0&dl=https%3A%2F%2Fertcadvisors.org%2F&dt=Home%20-%20ERTC%20Advisors&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P59ZZZR51R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ertcadvisors.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 70ms
24ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 06:35:27 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 72ms
28ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=849690295&t=pageview&_s=1&dl=https%3A%2F%2Fertcadvisors.org%2F&ul=en-us&de=UTF-8&dt=Home%20-%20ERTC%20Advisors&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=623697768&gjid=174834457&cid=65846236.1665239253&tid=UA-231854907-1&_gid=587590444.1665239253&_r=1&gtm=2wga50WL5TFVD&z=2032439118

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ertcadvisors.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ertcadvisors.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 70ms
29ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=849690295&t=pageview&_s=1&dl=https%3A%2F%2Fertcadvisors.org%2F&ul=en-us&de=UTF-8&dt=Home%20-%20ERTC%20Advisors&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1815570330&gjid=1762735854&cid=65846236.1665239253&tid=UA-221292007-4&_gid=587590444.1665239253&_r=1&gtm=2wga50K29WS35&z=1856815317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ertcadvisors.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ertcadvisors.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 39ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8H0RK5XPX2&gtm=2oea50&_p=849690295&cid=65846236.1665239253&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665239252&sct=1&seg=0&dl=https%3A%2F%2Fertcadvisors.org%2F&dt=Home%20-%20ERTC%20Advisors&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8H0RK5XPX2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ertcadvisors.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10896600823/ 2 KB
1 KB 132ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10896600823/?random=1665239252971&cv=9&fst=1665239252971&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fertcadvisors.org%2F&tiba=Home%20-%20ERTC%20Advisors&auid=853005475.1665239253&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ab4b042cff56d86534fb9cd8fc28cb86160aff72f07675ac4b14637c7b7716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1013
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10860729696/ 2 KB
2 KB 102ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10860729696/?random=1665239252974&cv=9&fst=1665239252974&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fertcadvisors.org%2F&tiba=Home%20-%20ERTC%20Advisors&auid=853005475.1665239253&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d06bfd53ce65609202ae9c817545c47462fe3374c0f4c1acc50cc33ea0451f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 496202298804018 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 124ms
84ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/496202298804018?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17d6dd7b6c423629a6e1395f304dc97b688a83088dd17125fe32f01fdba7160e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Oct 2022 14:27:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SOHALyU2TUODzSccpd1OjaCDfjU4I9jIGz1wsqyGR33uZ0kMQWEsnmZI8iJrMntJ5nMJWnJU9AdMABByZ4FQKw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 343000022.js Show response
bat.bing.com/p/action/ 0
118 B 146ms
145ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343000022.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 08 Oct 2022 14:27:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 510C7CF21C0F45099939693829E17BF9 Ref B: FRA31EDGE0119 Ref C: 2022-10-08T14:27:33Z
x-cache: CONFIG_NOCACHE

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 96ms
31ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-221292007-4&cid=65846236.1665239253&jid=1815570330&gjid=1762735854&_gid=587590444.1665239253&_u=YADAAEABAAAAACAAI~&z=2046530297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e8e0475582ab3e866b093f14c52982006a8112d6a2833b0cd999cb8368b0f50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ertcadvisors.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 08 Oct 2022 14:27:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ertcadvisors.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/10896600823/wcm?cc=ZZ&dn=8002229000&cl=bxZOCI6AqsUDEPfd88so&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8002229000&cl=bxZOCI6AqsUDEPfd88so

80 B
565 B

102ms
32ms

XHR
application/json

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8002229000&cl=bxZOCI6AqsUDEPfd88so

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

date: Sat, 08 Oct 2022 14:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8002229000&cl=bxZOCI6AqsUDEPfd88so
access-control-allow-origin: https://ertcadvisors.org
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/10860729696/ 42 B
548 B 104ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10860729696/?random=1665239252974&cv=9&fst=1665237600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fertcadvisors.org%2F&tiba=Home%20-%20ERTC%20Advisors&async=1&fmt=3&is_vtc=1&random=2165781009&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.sk/pagead/1p-user-list/10860729696/ 42 B
108 B 102ms
33ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.sk/pagead/1p-user-list/10860729696/?random=1665239252974&cv=9&fst=1665237600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fertcadvisors.org%2F&tiba=Home%20-%20ERTC%20Advisors&async=1&fmt=3&is_vtc=1&random=2165781009&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 100ms
45ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-221292007-4&cid=65846236.1665239253&jid=1815570330&_u=YADAAEABAAAAACAAI~&z=162423858

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.sk/ads/ 42 B
107 B 97ms
43ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.sk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-221292007-4&cid=65846236.1665239253&jid=1815570330&_u=YADAAEABAAAAACAAI~&z=162423858

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10896600823/ 42 B
108 B 76ms
35ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10896600823/?random=1665239252971&cv=9&fst=1665237600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fertcadvisors.org%2F&tiba=Home%20-%20ERTC%20Advisors&async=1&fmt=3&is_vtc=1&random=2256202835&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.sk/pagead/1p-user-list/10896600823/ 42 B
548 B 73ms
33ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.sk/pagead/1p-user-list/10896600823/?random=1665239252971&cv=9&fst=1665237600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fertcadvisors.org%2F&tiba=Home%20-%20ERTC%20Advisors&async=1&fmt=3&is_vtc=1&random=2256202835&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:27:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 139ms
139ms Script
application/javascript 184.86.103.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCH55G3C77U3SM0S1MF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-7.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id: 107e1531.264f2dd4
date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 112,184.86.102.7
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=13, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20221008142733772CFAB80BFAEEFDD4BD
x-cache-remote: TCP_MISS from a23-48-215-47.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.48.215.47
x-tt-trace-host: 0162cc7c110e0d51de27a0ff1acaae247d003f42c6dbcb75d1346de88e6aba2543b3e852d03eca862a86b6b13f5881dcfee5472c03d67b9b0e0e0c7fc8c1698e3b15f9504dc79a4fd84350d258faaf23a66626a03a605e980822934d52e13a9372
expires: Sat, 08 Oct 2022 14:27:33 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 176ms
176ms Script
application/javascript 184.86.103.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CCH55G3C77U3SM0S1MF0&hostname=ertcadvisors.org
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCH55G3C77U3SM0S1MF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-7.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ef5727815875914867d9c771e43f51a71c358c27f5eeef9f68f277be3b3e2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id: 51da4764.264f2e64
date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 121,184.86.102.7
server-timing: cdn-cache; desc=MISS, edge; dur=131, origin; dur=5, inner; dur=2
content-length: 19615
pragma: no-cache
server: nginx
x-tt-logid: 20221008142733237CE67910A4400E4379
x-cache-remote: TCP_MISS from a23-32-16-81.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.32.16.81
x-tt-trace-host: 0162cc7c110e0d51de27a0ff1acaae247d003f42c6dbcb75d1346de88e6aba25438346f09e256624c616fcc3af1782b3a0c56b147dada7c3de4901a091337f2c90d97d4fc6b715065a1cf88ce29217139b82304e03b555026f9c5ccaa8335b93ba
expires: Sat, 08 Oct 2022 14:27:33 GMT

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/10860729696/wcm?cc=ZZ&dn=8882991680&cl=TpyZCIT3prwDEOCq5roo&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8882991680&cl=TpyZCIT3prwDEOCq5roo

80 B
111 B

76ms
30ms

XHR
application/json

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8882991680&cl=TpyZCIT3prwDEOCq5roo

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

date: Sat, 08 Oct 2022 14:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8882991680&cl=TpyZCIT3prwDEOCq5roo
access-control-allow-origin: https://ertcadvisors.org
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 68ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=496202298804018&ev=PageView&dl=https%3A%2F%2Fertcadvisors.org%2F&rl=&if=false&ts=1665239253246&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665239253245.1605429713&it=1665239252988&coo=false&rqm=GET

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Oct 2022 14:27:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 gadget.js Show response
app.conversiobot.com/lib/js/ 111 KB
37 KB 97ms
36ms Script
application/javascript 2606:4700:3034::6815:4f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.conversiobot.com/lib/js/gadget.js
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 361e6ad6bbb3b1e7b0d2d95bd52afcc814bcd3d4e315a03bc4c9a8ef28c62e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410444
cf-polished: origSize=125560
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 03 May 2022 05:58:01 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtm3NGrgBYTHfAEdW%2FPNR8pD75RrHwTdkHc2NHHYRIchNkVw0TxDOqATPRDWsHxBEnr%2F01glQDxjjOJ550%2FXiTsuVCbp3bj0vaSFn4A0JBdC6jNI%2BNJEA%2BsmtFn5UMrnNUNOM8g7KqIx55ToV%2BTf1t6fpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 756f8ed59f12918e-FRA
expires: Wed, 02 Nov 2022 20:26:49 GMT

GET
H2 204 0
bat.bing.com/action/ 0
177 B 45ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343000022&tm=gtm002&Ver=2&mid=e7cb15a1-5a7a-47d6-b41c-805f2ec2637a&sid=591b8910471511eda10fc1f904d6d07c&vid=591b7bb0471511eda9021fb3f4aca84c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20-%20ERTC%20Advisors&p=https%3A%2F%2Fertcadvisors.org%2F&r=&lt=1928&evt=pageLoad&sv=1&rn=321583

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Oct 2022 14:27:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B9EAC9CE963C48C68FE030A94FFF1340 Ref B: FRA31EDGE0119 Ref C: 2022-10-08T14:27:33Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/10860729696/wcm?cc=ZZ&dn=8002229000&cl=Xhu_CIqDlcQDEOCq5roo&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8002229000&cl=Xhu_CIqDlcQDEOCq5roo

80 B
111 B

32ms
32ms

XHR
application/json

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8002229000&cl=Xhu_CIqDlcQDEOCq5roo

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

date: Sat, 08 Oct 2022 14:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8002229000&cl=Xhu_CIqDlcQDEOCq5roo
access-control-allow-origin: https://ertcadvisors.org
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
15 KB 80ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: app.conversiobot.com
URL: https://app.conversiobot.com/lib/js/gadget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 387047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15508
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81drPbXpJ5AyeqbM%2FXq8pR1XUOdMA%2BUZJ%2B0UufUXvIdy79VMFHRZxVLP%2Ba584PpP2ATQ4W1RRsBJ7c4hgJ%2BAP6qGGQFihjugF3lgAkSDglhH%2Fl5DOjDjyfS9SAzFxsLgAnWO3Q%2FLftcgTBQOWxKu4Qgo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 756f8ed66f82694c-FRA
expires: Thu, 28 Sep 2023 14:27:33 GMT

GET
H2 200 moment-timezone-with-data-1970-2030.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/ 137 KB
17 KB 78ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js

Requested by

Host: app.conversiobot.com
URL: https://app.conversiobot.com/lib/js/gadget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1bf4661317a1c9154c95b655a2bd4e3b9e06ba79e451dcbb62f557d47858412

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1349979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16247
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-224f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ju66CWLS2bAn%2F2hearKVI7Lv6aDffGHOOa7M%2FaOs3wvm0%2By1LUAGtfZkPIgPWkZVEbZRjThlSCLmMOCbR4Q7duxRbpQ8wjMfw7A9E1im2VpGB%2FiWijybxr6aZzllnCTtIZe7aju%2BtX7vwkpv561HO0TB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 756f8ed66f88694c-FRA
expires: Thu, 28 Sep 2023 14:27:33 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
687 B 145ms
144ms Ping
application/octet-stream 184.86.103.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCH55G3C77U3SM0S1MF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-7.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ertcadvisors.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b6a358d.264f3152
date: Sat, 08 Oct 2022 14:27:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 111,184.86.102.7
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=22, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221008142733CC0C8E053250790F4E98
x-cache-remote: TCP_MISS from a23-48-215-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.48.215.13
x-tt-trace-host: 0162cc7c110e0d51de27a0ff1acaae247d003f42c6dbcb75d1346de88e6aba254354a9b64df8dd40b0952602b8f7be468e0ca3a1b358bb2a49d04addfec632e6f6e017388c4fb22344fff7a3389f9466fcd7818f8096bc27567aa34e2b13e174c8
expires: Sat, 08 Oct 2022 14:27:33 GMT

GET
H2 200 HOTYql Show response
conversiobotapp.com/get_chatbot_info/ 3 KB
2 KB 1027ms
963ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversiobotapp.com/get_chatbot_info/HOTYql
Requested by: Host: app.conversiobot.com
URL: https://app.conversiobot.com/lib/js/gadget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bf26833ec7994609da49be8d98934c88ec4aab96703d0a0b6dde0ce800a2e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35dDdB0cxo00m9AVkvTf2mQl6m8twz34VHJhU5nGydwcsRUEq1CE3o8MiEgo%2FuGuLOzCDtD%2FlaCkE8WI1W0MMHxnFdiE5bD1juL9BQCI%2Fzy5TSdxA%2BHKj8oJyCgB1CzOH%2FM6Y%2FFIhvm6aBbrEcf2htfZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, max-age=172800
cf-ray: 756f8ed738fb9125-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 14:27:33 GMT

GET
H2 200 Lake-Law-DIGITAL-RGB_Horizontal-Logo-White-1.png
ertcadvisors.org/wp-content/uploads/2022/04/ 48 KB
49 KB 181ms
181ms Image
image/png 35.185.208.177
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ertcadvisors.org/wp-content/uploads/2022/04/Lake-Law-DIGITAL-RGB_Horizontal-Logo-White-1.png
Requested by: Host: ertcadvisors.org
URL: https://ertcadvisors.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.208.177 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 177.208.185.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ac6c8effe311e818509511e7429107e085e1765ee3cbb18fc487fc0ecf84bca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:33 GMT
last-modified: Mon, 25 Apr 2022 21:23:10 GMT
server: nginx
etag: "6267113e-c1b4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49588

POST
H3 200 / Show response
www.facebook.com/tr/ Frame AD6A 0
18 B 47ms
22ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ertcadvisors.org
Referer: https://ertcadvisors.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ertcadvisors.org
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 14:27:33 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 88ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: ertcadvisors.org
URL: https://ertcadvisors.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Oct 2022 14:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 14:22:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Oct 2022 14:27:34 GMT

GET
H/1.1 200
OK 01.png
conv-avatar.s3.amazonaws.com/avatars/ 24 KB
24 KB 448ms
168ms Image
image/png 52.217.99.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conv-avatar.s3.amazonaws.com/avatars/01.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.99.236 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 91ebc53e96de7c385b9832d8ef0daba74dca324d5e67ca9b48c8fed12a8de7b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sat, 08 Oct 2022 14:27:35 GMT
Last-Modified: Wed, 30 Sep 2020 12:16:20 GMT
Server: AmazonS3
x-amz-request-id: 0KXZMMVPAJZ2SG3Z
ETag: "d19fa2f22a39a01a60a8fb61bbc0fdb1"
x-amz-meta-sha256: 91ebc53e96de7c385b9832d8ef0daba74dca324d5e67ca9b48c8fed12a8de7b7
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 24152
x-amz-id-2: FtlPT9DzfmvHWPThzV8zLD9vQN+fNBa6gC6qUD1bHb8KeI4DZy+aYUcuXzHKmZmvmDj0F03TSX8=
x-amz-meta-s3b-last-modified: 20190124T164416Z

GET
H3 200 close-icon.png
conversiobotapp.com/lib/img/ 726 B
1 KB 64ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conversiobotapp.com/lib/img/close-icon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 477b3f846948499914997f18e6024bd6c6fa61d7c8f7b74e1acac7564533e950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ertcadvisors.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:27:34 GMT
cf-cache-status: HIT
last-modified: Thu, 28 Apr 2022 05:48:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1678011
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBf6R3TJsec1%2FH%2F7vG7fOTBY1GR%2Fmw638bSawg2tprVZUr9ZceZhZn8JVREuLSggx5z5UtaUFRsyV2cOEEzXpmzIWmY%2F0SAMp0SGZbHyxKn183yY6Iasj7cFb62zfvzhrTgcFdxo%2BbZ3XiYQgcb728f%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 756f8edd88e9bb55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 726
expires: Wed, 19 Oct 2022 04:20:43 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
12 KB 68ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcadvisors.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 03:53:07 GMT
x-content-type-options: nosniff
age: 210870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 03:53:07 GMT

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ertcadvisors.org/	1970-01-20 08:43:35	Name: _gcl_au Value: 1.1.853005475.1665239253
.ertcadvisors.org/	1970-01-20 16:09:59	Name: _ga_P59ZZZR51R Value: GS1.1.1665239252.1.0.1665239252.0.0.0
.bing.com/	1970-01-20 15:55:35	Name: MUID Value: 3213047B199C66241A9D164C18306794
.ertcadvisors.org/	1970-01-20 06:35:25	Name: _gid Value: GA1.2.587590444.1665239253
.ertcadvisors.org/	1970-01-20 06:33:59	Name: _gat_UA-231854907-1 Value: 1
.ertcadvisors.org/	1970-01-20 06:33:59	Name: _gat_UA-221292007-4 Value: 1
.ertcadvisors.org/	1970-01-20 16:09:59	Name: _ga_8H0RK5XPX2 Value: GS1.1.1665239252.1.0.1665239252.0.0.0
.ertcadvisors.org/	1970-01-20 16:09:59	Name: _ga Value: GA1.1.65846236.1665239253
.doubleclick.net/	1970-01-20 06:34:00	Name: test_cookie Value: CheckForPermission
.ertcadvisors.org/	1970-01-20 08:43:35	Name: _fbp Value: fb.1.1665239253245.1605429713
.ertcadvisors.org/	1970-01-20 06:35:25	Name: _uetsid Value: 591b8910471511eda10fc1f904d6d07c
.ertcadvisors.org/	1970-01-20 15:55:35	Name: _uetvid Value: 591b7bb0471511eda9021fb3f4aca84c
.tiktok.com/	1970-01-20 15:55:35	Name: _ttp Value: 2Fr9IEGO8XVrp686yrsxgp8dwRJ
.ertcadvisors.org/	1970-01-20 15:55:35	Name: _tt_enable_cookie Value: 1
.ertcadvisors.org/	1970-01-20 15:55:35	Name: _ttp Value: 29121a52-4fa5-4a48-8d2d-75e7733f6d8e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
app.conversiobot.com
bat.bing.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
conv-avatar.s3.amazonaws.com
conversiobotapp.com
coviderctaxrefund.com
ertcadvisors.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.sk
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.185.66
15.197.142.173
184.86.103.7
2001:4860:4802:34::36
2606:4700:3034::6815:4f51
2606:4700::6810:5614
2606:4700::6811:180e
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9a
2a03:2880:f01f:6:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
35.185.208.177
52.217.99.236
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05e27154406fa5431615925b2ca4dfdf2c6367f155753704af7de37cfa170404
072208a64423c7113f8a765bc48a87062643b281dbf0f14b325b8f84a8f998d3
17d6dd7b6c423629a6e1395f304dc97b688a83088dd17125fe32f01fdba7160e
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
2a95edaed787d43ca7882a5c279874b1665c908a8088ebd461673f5085c648b4
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
312bedd36bc86df514cf884bde6a7e23d945b1e5741234f92d5b3922d2c7113a
33365e6bfe5dd82887b15fe4ad5b93582d27c86dab82451c0a20d828a4b282f2
361e6ad6bbb3b1e7b0d2d95bd52afcc814bcd3d4e315a03bc4c9a8ef28c62e60
3bf26833ec7994609da49be8d98934c88ec4aab96703d0a0b6dde0ce800a2e3c
43cda6dd6ac965917643fb54242a4dede895ed5fa5e3560c227e56a224ecf68b
477b3f846948499914997f18e6024bd6c6fa61d7c8f7b74e1acac7564533e950
4994f72e2987265764901d2689cddee6bfbb51e4e0e5e4826532152dcf79e8b7
4b233da785e1311a22affeb05fa67b9b617d3e21b4cbd1907eef7320c77e34c3
543abcc9b648e8163b776c15632a566251717566a4d724f9939bef59399eefc4
5ef5727815875914867d9c771e43f51a71c358c27f5eeef9f68f277be3b3e2a4
63ab4b042cff56d86534fb9cd8fc28cb86160aff72f07675ac4b14637c7b7716
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd8bc32f3989f523c2e2a06650df148d412192b50de51b4afd68ae8f07c82fb
74df562dd07af9ff97a1ad34837b4fcf5c643fde9341c9f21dc0d74e10d373f4
80d683d34571cf66d4f0a1ff3bee584f6bded9a66e449de2b82d3b643303b097
8b5279f25f580fee03b30d20033a90176ff88b84c36041abb48eb2d3dffee0be
91ebc53e96de7c385b9832d8ef0daba74dca324d5e67ca9b48c8fed12a8de7b7
9a57722f1b63611971fda47ee19090160f3c11b21405e65327bf6d1a4a6891cd
9d9ced25d5a2f99bd42704c9da790bc6108a368fb9dcf6bd4b1247a1cdc22024
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1bf4661317a1c9154c95b655a2bd4e3b9e06ba79e451dcbb62f557d47858412
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a66647beb5d255e39b958d1dc3496efdad0416d4fb34c6a44932db9e435b5c50
ac6c8effe311e818509511e7429107e085e1765ee3cbb18fc487fc0ecf84bca5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b570a634bf866fc371ada9f3a2188900699198ba49f30fc4047727d9622dd7df
b992e2e8023319d738a24cf10854cc27fc9c6ecdd88a27b1a77aa03e7942fa37
b9fadd6758e6c09f09030d41e17d580635a6a8ad31204249dcc407ad20c1c70b
bc38b816ac459d0731b61a0b8eef6cad9fea8e2488c6e05e0ca0f3fd3a217f00
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0ba9e868abe3eb4d80c8442b3690f8cd4abda0b934ad3cbdbde7750cff96f13
c8c60aa7cdad02e1279bea037fa7b55c18828b25ec6207a00c7f15195c71e27f
ce5112a23a2d4bfe76fec1db6b9a18f022f940b35219fe6bc203a1267fb479f6
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dd613bc053a3b0b0877753352f1c4a5628165afeccfd4cf107727e5874f8aa2b
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e38b28b512c23f41fbdd7574f324a6016acb58f74c06b89ea3f89bd2d77d6d
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8e0475582ab3e866b093f14c52982006a8112d6a2833b0cd999cb8368b0f50d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d06bfd53ce65609202ae9c817545c47462fe3374c0f4c1acc50cc33ea0451f
f402044f988fcdbce2ef4b79e59542eafdea3e4a6f9a6488c5446b39386b07a0
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

ertcadvisors.org Open in urlscan Pro 35.185.208.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

96 %HTTPS

78 %IPv6

20 Domains

23 Subdomains

22 IPs

4 Countries

1583 kBTransfer

3558 kBSize

15 Cookies

1 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ertcadvisors.org Open in urlscan Pro
35.185.208.177 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

96 %
HTTPS

78 %
IPv6

20
Domains

23
Subdomains

22
IPs

4
Countries

1583 kB
Transfer

3558 kB
Size

15
Cookies

73 HTTP transactions
0 data transactions