www.empire.ca Open in urlscan Pro
2606:4700::6812:52c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://insurance.cmail20.com/t/t-l-ckrjidy-yuidtyihp-r/
Effective URL:
https://www.empire.ca/
Submission: On December 10 via api (December 10th 2021, 12:01:22 pm UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 17 domains to perform 72 HTTP transactions. The main IP is 2606:4700::6812:52c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.empire.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 26th 2021. Valid for: a year.

This is the only time www.empire.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.196.121.95 18.196.121.95	16509 (AMAZON-02) (AMAZON-02)
1 24	2606:4700::68... 2606:4700::6812:52c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	52.217.46.206 52.217.46.206	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
9	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 3	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.236.10 52.222.236.10	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.57 18.66.122.57	16509 (AMAZON-02) (AMAZON-02)
1	99.81.19.154 99.81.19.154	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.86.117.43 54.86.117.43	14618 (AMAZON-AES) (AMAZON-AES)
1	34.237.200.61 34.237.200.61	14618 (AMAZON-AES) (AMAZON-AES)
72	25

1 18.196.121.95 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-121-95.eu-central-1.compute.amazonaws.com

insurance.cmail20.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6812:52c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.empire.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.46.206 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

5290522.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-10.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-57.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.19.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-19-154.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

embed-fastly.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.117.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-117-43.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.200.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-200-61.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	empire.ca 1 redirects www.empire.ca	548 KB
12	wistia.com fast.wistia.com embed-fastly.wistia.com distillery.wistia.com pipedream.wistia.com	322 KB
7	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	29 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	65 KB
4	doubleclick.net 1 redirects 5290522.fls.doubleclick.net stats.g.doubleclick.net	1 KB
4	jsdelivr.net cdn.jsdelivr.net	53 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	amazonaws.com s3.amazonaws.com	3 KB
3	google.com www.google.com adservice.google.com	1 KB
2	googletagmanager.com www.googletagmanager.com	123 KB
1	nr-data.net bam-cell.nr-data.net	716 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	google.de www.google.de	501 B
1	licdn.com snap.licdn.com	2 KB
1	gstatic.com www.gstatic.com	136 KB
1	cmail20.com 1 redirects insurance.cmail20.com	467 B
72	17

	Domain	Requested by
24	www.empire.ca	1 redirects www.empire.ca
9	fast.wistia.com	www.empire.ca fast.wistia.com
4	dev.visualwebsiteoptimizer.com	www.empire.ca dev.visualwebsiteoptimizer.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	cdn.jsdelivr.net	www.empire.ca cdn.jsdelivr.net
3	5290522.fls.doubleclick.net	1 redirects www.googletagmanager.com www.empire.ca
3	www.google-analytics.com	www.empire.ca www.google-analytics.com www.googletagmanager.com
3	s3.amazonaws.com	www.empire.ca
2	px.ads.linkedin.com	2 redirects
2	www.googletagmanager.com	www.empire.ca www.googletagmanager.com
2	www.google.com	www.empire.ca
1	pipedream.wistia.com	fast.wistia.com
1	distillery.wistia.com	fast.wistia.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	embed-fastly.wistia.com
1	js-agent.newrelic.com	www.empire.ca
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	adservice.google.com	5290522.fls.doubleclick.net
1	www.google.de	www.empire.ca
1	px4.ads.linkedin.com	www.empire.ca
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	snap.licdn.com	www.empire.ca
1	www.gstatic.com	www.google.com
1	insurance.cmail20.com	1 redirects
72	27

This site contains links to these domains. Also see Links.

Domain
my.empire.ca
pmw.empire.ca
groupadmin.empire.ca
groupadvisor.empire.ca
empire.ca
www.empirelifeinvestments.ca
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
empire.ca Cloudflare Inc ECC CA-3	`2021-02-26` - `2022-02-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
embed-fastly.wistia.com R3	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.empire.ca/
Frame ID: 55BF176EE72EF012EC4F82417E209B4E
Requests: 70 HTTP requests in this frame

Frame: https://5290522.fls.doubleclick.net/activityi;dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F
Frame ID: 3E708A81023D5357F6BC24B4BD61A17D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empire Life | Life Insurance, Investments & Group Benefits

Page URL History Show full URLs

https://insurance.cmail20.com/t/t-l-ckrjidy-yuidtyihp-r/ HTTP 302
http://www.empire.ca/ HTTP 301
https://www.empire.ca/ Page URL

Page Statistics

72
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

27
Subdomains

25
IPs

4
Countries

1317 kB
Transfer

3777 kB
Size

18
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://my.empire.ca/login/?lang=en-ca&next=/?role=customer
Title: MyEmpire Insurance and Investments Online Access

Search URL Search Domain Scan URL

URL: https://pmw.empire.ca/pmwweb/redirect.jsp
Title: Group Plan Member Login

Search URL Search Domain Scan URL

URL: https://groupadmin.empire.ca/login/?lang=en-ca
Title: Group Plan Administrator Login

Search URL Search Domain Scan URL

URL: https://my.empire.ca/login/?lang=en-ca&next=/?role=advisor
Title: Retail Advisor Login

Search URL Search Domain Scan URL

URL: https://groupadvisor.empire.ca/login/?lang=en-ca
Title: Group Plan Advisor Login

Search URL Search Domain Scan URL

URL: https://empire.ca/life-and-money-matters/why-use-an-advisor

Search URL Search Domain Scan URL

URL: http://empire.ca/docs/pdf/GRP-3012-OpioidManagementSolution-EN-web.pdf

Search URL Search Domain Scan URL

URL: https://my.empire.ca/login/?lang=en-ca&next=/%3Frole%3Dcustomer

Search URL Search Domain Scan URL

URL: https://my.empire.ca/login/?next=/%3Frole%3Dcustomer&lang=en-ca
Title: MyEmpire Insurance and Investments Online Access

Search URL Search Domain Scan URL

URL: https://www.empirelifeinvestments.ca/
Title: Empire Life Investments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EmpireLife/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/empire-life/

Search URL Search Domain Scan URL

URL: https://twitter.com/EmpireLife

Search URL Search Domain Scan URL

URL: https://www.instagram.com/empirelife/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://insurance.cmail20.com/t/t-l-ckrjidy-yuidtyihp-r/ HTTP 302
http://www.empire.ca/ HTTP 301
https://www.empire.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://5290522.fls.doubleclick.net/activityi;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F HTTP 302
https://5290522.fls.doubleclick.net/activityi;dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F

Request Chain 44

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3613980&time=1639137676506&url=https%3A%2F%2Fwww.empire.ca%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3613980%26time%3D1639137676506%26url%3Dhttps%253A%252F%252Fwww.empire.ca%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3613980&time=1639137676506&url=https%3A%2F%2Fwww.empire.ca%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3613980&time=1639137676506&url=https%3A%2F%2Fwww.empire.ca%2F&liSync=true&e_ipv6=AQLziEhdC7QE3QAAAX2kOA5l14T7hsxwWbmEQjubJMGQC15ZHChcJnEhEA3AAmg0tueVCGQqUw

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.empire.ca/
Redirect Chain

https://insurance.cmail20.com/t/t-l-ckrjidy-yuidtyihp-r/
http://www.empire.ca/
https://www.empire.ca/

67 KB
16 KB

638ms
555ms

Document
text/html

2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0f408e597446851177e885dab26f93468390fea59b5144664ab1d808a03ef11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 10 Dec 2021 12:01:15 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, public
x-drupal-dynamic-cache: MISS
link: <https://www.empire.ca/>; rel="canonical", <https://www.empire.ca/>; rel="shortlink"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 10 Dec 2021 12:01:03 GMT
vary: Cookie,Accept-Encoding
x-generator: Drupal 9 (https://www.drupal.org)
x-drupal-cache: MISS
x-request-id: v-d9745ea6-59b0-11ec-95c0-c77f5e53c02e
x-ah-environment: prod
age: 10
via: varnish
x-cache: HIT
x-cache-hits: 1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bb65143481b4dfa-FRA
content-encoding: gzip

Redirect headers

Date: Fri, 10 Dec 2021 12:01:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 10 Dec 2021 13:01:14 GMT
Location: https://www.empire.ca/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 6bb651427d3d5b5c-FRA

GET
H2 200 css_-I_e7jmBegn_510y_xXf02JmXK7WsBxBZv5OvA5U0x8.css
www.empire.ca/sites/default/files/css/ 6 KB
2 KB 148ms
147ms Stylesheet
text/css 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/css/css_-I_e7jmBegn_510y_xXf02JmXK7WsBxBZv5OvA5U0x8.css

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f88fdeee39817a09ffe75d32ff15dfd362665caed6b01c4166fe4ebc0e54d31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 18985
x-ah-environment: prod
vary: Accept-Encoding
content-length: 1734
x-request-id: v-03be7a3a-5695-11ec-9fc6-5b6315b19912
last-modified: Tue, 23 Nov 2021 13:00:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb651473fdc4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:04:15 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/ 119 KB
20 KB 152ms
59ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3942859
x-jsd-version: 3.4.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19126-FRA, cache-mxp6955-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1da71-sJcv3M6C/Vg9TCzMPy4990BKGdA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6bb65147db76e8ff-MXP

GET
H2 200 drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/ 11 KB
3 KB 193ms
101ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/drupal-bootstrap.min.css

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb7aeb18f1091a582be621acf512dd276a8c4e0f7c27bfa715795c6aeb1eea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3942847
x-jsd-version: 0.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19129-FRA, cache-mxp6959-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2ba9-7BZ4Wjo4JdjHlvh1wHU1MeucYhU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6bb65147db77e8ff-MXP

GET
H2 200 css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css
www.empire.ca/sites/default/files/css/ 199 KB
31 KB 559ms
558ms Stylesheet
text/css 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9795c3bf935bca72bb1a8003c101027847ca87be961517f28f2a665fd7bc85ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341820
x-cache: HIT
x-cache-hits: 19159
x-ah-environment: prod
vary: Accept-Encoding
content-length: 31945
x-request-id: v-03be4358-5695-11ec-9cc1-ef3b243f5f23
last-modified: Tue, 23 Nov 2021 13:00:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb651473fdd4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:04:15 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 220ms
54ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3aa33dc9f202ae901f5aac5d54da7c1a38fc235c77ab6a1611444ec76b3c0af4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Fri, 10 Dec 2021 12:01:16 GMT

GET
H2 200 logo.png
www.empire.ca/themes/custom/empiretheme/ 7 KB
7 KB 449ms
442ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/logo.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee9e3767249d6f8a16f41bb0fb99626fb7bae1fcdae274971e986c3489bbaa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341820
x-cache: HIT
x-cache-hits: 24344
x-ah-environment: prod
content-length: 7029
x-request-id: v-042cf74e-5695-11ec-842b-ef51ccaeca3e
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b0f7e4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:16 GMT

GET
H2 200 important-icon.svg
www.empire.ca/sites/default/files/inline-images/ 344 B
551 B 450ms
443ms Image
image/svg+xml 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/inline-images/important-icon.svg

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1380d3cdb2dda9aa48f4dff0cb83afcc50f850aee3ab913acedc5f1ef253ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341820
x-cache: HIT
x-cache-hits: 20347
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-042ecb64-5695-11ec-ab69-9fc7834eb450
last-modified: Fri, 20 Mar 2020 14:40:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 6bb6514b0f804dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:04:16 GMT

GET
H/1.1 200
OK eclaim-icon-blue.png
s3.amazonaws.com/static.empire.ca/images/consumer/ 1 KB
2 KB 570ms
144ms Image
image/png 52.217.46.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.empire.ca/images/consumer/eclaim-icon-blue.png
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.46.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 90cd0ae2fbc2ca013d61e90aa04903271be5d06de2ae1317d44b30a21c07f6ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 12:01:17 GMT
Last-Modified: Fri, 25 May 2018 15:17:38 GMT
Server: AmazonS3
x-amz-request-id: XYYHQY74YY69YAAA
ETag: "48761cf712f6f1179bd4ae1211c4cc2a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1221
x-amz-id-2: oJ98aVxJmeOU60bUvSwuq3XsnJnT4pC0cHIsR+aswq8Sj/+V0NLRnBk1TkOAZci9/B1nLkRsuHQ=

GET
H/1.1 200
OK investor-access-icon-blue.png
s3.amazonaws.com/static.empire.ca/images/consumer/ 867 B
1 KB 572ms
142ms Image
image/png 52.217.46.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.empire.ca/images/consumer/investor-access-icon-blue.png
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.46.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23f6a5ae4a582622e38c4a2816091462039a2ef0433ae4adf6d8897d80a59110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 12:01:17 GMT
Last-Modified: Fri, 25 May 2018 15:17:40 GMT
Server: AmazonS3
x-amz-request-id: XYYG06KT8KK9JVE6
ETag: "a856a6b3d6b1ee18004ff6a3d3255eb1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 867
x-amz-id-2: MJn+vEPXh6ytFeTcT1587GfuzF2FuBsVAy4WSeQxMQkII2qWQWTsTnQpeA63LZvoMnRgSFHO1xo=

GET
H/1.1 200
OK forms-icon-blue.png
s3.amazonaws.com/static.empire.ca/images/consumer/ 382 B
738 B 602ms
167ms Image
image/png 52.217.46.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.empire.ca/images/consumer/forms-icon-blue.png
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.46.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4286f16b906c6f6340f1845a1ea1bc3ecde7ab9d5fc4e7a1dc09cd53e8719c29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 12:01:17 GMT
Last-Modified: Fri, 25 May 2018 15:17:39 GMT
Server: AmazonS3
x-amz-request-id: XYYHGRM4R99BJRCT
ETag: "4a78e5f3f41a4642105c89e285078ef8"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 382
x-amz-id-2: Q4/+EPviT91eGWukxjFSgQ8TerGFI7fvXMCzbymo748PKjSGn4/xKFktOqV9Q/q4q/3Z3FJIUkE=

GET
H2 200 insurance-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 1 KB
1 KB 433ms
427ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/insurance-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32bf3cdebeac617fe2b696cb4e16fec1b62cc1a0eaeebe70b865e1b9779348d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 17107
x-ah-environment: prod
content-length: 1370
x-request-id: v-0486ce5e-5695-11ec-8f3f-8b3a4fb93855
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b0f814dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:16 GMT

GET
H2 200 group-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 1 KB
2 KB 171ms
165ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/group-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

768a54da5cccc06b2bee4c7f6663ce05a2fde49dff7945d3d3642b8285ee8e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 17137
x-ah-environment: prod
content-length: 1368
x-request-id: v-045342a0-5695-11ec-9e5a-d372a224128e
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b0f844dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:16 GMT

GET
H2 200 investments-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 2 KB
2 KB 172ms
165ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/investments-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142e9e9129e6c90b5835c8c8cfc5556adb54ebaa99889798a2c94b8078d79ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341818
x-cache: HIT
x-cache-hits: 17108
x-ah-environment: prod
content-length: 1890
x-request-id: v-04bd319c-5695-11ec-8de9-f7d55e1ddc69
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b0f864dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:17 GMT

GET
H2 200 facebook-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 400 B
503 B 454ms
449ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/facebook-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb58e6b157ff8672b7811149d965ba58b3d5856b3934cffde285a2559ecedb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 23587
x-ah-environment: prod
content-length: 400
x-request-id: v-04c1b8c0-5695-11ec-917d-470727db0f47
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b0f8a4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:17 GMT

GET
H2 200 linked-in-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 483 B
588 B 438ms
433ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/linked-in-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f76c127b37f0a78e50dd957aad93cb621e481428d8c53e671f288ab47ec9fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341818
x-cache: HIT
x-cache-hits: 23609
x-ah-environment: prod
content-length: 483
x-request-id: v-04e6225a-5695-11ec-b5f9-b3ef5bd3c2f6
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b0f8c4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:17 GMT

GET
H2 200 twitter-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 529 B
655 B 442ms
437ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/twitter-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5a1a8538e044735769e30d9b495f2881ea84180593d4cd2a608c213133ad2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341818
x-cache: HIT
x-cache-hits: 23521
x-ah-environment: prod
content-length: 529
x-request-id: v-04eae29a-5695-11ec-92ea-4fcc117e2da1
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b0f8d4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:17 GMT

GET
H2 200 insta-icon.png
www.empire.ca/sites/default/files/assets/corporate/images/ 3 KB
4 KB 449ms
444ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/assets/corporate/images/insta-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

317d9c96dd06729e16f54df3cedd694f1c252531f425c75105c03b63688bea1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 23661
x-ah-environment: prod
content-length: 3552
x-request-id: v-04c46cb4-5695-11ec-a29a-734a8ce7ef4c
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b2fdc4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:17 GMT

GET
H2 200 EL-98years-grey.png
www.empire.ca/sites/default/files/2021-01/ 4 KB
4 KB 466ms
462ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/2021-01/EL-98years-grey.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c327ae451371a2fa3b7ea56855f238ab42d2efcf2c82aad8281a7a53e22161fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341818
x-cache: HIT
x-cache-hits: 23632
x-ah-environment: prod
content-length: 3994
x-request-id: v-0507de7c-5695-11ec-ad28-f391f7b6beaf
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b2fe14dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 194ms
30ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3609
date: Fri, 10 Dec 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 10 Dec 2021 13:01:07 GMT

GET
H2 200 js_cjBhuYmeiGw6U6zoIN8x2z80qWEMkxgaPE19qud4Ajo.js Show response
www.empire.ca/sites/default/files/js/ 138 KB
45 KB 539ms
539ms Script
text/javascript 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/js/js_cjBhuYmeiGw6U6zoIN8x2z80qWEMkxgaPE19qud4Ajo.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

723061b9899e886c3a53ace820df31db3f34a9610c93181a3c4d7daae778023a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341820
x-cache: HIT
x-cache-hits: 23870
x-ah-environment: prod
vary: Accept-Encoding
content-length: 45834
x-request-id: v-03db7e3c-5695-11ec-820d-c34c6294e6c8
last-modified: Tue, 23 Nov 2021 13:00:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb651488a424dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:04:15 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/ 39 KB
11 KB 51ms
50ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3942859
x-jsd-version: 3.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19127-FRA, cache-mxp6937-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6bb6514aff83e8ff-MXP

GET
H2 200 js_6ikyFJ1-Lv347nScwdoA--4e0BIwZZmqwQl_zJcbHZA.js Show response
www.empire.ca/sites/default/files/js/ 77 KB
17 KB 528ms
521ms Script
text/javascript 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/js/js_6ikyFJ1-Lv347nScwdoA--4e0BIwZZmqwQl_zJcbHZA.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea2932149d7e2efdf8ee749cc1da00fbee1ed012306599aac1097fcc971b1d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341820
x-cache: HIT
x-cache-hits: 24535
x-ah-environment: prod
vary: Accept-Encoding
content-length: 17672
x-request-id: v-0423cb56-5695-11ec-8e23-e3f2cc0aca38
last-modified: Tue, 23 Nov 2021 13:00:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb6514b0f764dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:04:16 GMT

GET
H2 200 xetxdsllt4.jsonp Show response
fast.wistia.com/embed/medias/ 9 KB
4 KB 425ms
257ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/xetxdsllt4.jsonp

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e4fb95cbba6cc6ad49a2e0bccf1b291b57ad484661bc03687d2557d04b539ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 10592
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 3328
x-request-id: cdfbc41d41dfc307be4669e712ed1ccd
x-served-by: cache-dca17720-DCA, cache-fra19158-FRA
x-runtime: 0.061615
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1639137676.164318,VS0,VE91
etag: W/"7e4fb95cbba6cc6ad49a2e0bccf1b291"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 96
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 622 KB
118 KB 198ms
31ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

63db81f146b1cf067c2d8e77fb33e709eede61f5611960ef261213ee9b4d9deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: br
vary: Accept-Encoding
age: 1527
x-cache: HIT, HIT
content-length: 120579
x-served-by: cache-dca17730-DCA, cache-fra19158-FRA
access-control-allow-origin: *
x-browser-version: 96
last-modified: Thu, 09 Dec 2021 15:03:38 GMT
x-timer: S1639137676.164373,VS0,VE0
etag: "61b21aca-1d703"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 208

GET
H2 200 js_wyPvKpyvG0wG-HYBzlFzh4QNwgfeh7_avc3tLnvhuD0.js Show response
www.empire.ca/sites/default/files/js/ 121 KB
27 KB 552ms
544ms Script
text/javascript 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/js/js_wyPvKpyvG0wG-HYBzlFzh4QNwgfeh7_avc3tLnvhuD0.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c323ef2a9caf1b4c06f87601ce517387840dc207de87bfdabdcded2e7be1b83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 340917
x-cache: HIT
x-cache-hits: 18633
x-ah-environment: prod
vary: Accept-Encoding
content-length: 27431
x-request-id: v-1e70bc60-5697-11ec-99a4-f3d9d22730b1
last-modified: Mon, 06 Dec 2021 13:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb6514b0f7c4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:19:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
62 KB 217ms
54ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN2DJ87

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67e3987797a556bdf46f6779d8f65e1a8c106e6d310a079a152bae89f018bddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63202
x-xss-protection: 0
expires: Fri, 10 Dec 2021 12:01:16 GMT

GET
H2 200 learning-woman.png
www.empire.ca/themes/custom/empiretheme/images/ 58 KB
58 KB 564ms
564ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/learning-woman.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c27217f152eb9a8989311b4cc3549841f9dda7166608c85d0ffa044a02edf63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341818
x-cache: HIT
x-cache-hits: 16669
x-ah-environment: prod
content-length: 59570
x-request-id: v-050e81d2-5695-11ec-8f15-2b9d96a40b5c
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b2fe44dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:17 GMT

GET
H2 200 advisor-background.png
www.empire.ca/themes/custom/empiretheme/images/ 131 KB
132 KB 588ms
587ms Image
image/png 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/advisor-background.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55bd941b3db8ef04a1269c3e42fc1449a83dc28acfafd13622255cbf7bbcacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341818
x-cache: HIT
x-cache-hits: 13101
x-ah-environment: prod
content-length: 134602
x-request-id: v-05139758-5695-11ec-9085-c768cd37f30a
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b2fe74dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:17 GMT

GET
H2 200 MuseoSans_300-webfont.woff
www.empire.ca/themes/custom/empiretheme/css/fonts/ 21 KB
21 KB 538ms
536ms Font
text/plain 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/themes/custom/empiretheme/css/fonts/MuseoSans_300-webfont.woff

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3266e1189b691f659005c65dd5adf1e47098ced72d6d64ce38ec17d95373461

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 24089
x-ah-environment: prod
content-length: 21744
x-request-id: v-046e9618-5695-11ec-a8e7-130a8b18a215
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb6514b2fe94dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:04:16 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/fonts/ 18 KB
18 KB 42ms
40ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3942830
x-jsd-version: 3.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18028
x-served-by: cache-fra19152-FRA, cache-mxp6960-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"466c-yjW2l9mcrk0bYPLWD803dxmH6wc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 6bb6514b1fb9e8ff-MXP

GET
H2 200 MuseoSans_500-webfont.woff
www.empire.ca/themes/custom/empiretheme/css/fonts/ 22 KB
22 KB 556ms
554ms Font
text/plain 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/themes/custom/empiretheme/css/fonts/MuseoSans_500-webfont.woff

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7caa8175d4f531f6009d3e8f7597be92a66733187b5a808b7c85f4c33641dff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 24046
x-ah-environment: prod
content-length: 22236
x-request-id: v-044f1504-5695-11ec-acb4-c30e1ed75bf4
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb6514b2feb4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:04:16 GMT

GET
H2 200 MuseoSans_700-webfont.woff
www.empire.ca/themes/custom/empiretheme/css/fonts/ 22 KB
22 KB 577ms
576ms Font
text/plain 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/themes/custom/empiretheme/css/fonts/MuseoSans_700-webfont.woff

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aafc73721bbcdae2be1d3373fd973852ca8d7ed638a6236bf7e8d43680573d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 23999
x-ah-environment: prod
content-length: 22620
x-request-id: v-045c89a0-5695-11ec-8b02-0336d063e9a4
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb6514b2fee4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:04:16 GMT

GET
H2 200 818800-PriceAndPerformance-ConsumerBanner-EN.jpeg
www.empire.ca/sites/default/files/2021-09/ 119 KB
119 KB 561ms
557ms Image
image/jpeg 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/2021-09/818800-PriceAndPerformance-ConsumerBanner-EN.jpeg

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2ec967e4b0fe2c5f176bda427536480dc3ea919b5575df3d8b3983ff78f8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341819
x-cache: HIT
x-cache-hits: 16375
x-ah-environment: prod
content-length: 121403
x-request-id: v-047de8fc-5695-11ec-8147-3f1542ebc640
last-modified: Tue, 21 Sep 2021 13:37:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bb6514b68764dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 05 Jan 2022 13:04:16 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ 347 KB
136 KB 161ms
48ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139000
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 10 Dec 2022 10:46:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 116ms
54ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1148860826&t=pageview&_s=1&dl=https%3A%2F%2Fwww.empire.ca%2F&ul=en-us&de=UTF-8&dt=Empire%20Life%20%7C%20Life%20Insurance%2C%20Investments%20%26%20Group%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=247896874&gjid=669836250&cid=1500627683.1639137676&tid=UA-23109840-1&_gid=1342322285.1639137676&_r=1&_slc=1&z=625549423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:01:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.empire.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 117ms
54ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1S7M715GDE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2DJ87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e46b16ed3123a12b48e52fdb07b595b5274a0885c5f0f7971a727b826bf95d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62334
x-xss-protection: 0
expires: Fri, 10 Dec 2021 12:01:16 GMT

GET
H3

200

activityi;dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F Show response
5290522.fls.doubleclick.net/ Frame 3E70
Redirect Chain

https://5290522.fls.doubleclick.net/activityi;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?
https://5290522.fls.doubleclick.net/activityi;dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2F...

394 B
349 B

79ms
41ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290522.fls.doubleclick.net/activityi;dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2DJ87

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

8a524018ff9841037ce24a847c1f17ae5e3698fba287b3958f3e6239d2d3dbd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 Dec 2021 12:01:16 GMT
expires: Fri, 10 Dec 2021 12:01:16 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 Dec 2021 12:01:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290522.fls.doubleclick.net/activityi;dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}

GET
H2 200 5353.js Show response
script.crazyegg.com/pages/scripts/0018/ 5 KB
2 KB 775ms
673ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0018/5353.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2DJ87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676e4476d902ce9358bee88e3b27113910cba6dd8b1bee76a7296aa384b34a3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 6bb6514decad0e22-MXP
ce-version: 11.1.376
content-length: 1856
last-modified: Fri, 10 Dec 2021 12:01:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 5 KB
2 KB 109ms
21ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=275117&u=https%3A%2F%2Fwww.empire.ca%2F&f=1&r=0.6391860794448903
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d376286c051a8c50712e4951deb2c1661d267e61f6332f2acd8ac0bb338c6575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 12:01:15 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 133ms
34ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 12:01:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=28353
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 activityi;register_conversion=1;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F
5290522.fls.doubleclick.net/ 0
0 143ms
38ms Image
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5290522.fls.doubleclick.net/activityi;register_conversion=1;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 137ms
41ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23109840-1&cid=1500627683.1639137676&jid=247896874&gjid=669836250&_gid=1342322285.1639137676&_u=YEBAAEAAAAAAAC~&z=2103167656

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Dec 2021 12:01:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.empire.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 va-97740d41a44be36abbc74872eff9b593.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 218 KB
62 KB 63ms
33ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-97740d41a44be36abbc74872eff9b593.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=275117&u=https%3A%2F%2Fwww.empire.ca%2F&f=1&r=0.6391860794448903
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: a3f23882af078056246b6773a358d1d244b163ca8cb8c4016edc9e5a627c0cd7

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:15 GMT
content-encoding: br
last-modified: Fri, 10 Dec 2021 11:22:48 GMT
server: gfra1
etag: "61b33888-f7f3"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63475
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 147ms
118ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=275117&d=empire.ca&u=D2271097EB955F3826B53B6B51279C307&h=41a91769193acfceb6ab77f413400c25&t=false&r=0.5430830733134864

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:01:16 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3613980&time=1639137676506&url=https%3A%2F%2Fwww.empire.ca%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3613980%26time%3D1639137676506%26url%3Dhttps%253A%252F%252Fwww.empire.ca%252F%26l...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3613980&time=1639137676506&url=https%3A%2F%2Fwww.empire.ca%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3613980&time=1639137676506&url=https%3A%2F%2Fwww.empire.ca%2F&liSync=true&e_ipv6=AQLziEhdC7QE3QAAAX2kOA5l14T7hsxwWbmEQjubJMGQC15ZHChcJnEhEA3AAmg0...

0
155 B

318ms
116ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3613980&time=1639137676506&url=https%3A%2F%2Fwww.empire.ca%2F&liSync=true&e_ipv6=AQLziEhdC7QE3QAAAX2kOA5l14T7hsxwWbmEQjubJMGQC15ZHChcJnEhEA3AAmg0tueVCGQqUw
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: SNV8awhjvxaAYk9ReisAAA==

Redirect headers

date: Fri, 10 Dec 2021 12:01:16 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A63F822272084F1C893890AF2B0AAF5F Ref B: FRAEDGE1115 Ref C: 2021-12-10T12:01:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3613980&time=1639137676506&url=https%3A%2F%2Fwww.empire.ca%2F&liSync=true&e_ipv6=AQLziEhdC7QE3QAAAX2kOA5l14T7hsxwWbmEQjubJMGQC15ZHChcJnEhEA3AAmg0tueVCGQqUw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXSyXr4D3Twdi43hR11dA==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1S7M715GDE&gtm=2oec10&_p=1148860826&sr=1600x1200&ul=en-us&cid=1500627683.1639137676&_s=1&dl=https%3A%2F%2Fwww.empire.ca%2F&dt=Empire%20Life%20%7C%20Life%20Insurance%2C%20Investments%20%26%20Group%20Benefits&sid=1639137676&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1S7M715GDE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:01:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.empire.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 107ms
57ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23109840-1&cid=1500627683.1639137676&jid=247896874&_u=YEBAAEAAAAAAAC~&z=1081659957

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:01:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 126ms
42ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23109840-1&cid=1500627683.1639137676&jid=247896874&_u=YEBAAEAAAAAAAC~&z=1081659957

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:01:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 92 KB
24 KB 930ms
930ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

759363408c7a20c57f298d1feeecf71872af356a7f3fa4f2530863b9ef46fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 1529
x-cache: HIT, HIT
content-length: 24684
x-served-by: cache-dca12929-DCA, cache-fra19158-FRA
access-control-allow-origin: *
x-browser-version: 96
last-modified: Thu, 09 Dec 2021 15:03:38 GMT
x-timer: S1639137677.681551,VS0,VE881
etag: "61b21aca-606c"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 107

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 344 B
269 B 9ms
9ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=275117&settings_type=1&vn=7.0&r=0.42236825666971756
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-97740d41a44be36abbc74872eff9b593.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 488a32598c179cd3b22fadf1026c9b4e72c0372158498c193ae65e78280a1e6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:16 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F
adservice.google.com/ddm/fls/z/ Frame 3E70 42 B
494 B 68ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F

Requested by

Host: 5290522.fls.doubleclick.net
URL: https://5290522.fls.doubleclick.net/activityi;dc_pre=CIeox9eX2fQCFUSDhQodHFYDew;src=5290522;type=empir0;cat=empir0;ord=9916317879434;gtm=2wgc10;auiddc=367682617.1639137676;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290522.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:01:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 162 KB
27 KB 949ms
949ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d71e1771160de4d35dd7d5362bb322301ee61aa1da7754b4ba0e401679558aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 1528
x-cache: HIT, HIT
content-length: 27308
x-served-by: cache-dca17737-DCA, cache-fra19158-FRA
access-control-allow-origin: *
x-browser-version: 96
last-modified: Thu, 09 Dec 2021 15:03:38 GMT
x-timer: S1639137677.730947,VS0,VE834
etag: "61b21aca-6aac"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 34

GET
H2 200 5353.json Show response
script.crazyegg.com/pages/data-scripts/0018/ 15 KB
2 KB 91ms
41ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0018/5353.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/5353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59c2b29c3b72666126c117224ecbe20af663b9d72d25b3217e0d0cc4eef6a2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 74763
ce-version: 11.1.376
content-length: 1807
timing-allow-origin: *
last-modified: Thu, 09 Dec 2021 15:15:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6bb651527c2983a0-MXP

GET
H2 200 11.1.376.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 71 KB
23 KB 23ms
22ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/5353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 14:25:17 GMT
server: cloudflare
age: 163117
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6bb65152bbfa0e22-MXP
content-length: 23366

GET
H2 200 5353.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0018/ 944 B
439 B 163ms
163ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0018/5353.json?t=455316
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89b15091d5b10dea56fd19c3572e6123e002edfd1f413bf4173267be6ea384f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 6bb651530d6b83a0-MXP
ce-version: 11.1.376
content-length: 345
last-modified: Fri, 10 Dec 2021 12:01:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
420 B 36ms
7ms XHR
binary/octet-stream 52.222.236.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d3.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 5116782
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 19
x-amz-cf-id: iweRTheRmyBSIFJE8MBLaMTINPghhvnIay2ZVSB8JQqQOfk134ukjQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
419 B 33ms
7ms XHR
binary/octet-stream 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 5116782
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 19
x-amz-cf-id: 5DSujt3E1MxN6AGkgTYwB2ydrTeSRtmLa4Bpb4bsNmZNIwnDTaqvQQ==

GET
BLOB 200
OK da2a9f0b-a2c0-4982-a682-c940b73857c3
https://www.empire.ca/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.empire.ca/da2a9f0b-a2c0-4982-a682-c940b73857c3
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 28 B
135 B 182ms
101ms XHR
text/plain 99.81.19.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1639137677515
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.19.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-19-154.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: dfeb134b8fbb3742482970467a1e7d2f17a9f7a54fa8a86127664524b36bdf2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 12:01:17 GMT
cache-control: no-store
server: awselb/2.0
content-length: 28
content-type: text/plain

GET
BLOB 200
OK 7e5d95f6-9968-42ee-b3ba-49a6ce83df92
https://www.empire.ca/ 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.empire.ca/7e5d95f6-9968-42ee-b3ba-49a6ce83df92
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 138ms
36ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: GGC7BRXX4WZ5D14N
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: ufwzUHmjKrXJVZe0WrQ91kQkvNyw1r253smJenma0L8D4Roth+tkCd1SlSau0b/ajFehwLF0dyo=
x-served-by: cache-cdg20754-CDG
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1639137678.827791,VS0,VE0
date: Fri, 10 Dec 2021 12:01:17 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13729

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 59 KB
12 KB 141ms
141ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6e3584dc50a3aa56ed0622e4e873dcb0a41423d5adc863c06fa9c7c3e715f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 1529
x-cache: HIT, HIT
content-length: 12639
x-served-by: cache-dca17776-DCA, cache-fra19158-FRA
access-control-allow-origin: *
x-browser-version: 96
last-modified: Thu, 09 Dec 2021 15:03:38 GMT
x-timer: S1639137678.831291,VS0,VE0
etag: "61b21aca-315f"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 99

GET
H2 200 xetxdsllt4.json Show response
fast.wistia.com/embed/captions/ 6 KB
3 KB 277ms
276ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/xetxdsllt4.json?callback=wistiajson1

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cecd390cf5a484a6d694aa63cfd6fbeb6dc333cc001034d181a39fa83356989

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 2308
x-request-id: 1b0b2781849471e64d99c42d4a266592
x-served-by: cache-dca17760-DCA, cache-fra19158-FRA
x-runtime: 0.015252
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1639137678.831345,VS0,VE112
etag: W/"8cecd390cf5a484a6d694aa63cfd6fbe"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 96
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 77b5c80910a1fb6ab9a72f4206f3d5765d105da6.webp
embed-fastly.wistia.com/deliveries/ 15 KB
15 KB 97ms
9ms Image
image/webp 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-fastly.wistia.com/deliveries/77b5c80910a1fb6ab9a72f4206f3d5765d105da6.webp?image_crop_resized=1280x720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b232b0efb0ea1e58a37486de0f1742f1ad754243e9ca0bfd49babd28363ea5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 2076406
edge-cache-tag: 77b5c80910a1fb6ab9a72f4206f3d5765d105da6
access-control-request-method: *
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 14982
x-served-by: cache-dca17780-DCA, cache-hhn4055-HHN
last-modified: Wed, 21 May 2014 14:32:26 UTC
x-timer: S1639137678.883289,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
H/1.1 200
OK c6fff99745 Show response
bam-cell.nr-data.net/1/ 49 B
716 B 585ms
518ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/c6fff99745?a=92848240&v=1212.e95d35c&to=NVNWMkRQCENXUUVYWQwZdQVCWAleGXZDREYDWmgQX1QRQ2pgXkRCC1hTOmBYA0dmU1ZUdQ1YQBRZXQpVRB8PWVcMUlgD&rst=3781&ck=1&ref=https://www.empire.ca/&ap=288&be=1305&fe=3625&dc=2535&perf=%7B%22timing%22:%7B%22of%22:1639137674094,%22n%22:0,%22f%22:584,%22dn%22:584,%22dne%22:584,%22c%22:584,%22s%22:619,%22ce%22:666,%22rq%22:666,%22rp%22:1222,%22rpe%22:1230,%22dl%22:1284,%22di%22:2534,%22ds%22:2534,%22de%22:2550,%22dc%22:3623,%22l%22:3624,%22le%22:3628%7D,%22navigation%22:%7B%7D%7D&fp=1970&fcp=2396&at=GRRVRAxKG00%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 12:01:18 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6bb651573e2335e3-MAN

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 432 KB
102 KB 35ms
34ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b7e003305963715b9217019d38928050f8ee17a3ec93375e6920ed93d8ffba72

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 1529
x-cache: HIT, HIT
content-length: 104024
x-served-by: cache-dca17767-DCA, cache-fra19158-FRA
access-control-allow-origin: *
x-browser-version: 96
last-modified: Thu, 09 Dec 2021 15:03:38 GMT
x-timer: S1639137678.918333,VS0,VE0
etag: "61b21aca-19658"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 84

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 93ms
22ms Image
image/gif 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:18 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 37529
x-cache: HIT, HIT
x-cache-hits: 1, 1134
content-length: 1214
x-served-by: cache-dca17764-DCA, cache-mxp6947-MXP
x-browser-version: 96
last-modified: Fri, 10 Dec 2021 01:33:45 GMT
x-timer: S1639137678.163948,VS0,VE0
etag: "61b2ae79-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 332ms
105ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 12:01:18 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 341ms
108ms XHR
text/plain 34.237.200.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.200.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-200-61.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 12:01:18 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 66 KB
15 KB 27ms
27ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7cc67ec62a8ef79d3a5db88d697722836831537fe038bd7e8c4ee6cbe9e8b84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:18 GMT
content-encoding: br
vary: Accept-Encoding
age: 1530
x-cache: HIT, HIT
content-length: 14809
x-served-by: cache-dca12920-DCA, cache-fra19158-FRA
access-control-allow-origin: *
x-browser-version: 96
last-modified: Thu, 09 Dec 2021 15:03:38 GMT
x-timer: S1639137679.809908,VS0,VE0
etag: "61b21aca-39d9"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 56

GET
H2 200 fa-regular-400.woff2
www.empire.ca/themes/custom/empiretheme/css/fonts/ 12 KB
12 KB 115ms
115ms Font
text/plain 2606:4700::6812:52c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/themes/custom/empiretheme/css/fonts/fa-regular-400.woff2

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:52c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51f6b4b1dc386d7f30ac7ba59611056aa6b1160d57263e4048dbb575feaad340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/sites/default/files/css/css_l5XDv5NbynK7GoADwQECeEfKh76WFRfyjypmX9e8hew.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:01:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 341696
x-cache: HIT
x-cache-hits: 19781
x-ah-environment: prod
content-length: 12216
x-request-id: v-4fbcf5d8-5695-11ec-ac91-47e457fb5325
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6bb65161ce8f4dfa-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Mon, 20 Dec 2021 13:06:22 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.empire.ca/	1970-01-19 23:20:24	Name: _gid Value: GA1.2.1342322285.1639137676
.empire.ca/	1970-01-19 23:18:57	Name: _gat Value: 1
.empire.ca/	1970-01-20 01:28:33	Name: _gcl_au Value: 1.1.367682617.1639137676
.empire.ca/	1970-01-20 08:06:00	Name: _vwo_uuid_v2 Value: D2271097EB955F3826B53B6B51279C307\|41a91769193acfceb6ab77f413400c25
.empire.ca/	1970-01-20 16:50:09	Name: _ga_1S7M715GDE Value: GS1.1.1639137676.1.0.1639137676.0
.empire.ca/	1970-01-20 16:50:09	Name: _ga Value: GA1.1.1500627683.1639137676
.doubleclick.net/	1970-01-20 08:40:33	Name: IDE Value: AHWqTUlYBYTQGC9L5zIZ0um1w9gsH-JGvZec1gFEbv5TvUl_lMRcBOPwp1WdgtH2Qg4
.empire.ca/	1970-01-20 01:42:57	Name: _vis_opt_s Value: 1%7C
.empire.ca/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.linkedin.com/	1970-01-20 00:02:09	Name: UserMatchHistory Value: AQJZK9189XYLjAAAAX2kOA1ZY9DlRNZxTEQPBl9LnGWCDZMPgxWlNq3iiXP-7mpqUWefZzgZsq1aZg
.linkedin.com/	1970-01-20 00:02:09	Name: AnalyticsSyncHistory Value: AQLPrffXUWdTMgAAAX2kOA1Z8FmEcuWzVYAhY_t9rK1mfMms1cMsON3BFYgsU8zguuCX9mrz7wEkG5QDkrYrLA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:50:51	Name: bcookie Value: "v=2&1fcce5c3-64b8-47ac-8f79-afca64aeb0ea"
.linkedin.com/	1970-01-19 23:20:24	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2170:u=1:x=1:i=1639137676:t=1639224076:v=2:sig=AQFfuY0OiNV2SM0DeVw-ZBUoJjGIgYlb"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:50:51	Name: bscookie Value: "v=1&2021121012011662d94adb-aa30-4e6e-8968-c82e37c274d6AQFOla5UprExPR63Vz5G2m0haOHQiWkI"
.linkedin.com/	1970-01-20 16:49:17	Name: li_gc Value: MTswOzE2MzkxMzc2NzY7MjswMjFlB6a6OuWO2TNDjr1mK39P7hI/cHPlM5ABu88gmix4qw==
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 5799bf6396a97014

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290522.fls.doubleclick.net
adservice.google.com
assets-tracking.crazyegg.com
bam-cell.nr-data.net
cdn.jsdelivr.net
dev.visualwebsiteoptimizer.com
distillery.wistia.com
embed-fastly.wistia.com
fast.wistia.com
insurance.cmail20.com
js-agent.newrelic.com
pagestates-tracking.crazyegg.com
pipedream.wistia.com
px.ads.linkedin.com
px4.ads.linkedin.com
s3.amazonaws.com
script.crazyegg.com
snap.licdn.com
stats.g.doubleclick.net
tracking.crazyegg.com
www.empire.ca
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
108.174.10.14
142.250.184.198
151.101.194.137
151.101.66.133
162.247.243.146
18.196.121.95
18.66.122.57
2606:4700::6810:5514
2606:4700::6812:52c
2606:4700::6813:9308
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c0a::9a
2a02:26f0:6c00::210:ba20
2a04:4e42::622
34.237.200.61
34.96.102.137
52.217.46.206
52.222.236.10
54.86.117.43
99.81.19.154
0bb7aeb18f1091a582be621acf512dd276a8c4e0f7c27bfa715795c6aeb1eea8
0d5a1a8538e044735769e30d9b495f2881ea84180593d4cd2a608c213133ad2f
142e9e9129e6c90b5835c8c8cfc5556adb54ebaa99889798a2c94b8078d79ed5
23f6a5ae4a582622e38c4a2816091462039a2ef0433ae4adf6d8897d80a59110
2eb58e6b157ff8672b7811149d965ba58b3d5856b3934cffde285a2559ecedb6
317d9c96dd06729e16f54df3cedd694f1c252531f425c75105c03b63688bea1d
3aa33dc9f202ae901f5aac5d54da7c1a38fc235c77ab6a1611444ec76b3c0af4
3f2ec967e4b0fe2c5f176bda427536480dc3ea919b5575df3d8b3983ff78f8ba
4286f16b906c6f6340f1845a1ea1bc3ecde7ab9d5fc4e7a1dc09cd53e8719c29
488a32598c179cd3b22fadf1026c9b4e72c0372158498c193ae65e78280a1e6b
51f6b4b1dc386d7f30ac7ba59611056aa6b1160d57263e4048dbb575feaad340
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f76c127b37f0a78e50dd957aad93cb621e481428d8c53e671f288ab47ec9fa7
63db81f146b1cf067c2d8e77fb33e709eede61f5611960ef261213ee9b4d9deb
676e4476d902ce9358bee88e3b27113910cba6dd8b1bee76a7296aa384b34a3a
67e3987797a556bdf46f6779d8f65e1a8c106e6d310a079a152bae89f018bddc
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
723061b9899e886c3a53ace820df31db3f34a9610c93181a3c4d7daae778023a
759363408c7a20c57f298d1feeecf71872af356a7f3fa4f2530863b9ef46fdad
768a54da5cccc06b2bee4c7f6663ce05a2fde49dff7945d3d3642b8285ee8e80
7caa8175d4f531f6009d3e8f7597be92a66733187b5a808b7c85f4c33641dff7
7cc67ec62a8ef79d3a5db88d697722836831537fe038bd7e8c4ee6cbe9e8b84f
7e4fb95cbba6cc6ad49a2e0bccf1b291b57ad484661bc03687d2557d04b539ce
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a524018ff9841037ce24a847c1f17ae5e3698fba287b3958f3e6239d2d3dbd0
8cecd390cf5a484a6d694aa63cfd6fbeb6dc333cc001034d181a39fa83356989
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
90cd0ae2fbc2ca013d61e90aa04903271be5d06de2ae1317d44b30a21c07f6ee
9795c3bf935bca72bb1a8003c101027847ca87be961517f28f2a665fd7bc85ec
97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a32bf3cdebeac617fe2b696cb4e16fec1b62cc1a0eaeebe70b865e1b9779348d
a3f23882af078056246b6773a358d1d244b163ca8cb8c4016edc9e5a627c0cd7
a6e3584dc50a3aa56ed0622e4e873dcb0a41423d5adc863c06fa9c7c3e715f19
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a89b15091d5b10dea56fd19c3572e6123e002edfd1f413bf4173267be6ea384f
aafc73721bbcdae2be1d3373fd973852ca8d7ed638a6236bf7e8d43680573d6e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b232b0efb0ea1e58a37486de0f1742f1ad754243e9ca0bfd49babd28363ea5be
b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027
b55bd941b3db8ef04a1269c3e42fc1449a83dc28acfafd13622255cbf7bbcacd
b59c2b29c3b72666126c117224ecbe20af663b9d72d25b3217e0d0cc4eef6a2a
b7e003305963715b9217019d38928050f8ee17a3ec93375e6920ed93d8ffba72
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bee9e3767249d6f8a16f41bb0fb99626fb7bae1fcdae274971e986c3489bbaa6
c1380d3cdb2dda9aa48f4dff0cb83afcc50f850aee3ab913acedc5f1ef253ce5
c27217f152eb9a8989311b4cc3549841f9dda7166608c85d0ffa044a02edf63d
c323ef2a9caf1b4c06f87601ce517387840dc207de87bfdabdcded2e7be1b83d
c327ae451371a2fa3b7ea56855f238ab42d2efcf2c82aad8281a7a53e22161fd
d0f408e597446851177e885dab26f93468390fea59b5144664ab1d808a03ef11
d3266e1189b691f659005c65dd5adf1e47098ced72d6d64ce38ec17d95373461
d376286c051a8c50712e4951deb2c1661d267e61f6332f2acd8ac0bb338c6575
d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97
d71e1771160de4d35dd7d5362bb322301ee61aa1da7754b4ba0e401679558aa0
dfeb134b8fbb3742482970467a1e7d2f17a9f7a54fa8a86127664524b36bdf2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46b16ed3123a12b48e52fdb07b595b5274a0885c5f0f7971a727b826bf95d9f
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
ea2932149d7e2efdf8ee749cc1da00fbee1ed012306599aac1097fcc971b1d90
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f88fdeee39817a09ffe75d32ff15dfd362665caed6b01c4166fe4ebc0e54d31f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.empire.ca Open in urlscan Pro 2606:4700::6812:52c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

72 Requests

96 %HTTPS

50 %IPv6

17 Domains

27 Subdomains

25 IPs

4 Countries

1317 kBTransfer

3777 kBSize

18 Cookies

14 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.empire.ca Open in urlscan Pro
2606:4700::6812:52c Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

27
Subdomains

25
IPs

4
Countries

1317 kB
Transfer

3777 kB
Size

18
Cookies

72 HTTP transactions
0 data transactions