www.empirecrm.clockin.site Open in urlscan Pro
2600:4c00:300:89::34d  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.empirecrm.clockin.site/	43 KB 13 KB	1856ms 1400ms	Document text/html	2600:4c00:300:89::34d PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:4c00:300:89::34d , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS Software LiteSpeed / Resource Hash fcbcb45ca9110a502d837425944dbac5aa0b3e2ee37f3bbc3ec3ee597e5ffc6d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-cache, private content-encoding br content-length 11873 content-type text/html; charset=UTF-8 date Sat, 15 Jun 2024 06:04:12 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 25 KB	144ms 39ms	Stylesheet text/css	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Origin https://www.empirecrm.clockin.site Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 15 Jun 2024 06:04:12 GMT x-content-type-options nosniff content-encoding br age 865366 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 25360 x-served-by cache-fra-eddf8230097-FRA, cache-cph2320040-CPH x-jsd-version-type version etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap-icons.min.css cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/	84 KB 13 KB	145ms 40ms	Stylesheet text/css	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 483e1bf6ead25d54b37456cf0e51ea0220d9de03ef6ba2a2d8c3f34a4bc34c17 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 15 Jun 2024 06:04:12 GMT x-content-type-options nosniff content-encoding br age 10030667 x-jsd-version 1.11.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 13301 x-served-by cache-fra-eddf8230114-FRA, cache-cph2320033-CPH x-jsd-version-type version etag W/"14f73-wWZNzb4R2mi5w7Y2OzwjrENE1No" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/	100 KB 19 KB	110ms 51ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://www.empirecrm.clockin.site Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1162943 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 18861 last-modified Fri, 01 Dec 2023 00:32:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65692999-49ad" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lhdF3tjm19%2Fg%2FDB2sUykAz1FNz%2BX1U2Kor4VteO8H9FmYFd7UN9wNw7EUBu%2BaptIs96jcMn6w1RqjZ1FfHjL%2FRuhxztmGWJi%2Bw0cE4vD8DjTa9aB5Eq3JYUriycCjB2zmBKeMup"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 89405c847d4f9f46-FRA expires Thu, 05 Jun 2025 06:04:12 GMT
GET H3	200	swiper.min.css cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.1/css/	17 KB 3 KB	112ms 54ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.1/css/swiper.min.css Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c9917ae6f29de0ba5c6606ea4d7bae6a7072f6b08fc90ddf9cfc09027b07ee Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 192848 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2439 last-modified Mon, 04 May 2020 16:04:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03cf2-4562" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DR6HwzhtKnUsP7EkU1pQiAZ%2Fn0TLcVEdI8j%2BPytgMGyXAuojjX%2F6OpJJp7Vzs%2Br2Bd6GvkXMUpyAvF%2F%2Buohfwhvb%2FSzr%2BOdQI7GfsWRnmq0FS6k%2BZAuS8KvU7tXmEZh1BxZ1eej"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 89405c847e5d36dc-FRA expires Thu, 05 Jun 2025 06:04:12 GMT
GET H3	200	swiper.min.js Show response cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.1/js/	95 KB 21 KB	112ms 56ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.1/js/swiper.min.js Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00792ef04b29d7cbd5110cea7e934b63b774145c63defbc66d3df9bd1023ff63 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 308109 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 20403 last-modified Mon, 04 May 2020 16:04:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03cf2-17a3a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aneLNmmxP%2FrMG7ctfRD6s8b03bO5iP1%2BnD%2BPtB0PAYJdToDsm5Xlc%2BK5WRcI8QWdsKSv20z0l7IGJB0mbwFunsQg34cXPNWYQWt4AaX3BdSStQQkGoUMIRbqzGIPjx427JQzH2Vm"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 89405c847e6036dc-FRA expires Thu, 05 Jun 2025 06:04:12 GMT
GET H2	200	style.css www.empirecrm.clockin.site/assets/front_assets/css/	51 KB 8 KB	178ms 166ms	Stylesheet text/css	2600:4c00:300:89::34d PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://www.empirecrm.clockin.site/assets/front_assets/css/style.css?v=0.0.5 Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:4c00:300:89::34d , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS Software LiteSpeed / Resource Hash 9fd3b32ab48735a2f6e8bb3b830ea616e1bff1d1ab770c4228b893ff26557789 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:12 GMT content-encoding br last-modified Mon, 10 Jun 2024 19:24:58 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 8614 expires Sat, 22 Jun 2024 06:04:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	322 KB 106 KB	170ms 74ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-S0CX0Z03RD Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a77a6df1531686b4fb35d954eb1e441c2ece67a73b2f4c991a490bd338276b9f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108479 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 15 Jun 2024 06:04:13 GMT
GET H2	200	logo-white-v2.png www.empirecrm.clockin.site/assets/front_assets/img/	8 KB 8 KB	176ms 169ms	Image image/png	2600:4c00:300:89::34d PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://www.empirecrm.clockin.site/assets/front_assets/img/logo-white-v2.png Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:4c00:300:89::34d , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS Software LiteSpeed / Resource Hash 6aeb17f9619398626e433ffea36ea23119926e55a0dd5dbdb8ff858daf368b51 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:12 GMT last-modified Mon, 15 Jan 2024 21:53:10 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 8510 expires Sat, 22 Jun 2024 06:04:12 GMT
GET H2	200	winner-award-01.jpg www.empirecrm.clockin.site/assets/front_assets/img/	560 KB 561 KB	172ms 165ms	Image image/jpeg	2600:4c00:300:89::34d PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://www.empirecrm.clockin.site/assets/front_assets/img/winner-award-01.jpg Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:4c00:300:89::34d , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS Software LiteSpeed / Resource Hash 525f71a2c9d270921f9f4f18e8030f33ba9f87509bc4a4f147b34ae7b5ca77c2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:12 GMT last-modified Thu, 22 Feb 2024 01:33:52 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 573883 expires Sat, 22 Jun 2024 06:04:12 GMT
GET H3	200	logo-white-lg.png www.empirecrm.clockin.site/assets/front_assets/img/	4 KB 4 KB	148ms 148ms	Image image/png	170.249.236.196 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://www.empirecrm.clockin.site/assets/front_assets/img/logo-white-lg.png Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 170.249.236.196 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS cp21-ga.privatesystems.net Software LiteSpeed / Resource Hash 8f321f53bc97aa50e61b2c2cbe69b4862aa7b963078b038f56c013d70fe8c003 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:13 GMT last-modified Mon, 15 Jan 2024 21:53:10 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 3682 expires Sat, 22 Jun 2024 06:04:13 GMT
GET H2	200	lozad.min.js Show response cdn.jsdelivr.net/npm/lozad/dist/	3 KB 1 KB	43ms 39ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 15 Jun 2024 06:04:13 GMT x-content-type-options nosniff content-encoding br age 11791 x-jsd-version 1.16.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1295 x-served-by cache-fra-eddf8230052-FRA, cache-cph2320033-CPH x-jsd-version-type version etag W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/	77 KB 24 KB	41ms 39ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Origin https://www.empirecrm.clockin.site Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 15 Jun 2024 06:04:13 GMT x-content-type-options nosniff content-encoding br age 4646035 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 23943 x-served-by cache-fra-eddf8230080-FRA, cache-cph2320040-CPH x-jsd-version-type version etag W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	script.js Show response www.empirecrm.clockin.site/assets/front_assets/js/	748 B 384 B	171ms 170ms	Script text/javascript	170.249.236.196 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://www.empirecrm.clockin.site/assets/front_assets/js/script.js Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 170.249.236.196 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS cp21-ga.privatesystems.net Software LiteSpeed / Resource Hash 16d5fb173744798ed340a122001f3498cadcf2f8296cc7adf9a171c3cf19dc5d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:13 GMT content-encoding br last-modified Mon, 15 Jan 2024 21:53:12 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 314
GET H2	200	embed.min.js Show response d2mpatx37cqexb.cloudfront.net/delightchat-whatsapp-widget/embeds/	9 KB 3 KB	134ms 39ms	Script application/javascript	2600:9000:2251:2c00:b:8e51:83c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2mpatx37cqexb.cloudfront.net/delightchat-whatsapp-widget/embeds/embed.min.js Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:2c00:b:8e51:83c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c8e22a99300a81f70d056d4613860c510931a58b64c6050f29b16e706144a1f7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 05:21:04 GMT content-encoding gzip via 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront) last-modified Mon, 29 Apr 2024 11:13:39 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 age 4281 x-amz-server-side-encryption AES256 etag W/"1f6f07a01d1e4bf158ce3ece75016dc1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id _7Ri5Xfkw3aDUZpqpcjSOaww02oLlnKeAwrWgvv6VaQiBvj1FRVIAA==
GET DATA	200 OK	truncated /	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	bootstrap-icons.woff2 cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/fonts/	128 KB 128 KB	43ms 41ms	Font font/woff2	151.101.129.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5b2dd4d4f81cd1f52a50b0833ea12c8f63f2c4ae4d2c5a799fcc741feb2ea40f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css Origin https://www.empirecrm.clockin.site Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 15 Jun 2024 06:04:13 GMT x-content-type-options nosniff age 2149671 x-jsd-version 1.11.2 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 130648 x-served-by cache-fra-etou8220128-FRA x-jsd-version-type version etag W/"1fe58-nZX2/jVUC2AihMnyv6Z9K0ZESPc" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	OptimaNovaLTPro-Regular.otf www.empirecrm.clockin.site/assets/front_assets/fonts/	97 KB 54 KB	163ms 161ms	Font font/otf	170.249.236.196 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://www.empirecrm.clockin.site/assets/front_assets/fonts/OptimaNovaLTPro-Regular.otf Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/assets/front_assets/css/style.css?v=0.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 170.249.236.196 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS cp21-ga.privatesystems.net Software LiteSpeed / Resource Hash 61b81ac4e271041d472fc0fc2870ee9a6f2c4c3ec56af543c5137d07159b42cf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/assets/front_assets/css/style.css?v=0.0.5 Origin https://www.empirecrm.clockin.site Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:13 GMT content-encoding br last-modified Mon, 15 Jan 2024 21:53:10 GMT server LiteSpeed vary Accept-Encoding content-type font/otf accept-ranges bytes content-length 55066
GET H3	200	GardenaHolmesScript.otf www.empirecrm.clockin.site/assets/front_assets/fonts/	45 KB 36 KB	324ms 322ms	Font font/otf	170.249.236.196 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://www.empirecrm.clockin.site/assets/front_assets/fonts/GardenaHolmesScript.otf Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/assets/front_assets/css/style.css?v=0.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 170.249.236.196 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS cp21-ga.privatesystems.net Software LiteSpeed / Resource Hash 10d5975ac1afa2a6602bba6a78f4204ae27b5972b68e866c0d0c83d5618dbae6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/assets/front_assets/css/style.css?v=0.0.5 Origin https://www.empirecrm.clockin.site Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:13 GMT content-encoding br last-modified Mon, 15 Jan 2024 21:53:10 GMT server LiteSpeed vary Accept-Encoding content-type font/otf accept-ranges bytes content-length 36276
GET H3	200	fa-solid-900.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/	153 KB 153 KB	56ms 55ms	Font application/octet-stream	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css Origin https://www.empirecrm.clockin.site Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:13 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 128829 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 156496 last-modified Fri, 01 Dec 2023 00:32:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65692999-26350" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDzD6tz8wQdcEBB8%2FxA0GKKakirPlD3jwnSx87Y6S8l64idq8uUTJ0FzA1fYW4kpfFb64dSfMLxYxf8q5KnUjWx728RSkyNeSZ2JeYTz08DlbmtVBNa08CPXXEP0V6KnWd1KtDNA"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 89405c861f209f46-FRA expires Thu, 05 Jun 2025 06:04:13 GMT
GET DATA	200 OK	truncated /	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	515 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	404	home_page_video_cmp.jpg www.empirecrm.clockin.site/assets/front_assets/videos/	1 KB 1 KB	236ms 235ms	Image text/html	170.249.236.196 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://www.empirecrm.clockin.site/assets/front_assets/videos/home_page_video_cmp.jpg Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 170.249.236.196 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS cp21-ga.privatesystems.net Software LiteSpeed / Resource Hash 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 06:04:13 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1251 content-type text/html
GET H3	200	showcase.png www.empirecrm.clockin.site/assets/front_assets/img/	13 KB 13 KB	236ms 235ms	Image image/png	170.249.236.196 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://www.empirecrm.clockin.site/assets/front_assets/img/showcase.png Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 170.249.236.196 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS cp21-ga.privatesystems.net Software LiteSpeed / Resource Hash e60ee59e140a4fb256f4d308c42fc4b3342f8f76d69f62db9b1ff47a4ccbe82a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:13 GMT last-modified Mon, 15 Jan 2024 21:53:12 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 13722 expires Sat, 22 Jun 2024 06:04:13 GMT
GET H3	404	home_page_cmp_v2.mp4 www.empirecrm.clockin.site/assets/front_assets/videos/	1 KB 1 KB	227ms 217ms	Media text/html	170.249.236.196 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://www.empirecrm.clockin.site/assets/front_assets/videos/home_page_cmp_v2.mp4 Requested by Host: www.empirecrm.clockin.site URL: https://www.empirecrm.clockin.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 170.249.236.196 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS cp21-ga.privatesystems.net Software LiteSpeed / Resource Hash 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Referer https://www.empirecrm.clockin.site/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 06:04:13 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1251 content-type text/html
POST H2	204	collect region1.google-analytics.com/g/	0 262 B	148ms 57ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-S0CX0Z03RD&gtm=45je46c0v9136156477za200&_p=1718431452991&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=561373711.1718431453&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718431453&sct=1&seg=0&dl=https%3A%2F%2Fwww.empirecrm.clockin.site%2F&dt=Luxury%20Real%20Estate%20Developer%2C%20Empire%20Developments%2C%20Dubai%2C%20UAE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2445 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S0CX0Z03RD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 15 Jun 2024 06:04:13 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.empirecrm.clockin.site cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	embed.min.css d2mpatx37cqexb.cloudfront.net/delightchat-whatsapp-widget/embeds/	2 KB 1 KB	38ms 38ms	Stylesheet text/css	2600:9000:2251:2c00:b:8e51:83c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2mpatx37cqexb.cloudfront.net/delightchat-whatsapp-widget/embeds/embed.min.css Requested by Host: d2mpatx37cqexb.cloudfront.net URL: https://d2mpatx37cqexb.cloudfront.net/delightchat-whatsapp-widget/embeds/embed.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:2c00:b:8e51:83c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b6eef9e7e156f8a4abc75b6d5660ded21d3ba32d027b0aad5f292ef52f4977a3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 05:37:21 GMT content-encoding gzip via 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront) last-modified Mon, 29 Apr 2024 11:13:39 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 age 1612 x-amz-server-side-encryption AES256 etag W/"0513e7b620e275cb3c1fdbbca795f39d" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id wON7GA5cdM9aad6lD4sN-xctBHmGZDWAptJ4T3wAJ5goxKzUVXF7PQ==
GET H3	200	favicon-32x32.png www.empirecrm.clockin.site/assets/images/favicon/	2 KB 2 KB	146ms 146ms	Other image/png	170.249.236.196 PRIVATESYSTEMS
General Check archive.org Show headers Download Go to Full URL https://www.empirecrm.clockin.site/assets/images/favicon/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 170.249.236.196 , United States, ASN63410 (PRIVATESYSTEMS, US), Reverse DNS cp21-ga.privatesystems.net Software LiteSpeed / Resource Hash 185a95bb08a7d8dbacaff0877e50ac45573a513d93531037a1282bb3bbff61b3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.empirecrm.clockin.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 15 Jun 2024 06:04:13 GMT last-modified Mon, 15 Jan 2024 21:53:12 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 1608 expires Sat, 22 Jun 2024 06:04:13 GMT

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| Swiper function| gtag object| dataLayer function| lozad number| uidEvent object| bootstrap object| swiper object| nextBtn object| PrevBtn object| wa_btnSetting function| _waEmbed object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.empirecrm.clockin.site/	1970-01-20 21:20:38	Name: XSRF-TOKEN Value: eyJpdiI6Im0wQmw5QUc5VVJvYTRGeEo2ZXl2S1E9PSIsInZhbHVlIjoiaEV1U0tGQXJ6T0RFWnhjZVkwVDhlWWlyNDRRVFZEVTM4QlZMNW5MQm5oU01jZ2t0d1FEQWVGSVBUY3lDckIzL29tcE9LeFl1UDErRUU4ck9UdVliOEYvT3J5NHBEczZRMUt3ZnZBOThJaHRqOVlDQ1R1Q3dtZEpReVZwWUJLUysiLCJtYWMiOiI3Njg4N2E4Y2Q3NmIzNTU4ZDZiYWRiZWFiOGRhMTU1YWY0ZDQ5NTRkZTQ1Mjk4NzA5ZmJjYjMyODJkNDgzOTdiIiwidGFnIjoiIn0%3D
			www.empirecrm.clockin.site/	1970-01-20 21:20:38	Name: empire_developments_session Value: eyJpdiI6IkIwelZIa2t2VjIwWml5MG1TZ2k2SFE9PSIsInZhbHVlIjoidkw0RFVJUXk2RktncXhabWo4LzZ2L3ptazlKcFloZE5NcUFhaTRnczRKbGo2QW1wSnBFZzBTZXpSQlpQczZuQUJCWjJvQXFwaEh1RGdjanFmRmJKZExsYWJWT1Y1ZUl5RjdLYVF5SXU3b0w3bHd6V2xNM09xOENPSjlYVUVpSDIiLCJtYWMiOiI0MDhmOTlmOTQxMzM4NGZmNzI0NzU3ZmM2ZWEyZDQyZDc5YjQ3MDg3N2I1MTg1OTM0NDVlYThjN2VmZDEwMjcxIiwidGFnIjoiIn0%3D
			.clockin.site/	1970-01-21 06:56:31	Name: _ga_S0CX0Z03RD Value: GS1.1.1718431453.1.0.1718431453.0.0.0
			.clockin.site/	1970-01-21 06:56:31	Name: _ga Value: GA1.1.561373711.1718431453

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.empirecrm.clockin.site/assets/front_assets/videos/home_page_video_cmp.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.empirecrm.clockin.site/assets/front_assets/videos/home_page_cmp_v2.mp4 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
d2mpatx37cqexb.cloudfront.net
region1.google-analytics.com
www.empirecrm.clockin.site
www.googletagmanager.com
104.17.24.14
151.101.129.229
170.249.236.196
2001:4860:4802:34::36
2600:4c00:300:89::34d
2600:9000:2251:2c00:b:8e51:83c0:21
2a00:1450:4001:80e::2008
2a04:4e42::485
00792ef04b29d7cbd5110cea7e934b63b774145c63defbc66d3df9bd1023ff63
10d5975ac1afa2a6602bba6a78f4204ae27b5972b68e866c0d0c83d5618dbae6
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
16d5fb173744798ed340a122001f3498cadcf2f8296cc7adf9a171c3cf19dc5d
185a95bb08a7d8dbacaff0877e50ac45573a513d93531037a1282bb3bbff61b3
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
483e1bf6ead25d54b37456cf0e51ea0220d9de03ef6ba2a2d8c3f34a4bc34c17
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
525f71a2c9d270921f9f4f18e8030f33ba9f87509bc4a4f147b34ae7b5ca77c2
5b2dd4d4f81cd1f52a50b0833ea12c8f63f2c4ae4d2c5a799fcc741feb2ea40f
61b81ac4e271041d472fc0fc2870ee9a6f2c4c3ec56af543c5137d07159b42cf
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6aeb17f9619398626e433ffea36ea23119926e55a0dd5dbdb8ff858daf368b51
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8f321f53bc97aa50e61b2c2cbe69b4862aa7b963078b038f56c013d70fe8c003
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
9fd3b32ab48735a2f6e8bb3b830ea616e1bff1d1ab770c4228b893ff26557789
a77a6df1531686b4fb35d954eb1e441c2ece67a73b2f4c991a490bd338276b9f
b6eef9e7e156f8a4abc75b6d5660ded21d3ba32d027b0aad5f292ef52f4977a3
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c8e22a99300a81f70d056d4613860c510931a58b64c6050f29b16e706144a1f7
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60ee59e140a4fb256f4d308c42fc4b3342f8f76d69f62db9b1ff47a4ccbe82a
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f5c9917ae6f29de0ba5c6606ea4d7bae6a7072f6b08fc90ddf9cfc09027b07ee
fcbcb45ca9110a502d837425944dbac5aa0b3e2ee37f3bbc3ec3ee597e5ffc6d