urlscan.io logo urlscan.io
SecurityTrails logo

www.clientarea.emwd.com Open in urlscan Pro
45.79.213.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.clientarea.emwd.com/
Effective URL: https://www.clientarea.emwd.com/login
Submission: On August 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 45.79.213.78, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is www.clientarea.emwd.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 5th 2021. Valid for: 3 months.
This is the only time www.clientarea.emwd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    45.79.213.78 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: batgirl.emwd.com
www.clientarea.emwd.com
clientarea.emwd.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
ssl.gstatic.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
Domain Requested by
13 www.clientarea.emwd.com 2 redirects www.clientarea.emwd.com
4 clientarea.emwd.com www.clientarea.emwd.com
3 fonts.gstatic.com fonts.googleapis.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 connect.facebook.net www.clientarea.emwd.com
connect.facebook.net
2 apis.google.com www.clientarea.emwd.com
apis.google.com
1 ssl.gstatic.com accounts.google.com
1 fonts.googleapis.com www.clientarea.emwd.com
26 8

This site contains no links.

Subject Issuer Validity Valid
clientarea.emwd.com
cPanel, Inc. Certification Authority		 2021-08-05 -
2021-11-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.clientarea.emwd.com/login
Frame ID: 33BE8BEDDB378EDB716AEB6744CDDA10
Requests: 23 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 5481705C47C4238B7311C8533F8B29C1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - EMWD.com

Page URL History Show full URLs

  1. https://www.clientarea.emwd.com/ HTTP 302
    https://www.clientarea.emwd.com/clientarea.php HTTP 302
    https://www.clientarea.emwd.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i
  • script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i
  • script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

Page Statistics

26
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

8
Subdomains

7
IPs

2
Countries

735 kB
Transfer

1917 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.clientarea.emwd.com/ HTTP 302
    https://www.clientarea.emwd.com/clientarea.php HTTP 302
    https://www.clientarea.emwd.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.clientarea.emwd.com/
Redirect Chain
  • https://www.clientarea.emwd.com/
  • https://www.clientarea.emwd.com/clientarea.php
  • https://www.clientarea.emwd.com/login
31 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
bbd59bd6aa9f4aec31d8ec50ecbabf2f65b888c73b6b756791fa8d0d541071c6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.clientarea.emwd.com
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
vary
Accept-Encoding,User-Agent
content-encoding
br
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-length
5848
content-type
text/html; charset=utf-8

Redirect headers

date
Sun, 22 Aug 2021 09:05:56 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
location
/login
vary
Accept-Encoding,User-Agent
content-encoding
br
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-length
1
content-type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		9 KB
901 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5314e8ddcacfc767e38fe5db9c0b9ae737ace907248f2f1b5e66d549c4a0c606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 Aug 2021 08:25:35 GMT
server
ESF
date
Sun, 22 Aug 2021 09:05:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 Aug 2021 09:05:58 GMT
all.min.css
www.clientarea.emwd.com/templates/six/css/ 		210 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.clientarea.emwd.com/templates/six/css/all.min.css?v=a012d2
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
4b1ed18980ff6794b130b522403755a0045255d6b058176c5fe88f388e6a5c3b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/templates/six/css/all.min.css?v=a012d2
pragma
no-cache
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.clientarea.emwd.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
33686
fontawesome-all.min.css
www.clientarea.emwd.com/assets/css/ 		153 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.clientarea.emwd.com/assets/css/fontawesome-all.min.css
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/css/fontawesome-all.min.css
pragma
no-cache
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.clientarea.emwd.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
27417
custom.css
www.clientarea.emwd.com/templates/six/css/ 		214 B
159 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.clientarea.emwd.com/templates/six/css/custom.css
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
026ec03cb3e46a6224afe430e00a776e37f0d955304d662753f8debb210e2c79
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/templates/six/css/custom.css
pragma
no-cache
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.clientarea.emwd.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
91
scripts.min.js
www.clientarea.emwd.com/templates/six/js/ 		591 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clientarea.emwd.com/templates/six/js/scripts.min.js?v=a012d2
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
5873902248c9f4a206345c97f2aa8f7e22e2cc049a3f35e5d62cc3f94f7ccc01
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/templates/six/js/scripts.min.js?v=a012d2
pragma
no-cache
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.clientarea.emwd.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
slick.css
clientarea.emwd.com/modules/addons/ClientAreaDesigner/templates/clientarea/default/assets/slick/ 		3 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clientarea.emwd.com/modules/addons/ClientAreaDesigner/templates/clientarea/default/assets/slick/slick.css
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
981c114cf5865e3e3e86e8f10a9efad528dcc5b2ce40bca4a4d0bf82105edbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 06:26:26 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
661
slick-theme.css
clientarea.emwd.com/modules/addons/ClientAreaDesigner/templates/clientarea/default/assets/slick/ 		3 KB
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clientarea.emwd.com/modules/addons/ClientAreaDesigner/templates/clientarea/default/assets/slick/slick-theme.css
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 06:26:26 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
767
slick.js
clientarea.emwd.com/modules/addons/ClientAreaDesigner/templates/clientarea/default/assets/slick/ 		86 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.emwd.com/modules/addons/ClientAreaDesigner/templates/clientarea/default/assets/slick/slick.js
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 06:26:26 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
14744
main.js
clientarea.emwd.com/modules/addons/ClientAreaDesigner/templates/clientarea/default/assets/js/ 		73 B
139 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.emwd.com/modules/addons/ClientAreaDesigner/templates/clientarea/default/assets/js/main.js
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
cc5e2de1e00688e2f41be382ecc9d759785213bbe2cc9cc3d8d07272dd22e147
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 06:26:26 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
66
logo.png
www.clientarea.emwd.com/assets/img/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clientarea.emwd.com/assets/img/logo.png
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
083b7225245f53c792536013ae55da2cd55c8ccac4f1d830d8358189a0bcb51c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/img/logo.png
pragma
no-cache
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.clientarea.emwd.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Feb 2019 23:55:18 GMT
server
Apache
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
53013
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=startGoogleApp
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
299e377d96f1857514dd64a5b6495aa3cc1c4d298e26bfd0b98e8888fb9e6960
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O/DAiFC0Wnue8554Fc6xEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"c08396ca83f9de6ee520aa44fcc9d9a3"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-O/DAiFC0Wnue8554Fc6xEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 22 Aug 2021 09:05:58 GMT
google_icon.png
www.clientarea.emwd.com/assets/img/auth/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clientarea.emwd.com/assets/img/auth/google_icon.png
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
6dbecb39c428d835f15cd62853de3366c63371d40068c156f94d7992e2978679
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/img/auth/google_icon.png
pragma
no-cache
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.clientarea.emwd.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
3213
overlay-spinner.svg
www.clientarea.emwd.com/assets/img/ 		711 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clientarea.emwd.com/assets/img/overlay-spinner.svg
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
78972e26a47ce2f3fe151170b4e1270debcc9fec0d1e56f88f3898f77c905405
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/img/overlay-spinner.svg
pragma
no-cache
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.clientarea.emwd.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
373
clippy.svg
www.clientarea.emwd.com/assets/img/ 		519 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clientarea.emwd.com/assets/img/clippy.svg
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/img/clippy.svg
pragma
no-cache
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.clientarea.emwd.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
290
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.clientarea.emwd.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:17 GMT
x-content-type-options
nosniff
age
463001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:17 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.clientarea.emwd.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 01:45:28 GMT
x-content-type-options
nosniff
age
458430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:45:28 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.clientarea.emwd.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:36:10 GMT
x-content-type-options
nosniff
age
462588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:36:10 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0085d927f66e72f60698ff957ebebeea78b38403ef9a0f2197dcf63ead906b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tRzdw6FjPVjLW1L/K/7JNQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
DTNGDRVOYtZZlqs4taaf9JdkpuvCA33gWsj5DI6q/PaZ+2ikIVwtCzzGLNcg+46AWdUmxJ3SMQluP044K9kk6g==
x-fb-trip-id
686109401
x-fb-content-md5
e963b2f1c0390a84d324633a884d0799
x-frame-options
DENY
date
Sun, 22 Aug 2021 09:05:58 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"8887bb4fca3d70129f3ee4e86e8d5cde"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 22 Aug 2021 09:10:43 GMT
fa-solid-900.woff2
www.clientarea.emwd.com/assets/webfonts/ 		120 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.clientarea.emwd.com/assets/webfonts/fa-solid-900.woff2
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/assets/css/fontawesome-all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://www.clientarea.emwd.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
:path
/assets/webfonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/assets/css/fontawesome-all.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.clientarea.emwd.com
Referer
https://www.clientarea.emwd.com/assets/css/fontawesome-all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/woff2
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
123137
fa-brands-400.woff2
www.clientarea.emwd.com/assets/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.clientarea.emwd.com/assets/webfonts/fa-brands-400.woff2
Requested by
Host: www.clientarea.emwd.com
URL: https://www.clientarea.emwd.com/assets/css/fontawesome-all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.79.213.78 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
batgirl.emwd.com
Software
Apache /
Resource Hash
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://www.clientarea.emwd.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
WHMCSd1axemgLOWZx=0bcc3e45b0f13a25fc3f2640b3041cf2
:path
/assets/webfonts/fa-brands-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.clientarea.emwd.com
referer
https://www.clientarea.emwd.com/assets/css/fontawesome-all.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.clientarea.emwd.com
Referer
https://www.clientarea.emwd.com/assets/css/fontawesome-all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:05:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 21:30:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/woff2
strict-transport-security
max-age=15768000; includeSubDomains
accept-ranges
bytes
content-length
74657
sdk.js
connect.facebook.net/en_US/ 		230 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0308269b0063afd31d33b32dd5f2398d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b090bc012816335b59a2b1331a6dd1bd4468e4ebbadb83a0f1496fc62230ab2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.clientarea.emwd.com
Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OOPN7ODZTL2wNCclW4n15w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68285
x-fb-rlafr
0
x-fb-debug
t0Jqu2/6TWPLmHHeFBQvH+AAW0WEmLl0eto4GBIq6YW3CRbaDNX6L/k3spLmtGGtvYdYJ4VrAF2xCtQqUM9kcg==
x-fb-content-md5
d221d2b132292f701d4dbbcb5a6e71d9
x-frame-options
DENY
date
Sun, 22 Aug 2021 09:05:58 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"09abdb46cd24d8eec908d7d67dcfc21f"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 22 Aug 2022 08:10:05 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=startGoogleApp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a8dbc111ec4272a34fae97aa7a2dcd6f99cfb9b3067dcac29abc892912b6ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.clientarea.emwd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 20:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
562910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35063
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 13:43:54 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 20:44:08 GMT
iframe
accounts.google.com/o/oauth2/ Frame 5481 		513 B
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0633c05c1393e0570e7dc999f89a60b79b7434b60f1770647507cafb6f21962
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3bl1E3I5KTiqrDJ4M1/ofg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.clientarea.emwd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=221=La0ESBtYqHvvVC5vTytX2dxyP6uv8EdGd--c8H3yubM-DQwLr8gCi4PpTKv-V4mTPSIlebQzrDQgPVnyp9JSq-kW6D1aI02vbNIlUFgiF-AKK972fHNm5MfNTlTc968A2bLcz3ZXJBaWx8MQ6Skcpxz6g-jO27sIhwHlIk4J4Tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.clientarea.emwd.com/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 22 Aug 2021 09:05:58 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-3bl1E3I5KTiqrDJ4M1/ofg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1510909502-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 5481 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1510909502-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5abcddb702dd8ad37ea713c701a8f2fca352c6c82d5ddd021f84e7826e51f54e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 17:59:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40511
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 02:24:41 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 17:59:04 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 5481 		15 B
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.clientarea.emwd.com&client_id=116702138289-2fpoq2h88d0b8jpgbk1ob599l72u1fd1.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1510909502-idpiframe.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Sun, 22 Aug 2021 09:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 22 Aug 2021 10:05:59 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| csrfToken string| markdownGuide string| locale string| saved string| saving string| whmcsBaseUrl string| requiredText string| recaptchaSiteKey function| scrollToGatewayInputError function| elementOutOfViewPort function| disableFields function| checkAll function| clickableSafeRedirect function| popupWindow function| addRenewalToCart function| selectChangeNavigate function| extraTicketAttachment function| getStats function| checkPort function| getticketsuggestions function| refreshCustomFields function| autoSubmitFormByContainer function| useDefaultWhois function| useCustomWhois function| showNewBillingAddressFields function| hideNewBillingAddressFields function| showNewCardInputFields function| showNewAccountInputFields function| hideNewCardInputFields function| hideNewAccountInputFields function| getTicketSuggestions function| smoothScroll function| irtpSubmit function| showOverlay function| hideOverlay function| getSslAttribute function| openModal function| submitIdAjaxModalClickEvent function| updateAjaxModal function| dialogSubmit function| dialogClose function| addAjaxModalSubmitEvents function| removeAjaxModalSubmitEvents function| addAjaxModalPostSubmitEvents function| removeAjaxModalPostSubmitEvents function| disableSubmit function| enableSubmit boolean| recaptchaLoadComplete number| recaptchaCount undefined| lastTicketMsg object| ajaxModalSubmitEvents object| ajaxModalPostSubmitEvents function| $ function| jQuery object| jQuery1124027984874543454197 object| WHMCS function| _getSettings function| _beforeRequest object| MicroPlugin function| Sifter object| intlTelInputUtils function| onLoginClick function| fbAsyncInit object| googleUser function| startGoogleApp function| onSignIn function| recaptchaLoadCallback object| gapi object| ___jsl object| FB object| osapi

3 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 221=La0ESBtYqHvvVC5vTytX2dxyP6uv8EdGd--c8H3yubM-DQwLr8gCi4PpTKv-V4mTPSIlebQzrDQgPVnyp9JSq-kW6D1aI02vbNIlUFgiF-AKK972fHNm5MfNTlTc968A2bLcz3ZXJBaWx8MQ6Skcpxz6g-jO27sIhwHlIk4J4Tw
.www.clientarea.emwd.com/ Name: G_ENABLED_IDPS
Value: google
www.clientarea.emwd.com/ Name: WHMCSd1axemgLOWZx
Value: 0bcc3e45b0f13a25fc3f2640b3041cf2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
clientarea.emwd.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ssl.gstatic.com
www.clientarea.emwd.com
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200d
2a00:1450:4001:82b::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
45.79.213.78
026ec03cb3e46a6224afe430e00a776e37f0d955304d662753f8debb210e2c79
083b7225245f53c792536013ae55da2cd55c8ccac4f1d830d8358189a0bcb51c
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
299e377d96f1857514dd64a5b6495aa3cc1c4d298e26bfd0b98e8888fb9e6960
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90
4b1ed18980ff6794b130b522403755a0045255d6b058176c5fe88f388e6a5c3b
5314e8ddcacfc767e38fe5db9c0b9ae737ace907248f2f1b5e66d549c4a0c606
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
5873902248c9f4a206345c97f2aa8f7e22e2cc049a3f35e5d62cc3f94f7ccc01
5abcddb702dd8ad37ea713c701a8f2fca352c6c82d5ddd021f84e7826e51f54e
686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71
6dbecb39c428d835f15cd62853de3366c63371d40068c156f94d7992e2978679
78972e26a47ce2f3fe151170b4e1270debcc9fec0d1e56f88f3898f77c905405
7a8dbc111ec4272a34fae97aa7a2dcd6f99cfb9b3067dcac29abc892912b6ab9
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
981c114cf5865e3e3e86e8f10a9efad528dcc5b2ce40bca4a4d0bf82105edbcd
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
b090bc012816335b59a2b1331a6dd1bd4468e4ebbadb83a0f1496fc62230ab2f
bbd59bd6aa9f4aec31d8ec50ecbabf2f65b888c73b6b756791fa8d0d541071c6
c0633c05c1393e0570e7dc999f89a60b79b7434b60f1770647507cafb6f21962
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
cc5e2de1e00688e2f41be382ecc9d759785213bbe2cc9cc3d8d07272dd22e147
e0085d927f66e72f60698ff957ebebeea78b38403ef9a0f2197dcf63ead906b2