www.empire.ca Open in urlscan Pro
104.17.12.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login-staging.empire.ca/
Effective URL:
https://www.empire.ca/
Submission: On September 25 via automatic, source certstream-suspicious (September 25th 2021, 4:02:33 am UTC) — Scanned from DE

Summary HTTP 68 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 68 HTTP transactions. The main IP is 104.17.12.20, located in and belongs to CLOUDFLARENET, US. The main domain is www.empire.ca.
TLS certificate: Issued by Entrust Certification Authority - L1M on October 5th 2020. Valid for: a year.

This is the only time www.empire.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.97.176.199 3.97.176.199	16509 (AMAZON-02) (AMAZON-02)
1 28	104.17.12.20 104.17.12.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
2	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
3	52.216.8.101 52.216.8.101	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1 11	151.101.2.110 151.101.2.110	54113 (FASTLY) (FASTLY)
2	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1 3	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
4	104.19.147.8 104.19.147.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.120.156 172.253.120.156	15169 (GOOGLE) (GOOGLE)
1	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	54.73.172.176 54.73.172.176	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	52.86.94.156 52.86.94.156	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.23.190.53 52.23.190.53	14618 (AMAZON-AES) (AMAZON-AES)
68	20

1 3.97.176.199 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-176-199.ca-central-1.compute.amazonaws.com

login-staging.empire.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.17.12.20 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

empire.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.empire.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.8.101 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.2.110 (United States) 1 redirects

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

5290522.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.120.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wd-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.172.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

embed-fastly.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.94.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-94-156.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.190.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-190-53.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	empire.ca 2 redirects login-staging.empire.ca empire.ca www.empire.ca	2 MB
14	wistia.com 1 redirects fast.wistia.com embed-fastly.wistia.com distillery.wistia.com pipedream.wistia.com	324 KB
5	crazyegg.com script.crazyegg.com tracking.crazyegg.com	26 KB
4	doubleclick.net 1 redirects 5290522.fls.doubleclick.net stats.g.doubleclick.net	1 KB
4	jsdelivr.net cdn.jsdelivr.net	52 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	amazonaws.com s3.amazonaws.com	3 KB
3	google.com www.google.com adservice.google.com	2 KB
2	googletagmanager.com www.googletagmanager.com	120 KB
1	nr-data.net bam-cell.nr-data.net	931 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	google.de www.google.de	522 B
1	gstatic.com www.gstatic.com	134 KB
68	13

	Domain	Requested by
27	www.empire.ca	www.empire.ca
11	fast.wistia.com	1 redirects www.empire.ca fast.wistia.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	cdn.jsdelivr.net	www.empire.ca cdn.jsdelivr.net
3	5290522.fls.doubleclick.net	1 redirects www.googletagmanager.com www.empire.ca
3	www.google-analytics.com	www.empire.ca www.google-analytics.com www.googletagmanager.com
3	s3.amazonaws.com	www.empire.ca
2	www.googletagmanager.com	www.empire.ca www.googletagmanager.com
2	www.google.com	www.empire.ca
1	pipedream.wistia.com	fast.wistia.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	distillery.wistia.com	fast.wistia.com
1	js-agent.newrelic.com	www.empire.ca
1	embed-fastly.wistia.com	www.empire.ca
1	tracking.crazyegg.com	script.crazyegg.com
1	adservice.google.com	5290522.fls.doubleclick.net
1	www.google.de	www.empire.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.gstatic.com	www.google.com
1	empire.ca	1 redirects
1	login-staging.empire.ca	1 redirects
68	21

This site contains links to these domains. Also see Links.

Domain
my.empire.ca
pmw.empire.ca
groupadmin.empire.ca
groupadvisor.empire.ca
empire.ca
www.empirelifeinvestments.ca
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
www.empire.ca Entrust Certification Authority - L1M	`2020-10-05` - `2021-11-04`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
embed-fastly.wistia.com R3	`2021-09-24` - `2021-12-23`	3 months	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.empire.ca/
Frame ID: 06392A1A6BD7B21536295D3A58B88278
Requests: 66 HTTP requests in this frame

Frame: https://5290522.fls.doubleclick.net/activityi;dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F
Frame ID: 33F5576DC832FBE2D61F861B32CA2132
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empire Life | Life Insurance, Investments & Group Benefits

Page URL History Show full URLs

https://login-staging.empire.ca/ HTTP 302
https://empire.ca/ HTTP 301
https://www.empire.ca/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

68
Requests

99 %
HTTPS

0 %
IPv6

13
Domains

21
Subdomains

20
IPs

4
Countries

2611 kB
Transfer

4948 kB
Size

6
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://my.empire.ca/login/?lang=en-ca&next=/?role=customer
Title: MyEmpire Insurance and Investments Online Access

Search URL Search Domain Scan URL

URL: https://pmw.empire.ca/pmwweb/redirect.jsp
Title: Group Plan Member Login

Search URL Search Domain Scan URL

URL: https://groupadmin.empire.ca/login/?lang=en-ca
Title: Group Plan Administrator Login

Search URL Search Domain Scan URL

URL: https://my.empire.ca/login/?lang=en-ca&next=/?role=advisor
Title: Retail Advisor Login

Search URL Search Domain Scan URL

URL: https://groupadvisor.empire.ca/login/?lang=en-ca
Title: Group Plan Advisor Login

Search URL Search Domain Scan URL

URL: https://empire.ca/life-and-money-matters/why-use-an-advisor

Search URL Search Domain Scan URL

URL: http://empire.ca/docs/pdf/GRP-3012-OpioidManagementSolution-EN-web.pdf

Search URL Search Domain Scan URL

URL: https://my.empire.ca/login/?lang=en-ca&next=/%3Frole%3Dcustomer

Search URL Search Domain Scan URL

URL: https://my.empire.ca/login/?next=/%3Frole%3Dcustomer&lang=en-ca
Title: MyEmpire Insurance and Investments Online Access

Search URL Search Domain Scan URL

URL: https://www.empirelifeinvestments.ca/
Title: Empire Life Investments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EmpireLife/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/empire-life/

Search URL Search Domain Scan URL

URL: https://twitter.com/EmpireLife

Search URL Search Domain Scan URL

URL: https://www.instagram.com/empirelife/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login-staging.empire.ca/ HTTP 302
https://empire.ca/ HTTP 301
https://www.empire.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://5290522.fls.doubleclick.net/activityi;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F HTTP 302
https://5290522.fls.doubleclick.net/activityi;dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F

Request Chain 56

https://fast.wistia.com/assets/external/captions-v1.js HTTP 301
https://fast.wistia.com/assets/external/captions.js

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.empire.ca/
Redirect Chain

https://login-staging.empire.ca/
https://empire.ca/
https://www.empire.ca/

68 KB
16 KB

536ms
488ms

Document
text/html

104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d86500533552e71906b0f31441b3b3d45ea05e7800a43a322d7789a15efcffae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.empire.ca
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, public
x-drupal-dynamic-cache: MISS
link: <https://www.empire.ca/>; rel="canonical", <https://www.empire.ca/>; rel="shortlink"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Sat, 25 Sep 2021 04:02:03 GMT
vary: Cookie,Accept-Encoding
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: MISS
x-request-id: v-57a8486a-1db5-11ec-8ca2-27a006b22d5f
x-ah-environment: prod
age: 22
via: varnish
x-cache: HIT
x-cache-hits: 3
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69415b64dc965be5-FRA
content-encoding: gzip

Redirect headers

date: Sat, 25 Sep 2021 04:02:26 GMT
cache-control: max-age=3600
expires: Sat, 25 Sep 2021 05:02:26 GMT
location: https://www.empire.ca/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 69415b646c095be5-FRA

GET
H2 200 css_G1Gc1KrSaOANaJ0GUPKQCkS7vrz018cuU6snrnX-fE4.css
www.empire.ca/sites/default/files/css/ 5 KB
2 KB 406ms
405ms Stylesheet
text/css 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/css/css_G1Gc1KrSaOANaJ0GUPKQCkS7vrz018cuU6snrnX-fE4.css

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b519cd4aad268e00d689d0650f2900a44bbbebcf4d7c72e53ab27ae75fe7c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_G1Gc1KrSaOANaJ0GUPKQCkS7vrz018cuU6snrnX-fE4.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806008
x-cache: HIT
x-cache-hits: 35769
x-ah-environment: prod
vary: Accept-Encoding
content-length: 1728
x-request-id: v-c37209f2-1660-11ec-b5ab-bb4965729257
last-modified: Fri, 03 Sep 2021 12:36:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b680f785be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:59 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/ 119 KB
19 KB 21ms
6ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1341333
x-jsd-version: 3.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 19726
etag: W/"1da71-sJcv3M6C/Vg9TCzMPy4990BKGdA"
x-served-by: cache-fra19125-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Sat, 25 Sep 2021 04:02:27 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/ 11 KB
4 KB 21ms
6ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/drupal-bootstrap.min.css

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0bb7aeb18f1091a582be621acf512dd276a8c4e0f7c27bfa715795c6aeb1eea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2002297
x-jsd-version: 0.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 3318
etag: W/"2ba9-7BZ4Wjo4JdjHlvh1wHU1MeucYhU"
x-served-by: cache-fra19132-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Sat, 25 Sep 2021 04:02:27 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
www.empire.ca/sites/default/files/css/ 199 KB
31 KB 452ms
452ms Stylesheet
text/css 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

136c9a84b4519f810fb88b52777268537dbe6d6d3e77675f9dc4be0345f630bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806008
x-cache: HIT
x-cache-hits: 36002
x-ah-environment: prod
vary: Accept-Encoding
content-length: 31947
x-request-id: v-1623e4ca-0060-11ec-80f0-bb338753476f
last-modified: Wed, 18 Aug 2021 12:04:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b680f795be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:59 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
987 B 40ms
16ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Sat, 25 Sep 2021 04:02:27 GMT

GET
H2 200 logo.png
www.empire.ca/themes/custom/empiretheme/ 7 KB
7 KB 390ms
387ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/logo.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee9e3767249d6f8a16f41bb0fb99626fb7bae1fcdae274971e986c3489bbaa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 96155
x-ah-environment: prod
content-length: 7029
x-request-id: v-bc722d2a-0cf2-11ec-a555-7325715715ff
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6afa055be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:42 GMT

GET
H2 200 important-icon.svg
www.empire.ca/sites/default/files/inline-images/ 344 B
415 B 365ms
363ms Image
image/svg+xml 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/inline-images/important-icon.svg

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1380d3cdb2dda9aa48f4dff0cb83afcc50f850aee3ab913acedc5f1ef253ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/inline-images/important-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806008
x-cache: HIT
x-cache-hits: 37560
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-1623339a-0060-11ec-a414-af8e06b4c8e7
last-modified: Fri, 20 Mar 2020 14:40:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 69415b6afa085be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:59 GMT

GET
H2 200 818800-PriceAndPerformance-ConsumerBanner-EN.jpeg
www.empire.ca/sites/default/files/2021-09/ 119 KB
119 KB 495ms
493ms Image
image/jpeg 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/2021-09/818800-PriceAndPerformance-ConsumerBanner-EN.jpeg

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2ec967e4b0fe2c5f176bda427536480dc3ea919b5575df3d8b3983ff78f8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2021-09/818800-PriceAndPerformance-ConsumerBanner-EN.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 311054
x-cache: HIT
x-cache-hits: 17734
x-ah-environment: prod
content-length: 121403
x-request-id: v-2ae64344-1ae1-11ec-b960-6ba51cb14ede
last-modified: Tue, 21 Sep 2021 13:37:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6afa095be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 21 Oct 2021 13:38:13 GMT

GET
H2 200 FAA-empire.ca-Consumer-Banner-EN.jpg
www.empire.ca/sites/default/files/2020-10/ 507 KB
508 KB 118ms
118ms Image
image/jpeg 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/2020-10/FAA-empire.ca-Consumer-Banner-EN.jpg

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3298676a162215244127b3ed3285090209d203e75bacdcc218b4b2b0d0259662

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2020-10/FAA-empire.ca-Consumer-Banner-EN.jpg
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 66129
x-ah-environment: prod
content-length: 518796
x-request-id: v-bccdfd58-0cf2-11ec-9163-a3c05b71b57c
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6e0c8c5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 Opioids-Empire-Landing-Consumer-EN.jpeg
www.empire.ca/sites/default/files/2021-04/ 179 KB
179 KB 469ms
469ms Image
image/jpeg 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/2021-04/Opioids-Empire-Landing-Consumer-EN.jpeg

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9fa4c51b62ba4bab830bc298ab971fd25b3cb53a677e78a6fd3cfa54f0fbc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2021-04/Opioids-Empire-Landing-Consumer-EN.jpeg
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 66720
x-ah-environment: prod
content-length: 183164
x-request-id: v-c3ad298c-f55f-11eb-b103-87761e787d35
last-modified: Thu, 01 Apr 2021 15:04:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6e1c935be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 Forbes%E2%80%99-best-employers-in-Canada-ELBanner-EN-2019-07.jpg
www.empire.ca/sites/default/files/2019-07/ 442 KB
442 KB 102ms
101ms Image
image/jpeg 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/2019-07/Forbes%E2%80%99-best-employers-in-Canada-ELBanner-EN-2019-07.jpg

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7583abbb9a083d372fb79bcbe20b274a77160cbbaba716715da003ed0cc5f4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2019-07/Forbes%E2%80%99-best-employers-in-Canada-ELBanner-EN-2019-07.jpg
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 66028
x-ah-environment: prod
content-length: 452420
x-request-id: v-bcdc047a-0cf2-11ec-a884-73c23f549af9
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6e1c965be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 2020-eStatements-ConsumerBanner-EN.jpg
www.empire.ca/sites/default/files/2021-07/ 238 KB
239 KB 490ms
489ms Image
image/jpeg 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/2021-07/2020-eStatements-ConsumerBanner-EN.jpg

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4929e170190b0948dba1c9aef767ef875f409376bd7fcb21fbc2cd7a798b24c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2021-07/2020-eStatements-ConsumerBanner-EN.jpg
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 66930
x-ah-environment: prod
content-length: 243880
x-request-id: v-c3af2688-f55f-11eb-8590-d389020f597d
last-modified: Mon, 19 Jul 2021 13:27:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6e1c9b5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H/1.1 200
OK eclaim-icon-blue.png
s3.amazonaws.com/static.empire.ca/images/consumer/ 1 KB
2 KB 433ms
124ms Image
image/png 52.216.8.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.empire.ca/images/consumer/eclaim-icon-blue.png
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.8.101 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 90cd0ae2fbc2ca013d61e90aa04903271be5d06de2ae1317d44b30a21c07f6ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 04:02:29 GMT
Last-Modified: Fri, 25 May 2018 15:17:38 GMT
Server: AmazonS3
x-amz-request-id: 46EXHYHN2Z8TRJHG
ETag: "48761cf712f6f1179bd4ae1211c4cc2a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1221
x-amz-id-2: sDG55V6Y4apr7tfv5SjTY6q9lisNFXTf/piNv2Q684LtP5PGZZGhyz5bvYGCQeFk2rZsp6t6EMQ=

GET
H/1.1 200
OK investor-access-icon-blue.png
s3.amazonaws.com/static.empire.ca/images/consumer/ 867 B
1 KB 391ms
113ms Image
image/png 52.216.8.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.empire.ca/images/consumer/investor-access-icon-blue.png
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.8.101 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23f6a5ae4a582622e38c4a2816091462039a2ef0433ae4adf6d8897d80a59110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 04:02:29 GMT
Last-Modified: Fri, 25 May 2018 15:17:40 GMT
Server: AmazonS3
x-amz-request-id: 46END2ARSAG3G09A
ETag: "a856a6b3d6b1ee18004ff6a3d3255eb1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 867
x-amz-id-2: nwzJ0LtG9EzDjhV9DMVPfH6r6okhnuZiqgzAIvwYRvtck7i41wPMSUikMRJ/M/FaEu+UsmZn/DY=

GET
H/1.1 200
OK forms-icon-blue.png
s3.amazonaws.com/static.empire.ca/images/consumer/ 382 B
738 B 394ms
116ms Image
image/png 52.216.8.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.empire.ca/images/consumer/forms-icon-blue.png
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.8.101 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4286f16b906c6f6340f1845a1ea1bc3ecde7ab9d5fc4e7a1dc09cd53e8719c29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 04:02:29 GMT
Last-Modified: Fri, 25 May 2018 15:17:39 GMT
Server: AmazonS3
x-amz-request-id: 46EM3CAM358CQMJD
ETag: "4a78e5f3f41a4642105c89e285078ef8"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 382
x-amz-id-2: qJ8yMHvpH1WpW627G5LVxw6Y9dQnGUbLKxARPDufRcGoneEKjKRonrTwKSCRnzbg4ZfstC9NFzY=

GET
H2 200 insurance-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 1 KB
1 KB 363ms
363ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/insurance-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32bf3cdebeac617fe2b696cb4e16fec1b62cc1a0eaeebe70b865e1b9779348d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/images/icons/insurance-icon.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 69593
x-ah-environment: prod
content-length: 1370
x-request-id: v-c3ada4d4-f55f-11eb-b873-fff75b5ed645
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6ebd115be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 group-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 1 KB
1 KB 116ms
116ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/group-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

768a54da5cccc06b2bee4c7f6663ce05a2fde49dff7945d3d3642b8285ee8e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/images/icons/group-icon.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 69554
x-ah-environment: prod
content-length: 1368
x-request-id: v-c3ae9498-f55f-11eb-804c-6b9fcfbe3f39
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6f3d675be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 investments-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 2 KB
2 KB 105ms
105ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/investments-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142e9e9129e6c90b5835c8c8cfc5556adb54ebaa99889798a2c94b8078d79ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/images/icons/investments-icon.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 69549
x-ah-environment: prod
content-length: 1890
x-request-id: v-c3ad9b1a-f55f-11eb-b7a4-7bf533543b6e
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6fedff5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 facebook-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 400 B
504 B 105ms
105ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/facebook-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb58e6b157ff8672b7811149d965ba58b3d5856b3934cffde285a2559ecedb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/images/icons/facebook-icon.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 94030
x-ah-environment: prod
content-length: 400
x-request-id: v-c3aef0c8-f55f-11eb-ab76-bbacd59a6fa1
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b706e645be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 linked-in-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 483 B
638 B 368ms
368ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/linked-in-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f76c127b37f0a78e50dd957aad93cb621e481428d8c53e671f288ab47ec9fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/images/icons/linked-in-icon.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 94385
x-ah-environment: prod
content-length: 483
x-request-id: v-bcf2569e-0cf2-11ec-b432-73af107fd575
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b709e8a5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 twitter-icon.png
www.empire.ca/themes/custom/empiretheme/images/icons/ 529 B
656 B 365ms
365ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/icons/twitter-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5a1a8538e044735769e30d9b495f2881ea84180593d4cd2a608c213133ad2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/images/icons/twitter-icon.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 93724
x-ah-environment: prod
content-length: 529
x-request-id: v-c3ae0032-f55f-11eb-913b-5b90ed3e7907
last-modified: Fri, 08 Jan 2021 05:19:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b70fed95be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 insta-icon.png
www.empire.ca/sites/default/files/assets/corporate/images/ 3 KB
4 KB 382ms
381ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/assets/corporate/images/insta-icon.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

317d9c96dd06729e16f54df3cedd694f1c252531f425c75105c03b63688bea1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/assets/corporate/images/insta-icon.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:29 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 94503
x-ah-environment: prod
content-length: 3552
x-request-id: v-bcf2b8c8-0cf2-11ec-ade4-739543d201b8
last-modified: Fri, 21 Jul 2017 13:59:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b710eec5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 EL-98years-grey.png
www.empire.ca/sites/default/files/2021-01/ 4 KB
4 KB 112ms
112ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/sites/default/files/2021-01/EL-98years-grey.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c327ae451371a2fa3b7ea56855f238ab42d2efcf2c82aad8281a7a53e22161fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2021-01/EL-98years-grey.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 94404
x-ah-environment: prod
content-length: 3994
x-request-id: v-bcf28c90-0cf2-11ec-a2f4-d33713a10739
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b712f085be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 49ms
13ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4227
date: Sat, 25 Sep 2021 02:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 25 Sep 2021 04:52:00 GMT

GET
H2 200 js_0nvwKTY9j8d39rhCWaNYvprVd6WlfIPEdAHtrRZGhls.js Show response
www.empire.ca/sites/default/files/js/ 138 KB
45 KB 205ms
205ms Script
text/javascript 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/js/js_0nvwKTY9j8d39rhCWaNYvprVd6WlfIPEdAHtrRZGhls.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d27bf029363d8fc777f6b84259a358be9ad577a5a57c83c47401edad1646865b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_0nvwKTY9j8d39rhCWaNYvprVd6WlfIPEdAHtrRZGhls.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806016
x-cache: HIT
x-cache-hits: 44262
x-ah-environment: prod
vary: Accept-Encoding
content-length: 45822
x-request-id: v-be4cf090-1660-11ec-8772-e3bfdbf6de53
last-modified: Fri, 03 Sep 2021 12:36:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b6a99c05be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:50 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/ 39 KB
11 KB 6ms
6ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5631131
x-jsd-version: 3.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 10942
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
x-served-by: cache-fra19131-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Sat, 25 Sep 2021 04:02:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js_MpUMN7fHZv7NpDoN50IC37pLhTi79TOcL3H5_uSNvZ4.js Show response
www.empire.ca/sites/default/files/js/ 76 KB
17 KB 504ms
501ms Script
text/javascript 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/js/js_MpUMN7fHZv7NpDoN50IC37pLhTi79TOcL3H5_uSNvZ4.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32950c37b7c766fecda43a0de74202dfba4b8538bbf5339c2f71f9fee48dbd9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_MpUMN7fHZv7NpDoN50IC37pLhTi79TOcL3H5_uSNvZ4.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806011
x-cache: HIT
x-cache-hits: 45488
x-ah-environment: prod
vary: Accept-Encoding
content-length: 17655
x-request-id: v-1a27a566-0060-11ec-896a-9b38c0c9b6db
last-modified: Wed, 18 Aug 2021 12:04:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b6afa015be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:56 GMT

GET
H2 200 xetxdsllt4.jsonp Show response
fast.wistia.com/embed/medias/ 9 KB
4 KB 52ms
17ms Script
application/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/xetxdsllt4.jsonp

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e4966a0b1335f0741f15779d8a04384e4ef10e495bdf0cf70df0e8e79762992b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 70115
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 3331
x-request-id: 2cc85ad8ff466007658f049e4d97dd49
x-served-by: cache-dca17741-DCA, cache-hhn4050-HHN
x-runtime: 0.055985
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1632542548.707672,VS0,VE1
etag: W/"e4966a0b1335f0741f15779d8a04384e"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 93
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 618 KB
118 KB 41ms
6ms Script
application/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a85b82f5f71c18ddc2f10ddf5be7ae972d1efc6d325793d5850f849ea0ece6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: br
vary: Accept-Encoding
age: 2691
x-cache: HIT, HIT
content-length: 119946
x-served-by: cache-dca17750-DCA, cache-hhn4050-HHN
access-control-allow-origin: *
x-browser-version: 93
last-modified: Fri, 24 Sep 2021 19:29:03 GMT
x-timer: S1632542548.707728,VS0,VE0
etag: "614e26ff-1d48a"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 111

GET
H2 200 js_wyPvKpyvG0wG-HYBzlFzh4QNwgfeh7_avc3tLnvhuD0.js Show response
www.empire.ca/sites/default/files/js/ 121 KB
27 KB 462ms
459ms Script
text/javascript 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/sites/default/files/js/js_wyPvKpyvG0wG-HYBzlFzh4QNwgfeh7_avc3tLnvhuD0.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c323ef2a9caf1b4c06f87601ce517387840dc207de87bfdabdcded2e7be1b83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_wyPvKpyvG0wG-HYBzlFzh4QNwgfeh7_avc3tLnvhuD0.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.empire.ca
referer: https://www.empire.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806008
x-cache: HIT
x-cache-hits: 35755
x-ah-environment: prod
vary: Accept-Encoding
content-length: 27431
x-request-id: v-c3aebc76-1660-11ec-91c7-873aae3836ef
last-modified: Fri, 03 Sep 2021 12:36:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b6afa045be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
60 KB 62ms
38ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN2DJ87

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9561bfcabe4dc5ff9a2e86771cc7906fcc654d273f031886cb3a527835d77646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61282
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Sep 2021 04:02:27 GMT

GET
H2 200 learning-woman.png
www.empire.ca/themes/custom/empiretheme/images/ 58 KB
58 KB 486ms
485ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/learning-woman.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c27217f152eb9a8989311b4cc3549841f9dda7166608c85d0ffa044a02edf63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/images/learning-woman.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842824
x-cache: HIT
x-cache-hits: 66150
x-ah-environment: prod
content-length: 59570
x-request-id: v-c38c6968-f55f-11eb-9049-670432149595
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b6b2a2e5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 advisor-background.png
www.empire.ca/themes/custom/empiretheme/images/ 131 KB
132 KB 205ms
205ms Image
image/png 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.empire.ca/themes/custom/empiretheme/images/advisor-background.png

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55bd941b3db8ef04a1269c3e42fc1449a83dc28acfafd13622255cbf7bbcacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/images/advisor-background.png
pragma: no-cache
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.empire.ca
referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1842825
x-cache: HIT
x-cache-hits: 52380
x-ah-environment: prod
content-length: 134602
x-request-id: v-c3afd40c-f55f-11eb-82b2-7f4abf88d8fc
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69415b71df8a5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 03 Oct 2021 20:08:43 GMT

GET
H2 200 MuseoSans_300-webfont.woff
www.empire.ca/themes/custom/empiretheme/css/fonts/ 21 KB
21 KB 493ms
492ms Font
text/plain 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/themes/custom/empiretheme/css/fonts/MuseoSans_300-webfont.woff

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3266e1189b691f659005c65dd5adf1e47098ced72d6d64ce38ec17d95373461

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/css/fonts/MuseoSans_300-webfont.woff
pragma: no-cache
origin: https://www.empire.ca
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.empire.ca
referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806016
x-cache: HIT
x-cache-hits: 45389
x-ah-environment: prod
content-length: 21744
x-request-id: v-beef144c-1660-11ec-9c0d-77729fb4bf76
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b6b0a0e5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:51 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/fonts/ 18 KB
18 KB 6ms
6ms Font
font/woff2 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 1341331
x-jsd-version: 3.4.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
content-length: 18028
etag: W/"466c-yjW2l9mcrk0bYPLWD803dxmH6wc"
x-served-by: cache-fra19165-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Sat, 25 Sep 2021 04:02:27 GMT
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MuseoSans_500-webfont.woff
www.empire.ca/themes/custom/empiretheme/css/fonts/ 22 KB
22 KB 485ms
485ms Font
text/plain 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/themes/custom/empiretheme/css/fonts/MuseoSans_500-webfont.woff

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7caa8175d4f531f6009d3e8f7597be92a66733187b5a808b7c85f4c33641dff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/css/fonts/MuseoSans_500-webfont.woff
pragma: no-cache
origin: https://www.empire.ca
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.empire.ca
referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806016
x-cache: HIT
x-cache-hits: 44480
x-ah-environment: prod
content-length: 22236
x-request-id: v-c3b984e8-f55f-11eb-b94a-375894bcf0d5
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b6b0a0f5be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:51 GMT

GET
H2 200 MuseoSans_700-webfont.woff
www.empire.ca/themes/custom/empiretheme/css/fonts/ 22 KB
22 KB 494ms
494ms Font
text/plain 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/themes/custom/empiretheme/css/fonts/MuseoSans_700-webfont.woff

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aafc73721bbcdae2be1d3373fd973852ca8d7ed638a6236bf7e8d43680573d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/empiretheme/css/fonts/MuseoSans_700-webfont.woff
pragma: no-cache
origin: https://www.empire.ca
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.empire.ca
referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806016
x-cache: HIT
x-cache-hits: 44461
x-ah-environment: prod
content-length: 22620
x-request-id: v-c3bad140-f55f-11eb-8f07-c7ad0db324e7
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b6b0a115be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:08:51 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 29ms
6ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 20:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 24 Sep 2022 20:57:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 22ms
20ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=800246020&t=pageview&_s=1&dl=https%3A%2F%2Fwww.empire.ca%2F&ul=en-us&de=UTF-8&dt=Empire%20Life%20%7C%20Life%20Insurance%2C%20Investments%20%26%20Group%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=243400856&gjid=1869800092&cid=1297743313.1632542548&tid=UA-23109840-1&_gid=1662124795.1632542548&_r=1&_slc=1&z=1610652498

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 04:02:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.empire.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 162 KB
60 KB 49ms
35ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1S7M715GDE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2DJ87

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fb1dbf2e3798529a664d799493e406ab3048354ab593ea37d58e2fc12e34919c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61520
x-xss-protection: 0
expires: Sat, 25 Sep 2021 04:02:27 GMT

GET
H3

200

activityi;dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F Show response
5290522.fls.doubleclick.net/ Frame 33F5
Redirect Chain

https://5290522.fls.doubleclick.net/activityi;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?
https://5290522.fls.doubleclick.net/activityi;dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2...

394 B
347 B

40ms
27ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290522.fls.doubleclick.net/activityi;dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2DJ87

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

6958ed049a05f55cc6c2e7c88db070da985ae40750c1edc1ff1179a804201d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290522.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.empire.ca/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Sep 2021 04:02:27 GMT
expires: Sat, 25 Sep 2021 04:02:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
set-cookie: IDE=AHWqTUngquach2LAmavBEoMh8acZFUYK6WKdUAgGsq5LoyJf4sxu9sl244UzG8yMF5M; expires=Thu, 20-Oct-2022 04:02:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Sep 2021 04:02:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290522.fls.doubleclick.net/activityi;dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5353.js Show response
script.crazyegg.com/pages/scripts/0018/ 5 KB
2 KB 68ms
14ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0018/5353.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN2DJ87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e7e77a4683487e2273e4721ff1f79dc70991b2c99f2249c1626d974342b499

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 32349
cf-polished: origSize=4899
cf-ray: 69415b6c3b976973-FRA
ce-version: 11.1.331
last-modified: Fri, 24 Sep 2021 19:03:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 activityi;register_conversion=1;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F
5290522.fls.doubleclick.net/ 0
0 66ms
16ms Image
text/html 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5290522.fls.doubleclick.net/activityi;register_conversion=1;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
462 B 43ms
14ms XHR
text/plain 172.253.120.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-23109840-1&cid=1297743313.1632542548&jid=243400856&gjid=1869800092&_gid=1662124795.1632542548&_u=YEBAAEAAAAAAAC~&z=1477260915

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.120.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 25 Sep 2021 04:02:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.empire.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 23ms
23ms Ping
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1S7M715GDE&gtm=2oe9m0&_p=800246020&sr=1600x1200&ul=en-us&cid=1297743313.1632542548&_s=1&dl=https%3A%2F%2Fwww.empire.ca%2F&dt=Empire%20Life%20%7C%20Life%20Insurance%2C%20Investments%20%26%20Group%20Benefits&sid=1632542547&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1S7M715GDE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 04:02:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.empire.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 33ms
17ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-23109840-1&cid=1297743313.1632542548&jid=243400856&_u=YEBAAEAAAAAAAC~&z=610264870

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 04:02:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 39ms
18ms Image
image/gif 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-23109840-1&cid=1297743313.1632542548&jid=243400856&_u=YEBAAEAAAAAAAC~&z=610264870

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 04:02:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5353.json Show response
script.crazyegg.com/pages/data-scripts/0018/ 17 KB
2 KB 27ms
13ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0018/5353.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/5353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b92eaf986bb9f4f318555469f74cd959926e076fc87005024b4d096353d74db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 32348
ce-version: 11.1.331
content-length: 1895
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 19:03:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 69415b6c6a475c44-FRA

GET
H2 200 11.1.331.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 16ms
16ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/5353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Sep 2021 04:02:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 14:00:21 GMT
server: cloudflare
age: 37989
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 69415b6c8c066973-FRA
content-length: 21512

GET
H2 200 dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F
adservice.google.com/ddm/fls/z/ Frame 33F5 42 B
515 B 39ms
18ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F

Requested by

Host: 5290522.fls.doubleclick.net
URL: https://5290522.fls.doubleclick.net/activityi;dc_pre=CMLLlvWemfMCFY5OGwodof8Irg;src=5290522;type=empir0;cat=empir0;ord=2805080866427;gtm=2wg9m0;auiddc=1045931153.1632542548;ps=1;~oref=https%3A%2F%2Fwww.empire.ca%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290522.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 04:02:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5353.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0018/ 944 B
438 B 15ms
15ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0018/5353.json?t=453484
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6199b652d9feec42f0a7e600ab64d14d3864bc85a048db4bd85f5baddf02ad08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 32349
ce-version: 11.1.331
content-length: 344
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 19:03:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 69415b6e7cf35c44-FRA

GET
H2 200 clock Show response
tracking.crazyegg.com/ 29 B
136 B 126ms
46ms XHR
text/plain 54.73.172.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1632542548285
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.172.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 469aec1fda1fcd5daf414ca55d57d221f0574b2479caadd7d5055cf502468e51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 25 Sep 2021 04:02:28 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 92 KB
25 KB 6ms
6ms Script
application/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fbc626ac7771e2dcebe32ba8cba9c2cabbd7dae6524c64c8ec1f6fb58f9cf927

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
content-encoding: br
vary: Accept-Encoding
age: 2691
x-cache: HIT, HIT
content-length: 24822
x-served-by: cache-dca17732-DCA, cache-hhn4050-HHN
access-control-allow-origin: *
x-browser-version: 93
last-modified: Fri, 24 Sep 2021 19:29:03 GMT
x-timer: S1632542548.308512,VS0,VE0
etag: "614e26ff-60f6"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 35

GET
H2 200 77b5c80910a1fb6ab9a72f4206f3d5765d105da6.webp
embed-fastly.wistia.com/deliveries/ 15 KB
15 KB 54ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-fastly.wistia.com/deliveries/77b5c80910a1fb6ab9a72f4206f3d5765d105da6.webp?image_crop_resized=1280x720
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b232b0efb0ea1e58a37486de0f1742f1ad754243e9ca0bfd49babd28363ea5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 228526
edge-cache-tag: 77b5c80910a1fb6ab9a72f4206f3d5765d105da6
access-control-request-method: *
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 14982
x-served-by: cache-dca17735-DCA, cache-hhn4055-HHN
last-modified: Wed, 21 May 2014 14:32:26 UTC
x-timer: S1632542548.416989,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 162 KB
27 KB 6ms
6ms Script
application/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

447783f6c52261eee2ba29ce5b4a5022d62328c1c115c37f379e7bf31bb2637d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
content-encoding: br
vary: Accept-Encoding
age: 2691
x-cache: HIT, HIT
content-length: 27371
x-served-by: cache-dca17736-DCA, cache-hhn4050-HHN
access-control-allow-origin: *
x-browser-version: 93
last-modified: Fri, 24 Sep 2021 19:29:03 GMT
x-timer: S1632542548.373545,VS0,VE0
etag: "614e26ff-6aeb"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 15

GET
H2 200 xetxdsllt4.json Show response
fast.wistia.com/embed/captions/ 6 KB
3 KB 131ms
131ms Script
text/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/xetxdsllt4.json?callback=wistiajson1

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cecd390cf5a484a6d694aa63cfd6fbeb6dc333cc001034d181a39fa83356989

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 2308
x-request-id: cf519a7c4954275fff82dd1377aa1b8c
x-served-by: cache-dca17720-DCA, cache-hhn4050-HHN
x-runtime: 0.012727
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1632542548.405446,VS0,VE124
etag: W/"8cecd390cf5a484a6d694aa63cfd6fbe"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 93
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2

200

captions.js Show response
fast.wistia.com/assets/external/
Redirect Chain

https://fast.wistia.com/assets/external/captions-v1.js
https://fast.wistia.com/assets/external/captions.js

162 KB
27 KB

6ms
6ms

Script
application/javascript

151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

447783f6c52261eee2ba29ce5b4a5022d62328c1c115c37f379e7bf31bb2637d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:28 GMT
content-encoding: br
vary: Accept-Encoding
age: 2691
x-cache: HIT, HIT
content-length: 27371
x-served-by: cache-dca17736-DCA, cache-hhn4050-HHN
access-control-allow-origin: *
x-browser-version: 93
last-modified: Fri, 24 Sep 2021 19:29:03 GMT
x-timer: S1632542548.422649,VS0,VE0
etag: "614e26ff-6aeb"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 16

Redirect headers

date: Sat, 25 Sep 2021 04:02:28 GMT
via: 1.1 varnish
x-browser-version: 93
server: Varnish
x-timer: S1632542548.413284,VS0,VE0
x-served-by: cache-hhn4050-HHN
strict-transport-security: max-age=0
x-cache: HIT
location: /assets/external/captions.js
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
BLOB 200
OK 9e24f3ea-36d2-48e5-b9ab-8a0c61e4f689
https://www.empire.ca/ 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.empire.ca/9e24f3ea-36d2-48e5-b9ab-8a0c61e4f689
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1e5e92cb88ff75d2046b2de20785850b4b17714cca621833dad458a820712f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

GET
H2 200 fa-regular-400.woff2
www.empire.ca/themes/custom/empiretheme/css/fonts/ 12 KB
12 KB 390ms
390ms Font
text/plain 104.17.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.empire.ca/themes/custom/empiretheme/css/fonts/fa-regular-400.woff2

Requested by

Host: www.empire.ca
URL: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.12.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51f6b4b1dc386d7f30ac7ba59611056aa6b1160d57263e4048dbb575feaad340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.empire.ca
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gid=GA1.2.1662124795.1632542548; _gat=1; _gcl_au=1.1.1045931153.1632542548; _ga_1S7M715GDE=GS1.1.1632542547.1.0.1632542547.0; _ga=GA1.1.1297743313.1632542548
:path: /themes/custom/empiretheme/css/fonts/fa-regular-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.empire.ca
referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.empire.ca/sites/default/files/css/css_E2yahLRRn4EPuItSd3JoU32-bW0-d2dfncS-A0X2MLs.css
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:29 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 806007
x-cache: HIT
x-cache-hits: 38096
x-ah-environment: prod
content-length: 12216
x-request-id: v-c4056822-f55f-11eb-9c89-e315661e4a01
last-modified: Fri, 08 Jan 2021 06:02:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 69415b72e8455be5-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 29 Sep 2021 20:09:01 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 59 KB
13 KB 6ms
6ms Script
application/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

708b4ca2adf9963b9a99153f906ced2142d9847162c56dbfaf36fb510976ca0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:29 GMT
content-encoding: br
vary: Accept-Encoding
age: 2693
x-cache: HIT, HIT
content-length: 12630
x-served-by: cache-dca17774-DCA, cache-hhn4050-HHN
access-control-allow-origin: *
x-browser-version: 93
last-modified: Fri, 24 Sep 2021 19:29:03 GMT
x-timer: S1632542549.341368,VS0,VE0
etag: "614e26ff-3156"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 48

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 35ms
16ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.empire.ca
URL: https://www.empire.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: 3700EJ4ZWWQ4P78Z
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by: cache-hhn4042-HHN
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1632542549.368002,VS0,VE0
date: Sat, 25 Sep 2021 04:02:29 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8998

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 357 KB
84 KB 7ms
7ms Script
application/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16a5826c9288bc1a86c29c6e29676a5f690596ed37b9b4ea15e869f4649bbfc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:29 GMT
content-encoding: br
vary: Accept-Encoding
age: 2693
x-cache: HIT, HIT
content-length: 85468
x-served-by: cache-dca17720-DCA, cache-hhn4050-HHN
access-control-allow-origin: *
x-browser-version: 93
last-modified: Fri, 24 Sep 2021 19:29:03 GMT
x-timer: S1632542549.348743,VS0,VE0
etag: "614e26ff-14ddc"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 38

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 310ms
101ms XHR
text/plain 52.86.94.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.94.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-94-156.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 25 Sep 2021 04:02:29 GMT
cache-control: max-age=0, private, must-revalidate

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 27ms
6ms Image
image/gif 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.empire.ca/
Origin: https://www.empire.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:29 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 20693
x-cache: HIT, HIT
x-cache-hits: 1, 172
content-length: 1214
x-served-by: cache-dca12926-DCA, cache-fra19181-FRA
x-browser-version: 93
last-modified: Fri, 24 Sep 2021 22:15:54 GMT
x-timer: S1632542549.425809,VS0,VE0
etag: "614e4e1a-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK c6fff99745 Show response
bam-cell.nr-data.net/1/ 49 B
931 B 842ms
824ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/c6fff99745?a=92848240&v=1210.e2a3f80&to=NVNWMkRQCENXUUVYWQwZdQVCWAleGXZDREYDWmgQX1QRQ2pgXkRCC1hTOmBYA0dmU1ZUdQ1YQBRZXQpVRB8PWVcMUlgD&rst=3261&ck=1&ref=https://www.empire.ca/&ap=318&be=1048&fe=3180&dc=2076&perf=%7B%22timing%22:%7B%22of%22:1632542546159,%22n%22:0,%22f%22:482,%22dn%22:482,%22dne%22:482,%22c%22:482,%22ce%22:482,%22rq%22:531,%22rp%22:1018,%22rpe%22:1020,%22dl%22:1022,%22di%22:2076,%22ds%22:2076,%22de%22:2084,%22dc%22:3178,%22l%22:3180,%22le%22:3189%7D,%22navigation%22:%7B%7D%7D&fp=1563&fcp=1563&at=GRRVRAxKG00%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 04:02:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlVSDQcEXFVVFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCxoDAFUMV3RMB05WAhtDVFsMAglXAwBRVQVXVVBXAkBKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 69415b760ced4a98-FRA

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 383ms
103ms XHR
text/plain 52.23.190.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.190.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-190-53.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.empire.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 25 Sep 2021 04:02:30 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 40 KB
9 KB 6ms
6ms Script
application/javascript 151.101.2.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57665d7c5cbc3bd174ae081f6ba1ad41fc96b265f6c1b249e57943e8a1867024

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.empire.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:02:30 GMT
content-encoding: br
vary: Accept-Encoding
age: 2693
x-cache: HIT, HIT
content-length: 9037
x-served-by: cache-dca17763-DCA, cache-hhn4050-HHN
access-control-allow-origin: *
x-browser-version: 93
last-modified: Fri, 24 Sep 2021 19:29:03 GMT
x-timer: S1632542550.349137,VS0,VE0
etag: "614e26ff-234d"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 27

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.empire.ca/	1970-01-19 21:30:28	Name: _gid Value: GA1.2.1662124795.1632542548
.empire.ca/	1970-01-19 21:29:02	Name: _gat Value: 1
.empire.ca/	1970-01-19 23:38:38	Name: _gcl_au Value: 1.1.1045931153.1632542548
.empire.ca/	1970-01-20 15:00:14	Name: _ga_1S7M715GDE Value: GS1.1.1632542547.1.0.1632542547.0
.empire.ca/	1970-01-20 15:00:14	Name: _ga Value: GA1.1.1297743313.1632542548
.doubleclick.net/	1970-01-20 06:50:38	Name: IDE Value: AHWqTUngquach2LAmavBEoMh8acZFUYK6WKdUAgGsq5LoyJf4sxu9sl244UzG8yMF5M

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290522.fls.doubleclick.net
adservice.google.com
bam-cell.nr-data.net
cdn.jsdelivr.net
distillery.wistia.com
embed-fastly.wistia.com
empire.ca
fast.wistia.com
js-agent.newrelic.com
login-staging.empire.ca
pipedream.wistia.com
s3.amazonaws.com
script.crazyegg.com
stats.g.doubleclick.net
tracking.crazyegg.com
www.empire.ca
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.17.12.20
104.19.147.8
142.250.181.227
142.250.184.200
142.250.184.238
142.250.185.162
142.250.185.163
142.250.186.100
142.250.186.134
151.101.193.229
151.101.2.110
151.101.2.133
151.101.66.137
162.247.243.147
172.253.120.156
3.97.176.199
52.216.8.101
52.23.190.53
52.86.94.156
54.73.172.176
0bb7aeb18f1091a582be621acf512dd276a8c4e0f7c27bfa715795c6aeb1eea8
0d5a1a8538e044735769e30d9b495f2881ea84180593d4cd2a608c213133ad2f
136c9a84b4519f810fb88b52777268537dbe6d6d3e77675f9dc4be0345f630bb
142e9e9129e6c90b5835c8c8cfc5556adb54ebaa99889798a2c94b8078d79ed5
16a5826c9288bc1a86c29c6e29676a5f690596ed37b9b4ea15e869f4649bbfc4
1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641
1b519cd4aad268e00d689d0650f2900a44bbbebcf4d7c72e53ab27ae75fe7c4e
1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848
23f6a5ae4a582622e38c4a2816091462039a2ef0433ae4adf6d8897d80a59110
2eb58e6b157ff8672b7811149d965ba58b3d5856b3934cffde285a2559ecedb6
317d9c96dd06729e16f54df3cedd694f1c252531f425c75105c03b63688bea1d
32950c37b7c766fecda43a0de74202dfba4b8538bbf5339c2f71f9fee48dbd9e
3298676a162215244127b3ed3285090209d203e75bacdcc218b4b2b0d0259662
3f2ec967e4b0fe2c5f176bda427536480dc3ea919b5575df3d8b3983ff78f8ba
4286f16b906c6f6340f1845a1ea1bc3ecde7ab9d5fc4e7a1dc09cd53e8719c29
447783f6c52261eee2ba29ce5b4a5022d62328c1c115c37f379e7bf31bb2637d
469aec1fda1fcd5daf414ca55d57d221f0574b2479caadd7d5055cf502468e51
4929e170190b0948dba1c9aef767ef875f409376bd7fcb21fbc2cd7a798b24c4
51f6b4b1dc386d7f30ac7ba59611056aa6b1160d57263e4048dbb575feaad340
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57665d7c5cbc3bd174ae081f6ba1ad41fc96b265f6c1b249e57943e8a1867024
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5f76c127b37f0a78e50dd957aad93cb621e481428d8c53e671f288ab47ec9fa7
6199b652d9feec42f0a7e600ab64d14d3864bc85a048db4bd85f5baddf02ad08
6958ed049a05f55cc6c2e7c88db070da985ae40750c1edc1ff1179a804201d6e
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
708b4ca2adf9963b9a99153f906ced2142d9847162c56dbfaf36fb510976ca0d
7583abbb9a083d372fb79bcbe20b274a77160cbbaba716715da003ed0cc5f4ef
768a54da5cccc06b2bee4c7f6663ce05a2fde49dff7945d3d3642b8285ee8e80
7b92eaf986bb9f4f318555469f74cd959926e076fc87005024b4d096353d74db
7caa8175d4f531f6009d3e8f7597be92a66733187b5a808b7c85f4c33641dff7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cecd390cf5a484a6d694aa63cfd6fbeb6dc333cc001034d181a39fa83356989
90cd0ae2fbc2ca013d61e90aa04903271be5d06de2ae1317d44b30a21c07f6ee
9561bfcabe4dc5ff9a2e86771cc7906fcc654d273f031886cb3a527835d77646
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a1e5e92cb88ff75d2046b2de20785850b4b17714cca621833dad458a820712f9
a32bf3cdebeac617fe2b696cb4e16fec1b62cc1a0eaeebe70b865e1b9779348d
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a85b82f5f71c18ddc2f10ddf5be7ae972d1efc6d325793d5850f849ea0ece6b0
aafc73721bbcdae2be1d3373fd973852ca8d7ed638a6236bf7e8d43680573d6e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b232b0efb0ea1e58a37486de0f1742f1ad754243e9ca0bfd49babd28363ea5be
b55bd941b3db8ef04a1269c3e42fc1449a83dc28acfafd13622255cbf7bbcacd
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bee9e3767249d6f8a16f41bb0fb99626fb7bae1fcdae274971e986c3489bbaa6
c1380d3cdb2dda9aa48f4dff0cb83afcc50f850aee3ab913acedc5f1ef253ce5
c27217f152eb9a8989311b4cc3549841f9dda7166608c85d0ffa044a02edf63d
c323ef2a9caf1b4c06f87601ce517387840dc207de87bfdabdcded2e7be1b83d
c327ae451371a2fa3b7ea56855f238ab42d2efcf2c82aad8281a7a53e22161fd
d27bf029363d8fc777f6b84259a358be9ad577a5a57c83c47401edad1646865b
d3266e1189b691f659005c65dd5adf1e47098ced72d6d64ce38ec17d95373461
d86500533552e71906b0f31441b3b3d45ea05e7800a43a322d7789a15efcffae
d9fa4c51b62ba4bab830bc298ab971fd25b3cb53a677e78a6fd3cfa54f0fbc1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4966a0b1335f0741f15779d8a04384e4ef10e495bdf0cf70df0e8e79762992b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e7e77a4683487e2273e4721ff1f79dc70991b2c99f2249c1626d974342b499
fb1dbf2e3798529a664d799493e406ab3048354ab593ea37d58e2fc12e34919c
fbc626ac7771e2dcebe32ba8cba9c2cabbd7dae6524c64c8ec1f6fb58f9cf927
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.empire.ca Open in urlscan Pro 104.17.12.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

99 %HTTPS

0 %IPv6

13 Domains

21 Subdomains

20 IPs

4 Countries

2611 kBTransfer

4948 kBSize

6 Cookies

14 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.empire.ca Open in urlscan Pro
104.17.12.20 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

99 %
HTTPS

0 %
IPv6

13
Domains

21
Subdomains

20
IPs

4
Countries

2611 kB
Transfer

4948 kB
Size

6
Cookies

68 HTTP transactions
0 data transactions