map.empyreanbenefits.com Open in urlscan Pro
192.48.98.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clevelandcliffsretirees.com/
Effective URL:
https://map.empyreanbenefits.com/ccliffs/login
Submission: On December 11 via api (December 11th 2024, 6:48:00 pm UTC) from US — Scanned from AT

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 21 HTTP transactions. The main IP is 192.48.98.17, located in United States and belongs to EBSI, US. The main domain is map.empyreanbenefits.com. The Cisco Umbrella rank of the primary domain is 391944.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 20th 2024. Valid for: a year.

This is the only time map.empyreanbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.48.98.21 192.48.98.21	63087 (EBSI) (EBSI)
12	192.48.98.17 192.48.98.17	63087 (EBSI) (EBSI)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	3.5.30.111 3.5.30.111	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
3	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
21	6

1 192.48.98.21 (United States) 1 redirects

ASN63087 (EBSI, US)
PTR: ns1.goempyrean.com

clevelandcliffsretirees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.48.98.17 (United States)

ASN63087 (EBSI, US)

map.empyreanbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.30.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-w.us-east-1.amazonaws.com

ebsi.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	empyreanbenefits.com map.empyreanbenefits.com — Cisco Umbrella Rank: 391944	860 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	gstatic.com fonts.gstatic.com	48 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	185 KB
1	amazonaws.com ebsi.s3.amazonaws.com — Cisco Umbrella Rank: 139948	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	clevelandcliffsretirees.com 1 redirects clevelandcliffsretirees.com	219 B
21	7

	Domain	Requested by
12	map.empyreanbenefits.com	map.empyreanbenefits.com
3	region1.google-analytics.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	map.empyreanbenefits.com www.googletagmanager.com
1	ebsi.s3.amazonaws.com	map.empyreanbenefits.com
1	fonts.googleapis.com	map.empyreanbenefits.com
1	clevelandcliffsretirees.com	1 redirects
21	7

This site contains links to these domains. Also see Links.

Domain
goempyrean.com

Subject Issuer	Validity	Valid
map.empyreanbenefits.com Go Daddy Secure Certificate Authority - G2	`2024-06-20` - `2025-07-22`	a year	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://map.empyreanbenefits.com/ccliffs/login
Frame ID: 5CFAABE053AB994E3EC6D70C360ADCE3
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MAP - Log in

Page URL History Show full URLs

https://clevelandcliffsretirees.com/ HTTP 302
https://map.empyreanbenefits.com/ccliffs/login Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

1098 kB
Transfer

2841 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://goempyrean.com/
Title: Empyrean Benefit Solutions, Inc.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clevelandcliffsretirees.com/ HTTP 302
https://map.empyreanbenefits.com/ccliffs/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
map.empyreanbenefits.com/ccliffs/
Redirect Chain

https://clevelandcliffsretirees.com/
https://map.empyreanbenefits.com/ccliffs/login

15 KB
7 KB

1559ms
220ms

Document
text/html

192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/ccliffs/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

f93d53732bb4047913779190c9e74203a10b8033179fe04d784f94a226af7a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 6665
Content-Type: text/html; charset=utf-8
Date: Wed, 11 Dec 2024 18:47:48 GMT
Expires: 0
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma: no-cache
Strict-Transport-Security: max-age=15552000;
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block

Redirect headers

Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=15552000
cache-control: no-cache
content-length: 0
location: https://map.empyreanbenefits.com/ccliffs/login

GET
H/1.1 200
OK framework
map.empyreanbenefits.com/Content/css/ 402 KB
75 KB 573ms
282ms Stylesheet
text/css 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/Content/css/framework?v=DZNiGfUI6xYPi5Oth_ZdDPbiNdL7ZIKKo3zWmPSC8Ik1

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

c0c198c7d8bffbbec6fc6a93ae6ca770d06c67a811119a61d979c102a9a96bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/ccliffs/login

Response headers

Content-Length: 76177
Strict-Transport-Security: max-age=15552000;
Cache-Control: public
Content-Encoding: gzip
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 11 Dec 2025 18:47:48 GMT
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:48 GMT
Content-Type: text/css; charset=utf-8
Last-Modified: Wed, 11 Dec 2024 18:47:48 GMT
Vary: User-Agent
X-Frame-Options: DENY

GET
H/1.1 200
OK ebsi-map
map.empyreanbenefits.com/Content/css/ 654 KB
125 KB 581ms
290ms Stylesheet
text/css 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/Content/css/ebsi-map?v=U-xSqRt9SS8I_e3l8Mu2rf97hVrAZgx6z68P3EXYBnM1

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

b8028a9742936275e19703a52086455fedbc66ce548d082bba447e16770fc8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/ccliffs/login

Response headers

Content-Length: 127071
Strict-Transport-Security: max-age=15552000;
Cache-Control: public
Content-Encoding: gzip
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 11 Dec 2025 18:47:55 GMT
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:55 GMT
Content-Type: text/css; charset=utf-8
Last-Modified: Wed, 11 Dec 2024 18:47:55 GMT
Vary: User-Agent
X-Frame-Options: DENY

GET
H/1.1 200
OK jquery Show response
map.empyreanbenefits.com/Scripts/ 215 KB
87 KB 577ms
285ms Script
text/javascript 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/Scripts/jquery?v=shudGTW7hjkyunxzuJ8v7aPiyjQM05z-kQKjRfaGRXY1

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

888b610a50e105e3da1f2cb02a3516f99299442cfc3af2d0a4d6244122c391b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/ccliffs/login

Response headers

Content-Length: 88196
Strict-Transport-Security: max-age=15552000;
Cache-Control: public
Content-Encoding: gzip
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 11 Dec 2025 18:47:46 GMT
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:46 GMT
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 11 Dec 2024 18:47:46 GMT
Vary: User-Agent
X-Frame-Options: DENY

GET
H/1.1 200
OK vendor-lib Show response
map.empyreanbenefits.com/Scripts/ 554 KB
218 KB 593ms
297ms Script
text/javascript 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/Scripts/vendor-lib?v=lxMEbkSp6JQVggc8stpQm2mPv-_AYSRDrjqaSP_jriM1

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

e2744e13503439992d0b9fc991156b9d8fcb0093ca6718cf4989ebdf80fa1a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/ccliffs/login

Response headers

Content-Length: 222767
Strict-Transport-Security: max-age=15552000;
Cache-Control: public
Content-Encoding: gzip
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 11 Dec 2025 18:47:55 GMT
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:55 GMT
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 11 Dec 2024 18:47:55 GMT
Vary: User-Agent
X-Frame-Options: DENY

GET
H/1.1 200
OK ebsi-map Show response
map.empyreanbenefits.com/Scripts/ 32 KB
13 KB 478ms
182ms Script
text/javascript 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/Scripts/ebsi-map?v=rb29TFoAYxYiUC6HQauUWF0skogwn0MdIN7Y61cMXzA1

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

87fb2ffeea6de84aa25e55fef46e5fa8c2e98cb9b530e5ea0848081dfb41a3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/ccliffs/login

Response headers

Content-Length: 12245
Strict-Transport-Security: max-age=15552000;
Cache-Control: public
Content-Encoding: gzip
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 11 Dec 2025 18:47:55 GMT
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:55 GMT
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 11 Dec 2024 18:47:55 GMT
Vary: User-Agent
X-Frame-Options: DENY

GET
H2 200 css2
fonts.googleapis.com/ 43 KB
2 KB 133ms
40ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

b77c5170129775f7ea5128c2301928be5f041d6e11805c7f5e679a4caab31bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 18:47:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 18:47:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 11 Dec 2024 18:23:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK banner-login.jpg
map.empyreanbenefits.com/Content/images/ 152 KB
152 KB 583ms
287ms Image
image/jpeg 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://map.empyreanbenefits.com/Content/images/banner-login.jpg

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

ab1f21f63d6d1c0927c92bd181360e7695daa5ac765724c77a90bd3d804e07f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/ccliffs/login

Response headers

Strict-Transport-Security: max-age=15552000;
Cache-Control: max-age=31536000
Connection: close
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:46 GMT
Content-Type: image/jpeg
Last-Modified: Wed, 20 Nov 2024 16:24:34 GMT
Content-Length: 155355
X-Frame-Options: DENY

GET
H/1.1 200
OK CLF_PNG_235x54_Transparent.png
ebsi.s3.amazonaws.com/ccliffs/network/logos/ 3 KB
4 KB 466ms
154ms Image
image/png 3.5.30.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ebsi.s3.amazonaws.com/ccliffs/network/logos/CLF_PNG_235x54_Transparent.png
Requested by: Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-w.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44ae18d922a7ab7e6428aff89407d9b0b4522935db2e10ddd12f7ae89b3dec12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/

Response headers

x-amz-id-2: qauoK4Q3NEFvab0qwuoJ3T5rCdf8JE7hbOBVN+iBVazcKkJd5ajDXZk5LZqe2ANzdTvnyPbT+44GV6zT4YjdstBFT62yv+sy
x-amz-replication-status: COMPLETED
Cache-Control: max-age=3153600
ETag: "4e88a29898333dc5280593302a56aa30"
x-amz-version-id: wiUZUCYVrf4iQfdd2mDMU3Ox003TTN6F
x-amz-request-id: BV7B8FJJWHCFQDTH
Accept-Ranges: bytes
Content-Length: 3458
Date: Wed, 11 Dec 2024 18:47:55 GMT
Last-Modified: Thu, 15 Aug 2024 17:42:31 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK MAP-280.png
map.empyreanbenefits.com/Images/icons/ 8 KB
8 KB 440ms
151ms Image
image/png 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://map.empyreanbenefits.com/Images/icons/MAP-280.png

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

2b1de84dcdda6a46a2eea46ede6f2c281a16ed913ea5bde952efd8cc52353ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/ccliffs/login

Response headers

Strict-Transport-Security: max-age=15552000;
Cache-Control: max-age=31536000
Connection: close
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:47 GMT
Content-Type: image/png
Last-Modified: Wed, 20 Nov 2024 16:24:36 GMT
Content-Length: 8169
X-Frame-Options: DENY

GET
H/1.1 200
OK fira-sans-regular-webfont.woff2
map.empyreanbenefits.com/Content/fonts/ 17 KB
18 KB 558ms
273ms Font
application/font-woff2 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/Content/fonts/fira-sans-regular-webfont.woff2

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/Content/css/ebsi-map?v=U-xSqRt9SS8I_e3l8Mu2rf97hVrAZgx6z68P3EXYBnM1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

61d002d2a196112ea4ec199137e56ffe524283c93befaa6da7e19b6950fd1a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://map.empyreanbenefits.com
Referer: https://map.empyreanbenefits.com/Content/css/ebsi-map?v=U-xSqRt9SS8I_e3l8Mu2rf97hVrAZgx6z68P3EXYBnM1

Response headers

Strict-Transport-Security: max-age=15552000;
Cache-Control: max-age=31536000
Connection: close
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:56 GMT
Content-Type: application/font-woff2
Last-Modified: Wed, 20 Nov 2024 16:24:36 GMT
Content-Length: 17600
X-Frame-Options: DENY

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
77 KB 153ms
64ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8PJFK5

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/ccliffs/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f0bd01a4a0e699a0a516c1cc38b45309cf611ee974d8b49bfa191f447f1e9ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 11 Dec 2024 18:47:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 18:47:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78618
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK montserrat-semibold-webfont.woff2
map.empyreanbenefits.com/Content/fonts/ 25 KB
25 KB 587ms
297ms Font
application/font-woff2 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/Content/fonts/montserrat-semibold-webfont.woff2

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/Content/css/ebsi-map?v=U-xSqRt9SS8I_e3l8Mu2rf97hVrAZgx6z68P3EXYBnM1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

8cd286cdf0a704816f1b1f881851ee47654123ada05c5d1d8147cdcb591e984c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://map.empyreanbenefits.com
Referer: https://map.empyreanbenefits.com/Content/css/ebsi-map?v=U-xSqRt9SS8I_e3l8Mu2rf97hVrAZgx6z68P3EXYBnM1

Response headers

Strict-Transport-Security: max-age=15552000;
Cache-Control: max-age=31536000
Connection: close
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:56 GMT
Content-Type: application/font-woff2
Last-Modified: Wed, 20 Nov 2024 16:24:36 GMT
Content-Length: 25600
X-Frame-Options: DENY

GET
H3 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 73ms
32ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://map.empyreanbenefits.com
Referer: https://fonts.googleapis.com/

Response headers

age: 10056
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 16:00:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 16:00:18 GMT
last-modified: Tue, 02 May 2023 14:50:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23880
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK ebsi-icons.woff
map.empyreanbenefits.com/Content/fonts/ 116 KB
117 KB 579ms
289ms Font
application/x-font-woff 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/Content/fonts/ebsi-icons.woff

Requested by

Host: map.empyreanbenefits.com
URL: https://map.empyreanbenefits.com/Content/css/ebsi-map?v=U-xSqRt9SS8I_e3l8Mu2rf97hVrAZgx6z68P3EXYBnM1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

b4c2b80e20724575c18c649e1a77bc948a587279b5201078e5388e0bdfed8a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://map.empyreanbenefits.com
Referer: https://map.empyreanbenefits.com/Content/css/ebsi-map?v=U-xSqRt9SS8I_e3l8Mu2rf97hVrAZgx6z68P3EXYBnM1

Response headers

Strict-Transport-Security: max-age=15552000;
Cache-Control: max-age=31536000
Connection: close
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:47 GMT
Content-Type: application/x-font-woff
Last-Modified: Wed, 20 Nov 2024 16:24:36 GMT
Content-Length: 119008
X-Frame-Options: DENY

GET
H3 200 va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
24 KB 78ms
37ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://map.empyreanbenefits.com
Referer: https://fonts.googleapis.com/

Response headers

age: 20611
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 13:04:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 13:04:23 GMT
last-modified: Tue, 02 May 2023 14:50:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24868
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 61ms
60ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RB6R3TXQ72&l=dataLayer&cx=c&gtm=45He4ca0v9117813238za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8PJFK5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e7f2f3f41da14462360bd49c4f57dace1feb75f96de8a05bdd0b5d6e1783c3dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 11 Dec 2024 18:47:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 18:47:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109830
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 103ms
40ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RB6R3TXQ72&gtm=45je4ca0v9117821499z89117813238za200zb9117813238&_p=1733942874771&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=2052213736.1733942875&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2Fnetwork%2Faccount%2Flogin&sid=1733942875&sct=1&seg=0&dl=https%3A%2F%2Fmap.empyreanbenefits.com%2Fccliffs%2Flogin&dt=MAP%20-%20Log%20in&en=page_view&_fv=1&_nsi=1&_ss=1&ep.ebsi_network=ccliffs&ep.ebsi_client=network&ep.ebsi_internal=false&tfd=3544
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RB6R3TXQ72&l=dataLayer&cx=c&gtm=45He4ca0v9117813238za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://map.empyreanbenefits.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 18:47:55 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 48ms
25ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RB6R3TXQ72&gtm=45je4ca0v9117821499za200zb9117813238&_p=1733942874771&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=2052213736.1733942875&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dp=%2Fnetwork%2Faccount%2Flogin&sid=1733942875&sct=1&seg=0&dl=https%3A%2F%2Fmap.empyreanbenefits.com%2Fccliffs%2Flogin&dt=MAP%20-%20Log%20in&en=scroll&ep.ebsi_network=ccliffs&ep.ebsi_client=network&ep.ebsi_internal=false&epn.percent_scrolled=90&_et=3&tfd=4092
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RB6R3TXQ72&l=dataLayer&cx=c&gtm=45He4ca0v9117813238za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://map.empyreanbenefits.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 18:47:55 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK favicon.ico
map.empyreanbenefits.com/ 15 KB
15 KB 582ms
291ms Other
image/x-icon 192.48.98.17
EBSI

General

Check archive.org

Show headers Download Go to

Full URL

https://map.empyreanbenefits.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.48.98.17 , United States, ASN63087 (EBSI, US),

Reverse DNS

Software

Resource Hash

989839104919cc311e7a8e89171dd910ad12a69815af78237676d5d3df13dce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/ccliffs/login

Response headers

Strict-Transport-Security: max-age=15552000;
Cache-Control: max-age=31536000
Connection: close
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
P3P: policyref="/content/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1;mode=block
Date: Wed, 11 Dec 2024 18:47:56 GMT
Content-Type: image/x-icon
Last-Modified: Wed, 20 Nov 2024 16:24:36 GMT
Content-Length: 15086
X-Frame-Options: DENY

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 39ms
38ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RB6R3TXQ72&gtm=45je4ca0v9117821499z89117813238za200zb9117813238&_p=1733942874771&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=2052213736.1733942875&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&dp=%2Fnetwork%2Faccount%2Flogin&sid=1733942875&sct=1&seg=0&dl=https%3A%2F%2Fmap.empyreanbenefits.com%2Fccliffs%2Flogin&dt=MAP%20-%20Log%20in&en=page_load_time&ep.ebsi_network=ccliffs&ep.ebsi_client=network&ep.ebsi_internal=false&epn.loading_time_sec=4.08&_et=538&tfd=9093
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RB6R3TXQ72&l=dataLayer&cx=c&gtm=45He4ca0v9117813238za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://map.empyreanbenefits.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://map.empyreanbenefits.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 18:48:00 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.empyreanbenefits.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: XJss6KHiD34NiWdBMqJTX_TSOYKBG07Y5VQqKbaQxklDMeSIrFRRhgTBIpmu4iKc2XiEacAdmbO07XHVRZZPxbhbWpY1
map.empyreanbenefits.com/	1969-12-31 23:59:59	Name: member_search_selected Value: emp
.empyreanbenefits.com/	1970-01-21 11:15:02	Name: _ga Value: GA1.1.2052213736.1733942875
.empyreanbenefits.com/	1970-01-21 11:15:02	Name: _ga_RB6R3TXQ72 Value: GS1.1.1733942875.1.0.1733942875.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clevelandcliffsretirees.com
ebsi.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
map.empyreanbenefits.com
region1.google-analytics.com
www.googletagmanager.com
142.250.185.232
142.250.186.138
142.250.186.163
192.48.98.17
192.48.98.21
216.239.34.36
3.5.30.111
2b1de84dcdda6a46a2eea46ede6f2c281a16ed913ea5bde952efd8cc52353ddd
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
44ae18d922a7ab7e6428aff89407d9b0b4522935db2e10ddd12f7ae89b3dec12
61d002d2a196112ea4ec199137e56ffe524283c93befaa6da7e19b6950fd1a32
87fb2ffeea6de84aa25e55fef46e5fa8c2e98cb9b530e5ea0848081dfb41a3d6
888b610a50e105e3da1f2cb02a3516f99299442cfc3af2d0a4d6244122c391b4
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8cd286cdf0a704816f1b1f881851ee47654123ada05c5d1d8147cdcb591e984c
989839104919cc311e7a8e89171dd910ad12a69815af78237676d5d3df13dce3
ab1f21f63d6d1c0927c92bd181360e7695daa5ac765724c77a90bd3d804e07f2
b4c2b80e20724575c18c649e1a77bc948a587279b5201078e5388e0bdfed8a2a
b77c5170129775f7ea5128c2301928be5f041d6e11805c7f5e679a4caab31bea
b8028a9742936275e19703a52086455fedbc66ce548d082bba447e16770fc8b1
c0c198c7d8bffbbec6fc6a93ae6ca770d06c67a811119a61d979c102a9a96bf5
e2744e13503439992d0b9fc991156b9d8fcb0093ca6718cf4989ebdf80fa1a7a
e7f2f3f41da14462360bd49c4f57dace1feb75f96de8a05bdd0b5d6e1783c3dc
f0bd01a4a0e699a0a516c1cc38b45309cf611ee974d8b49bfa191f447f1e9ffa
f93d53732bb4047913779190c9e74203a10b8033179fe04d784f94a226af7a87

map.empyreanbenefits.com Open in urlscan Pro 192.48.98.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

6 IPs

1 Countries

1098 kBTransfer

2841 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

map.empyreanbenefits.com Open in urlscan Pro
192.48.98.17 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

1098 kB
Transfer

2841 kB
Size

4
Cookies

21 HTTP transactions
0 data transactions