myempire.com Open in urlscan Pro
94.242.228.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://goo.su/PK2mZ
Effective URL:
https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clicki...
Submission: On January 10 via manual (January 10th 2024, 2:22:33 am UTC) from NZ — Scanned from NZ

Summary HTTP 96 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 21 domains to perform 96 HTTP transactions. The main IP is 94.242.228.13, located in Luxembourg and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is myempire.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2023. Valid for: a year.

This is the only time myempire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:8b69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	159.65.121.218 159.65.121.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2606:4700:303... 2606:4700:3032::6815:2a95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	94.242.231.44 94.242.231.44	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
50	94.242.228.13 94.242.228.13	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2404:6800:400... 2404:6800:4006:814::2004	15169 (GOOGLE) (GOOGLE)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.203.90.127 116.203.90.127	24940 (HETZNER-AS) (HETZNER-AS)
2	2404:6800:400... 2404:6800:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4006:80a::2003	15169 (GOOGLE) (GOOGLE)
1	104.16.181.247 104.16.181.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.111.7 18.67.111.7	16509 (AMAZON-02) (AMAZON-02)
4	54.232.135.155 54.232.135.155	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3037::6815:54ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:cb12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1	104.72.70.165 104.72.70.165	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.35.147.91 13.35.147.91	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1	13.35.147.3 13.35.147.3	16509 (AMAZON-02) (AMAZON-02)
2	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
2 2	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
2	18.229.228.20 18.229.228.20	16509 (AMAZON-02) (AMAZON-02)
3 4	103.43.90.53 103.43.90.53	29990 (ASN-APPNEX) (ASN-APPNEX)
96	22

1 2606:4700:3036::ac43:8b69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

goo.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.121.218 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 321328.cloudwaysapps.com

keyaff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:2a95 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

myemp.servclick1move.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.242.231.44 (Luxembourg) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

3mye94ye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 94.242.228.13 (Luxembourg)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

myempire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:814::2004 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.90.127 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.127.90.203.116.clients.your-server.de

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:80a::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:80a::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.181.247 (None, )

ASN13335 (CLOUDFLARENET, US)

light.imgsrcdata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

myempire1.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.111.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-7.syd62.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.232.135.155 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-232-135-155.sa-east-1.compute.amazonaws.com

event.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:54ee (United States)

ASN13335 (CLOUDFLARENET, US)

adjs.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:cb12 (United States)

ASN13335 (CLOUDFLARENET, US)

metrics.getrmads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.72.70.165 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-72-70-165.deploy.static.akamaitechnologies.com

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-91.syd1.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:809::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-3.syd1.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.229.228.20 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-228-20.sa-east-1.compute.amazonaws.com

cms.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.53 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	myempire.com myempire.com	1 MB
10	gstatic.com fonts.gstatic.com www.gstatic.com	517 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3600 ekr.zdassets.com — Cisco Umbrella Rank: 4357	355 KB
6	getblue.io event.getblue.io — Cisco Umbrella Rank: 41990 widget.getblue.io — Cisco Umbrella Rank: 44810 cms.getblue.io — Cisco Umbrella Rank: 69489	7 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	4 KB
4	adform.net track.adform.net — Cisco Umbrella Rank: 4333 s2.adform.net — Cisco Umbrella Rank: 7751 a1.adform.net — Cisco Umbrella Rank: 13358	34 KB
4	google.com www.google.com — Cisco Umbrella Rank: 6	34 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338	1 KB
2	getrmads.com metrics.getrmads.com — Cisco Umbrella Rank: 385301	2 KB
2	adjs.media adjs.media — Cisco Umbrella Rank: 157432	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1202 script.hotjar.com — Cisco Umbrella Rank: 1735	59 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	158 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4091	258 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	252 B
1	zendesk.com myempire1.zendesk.com	1 KB
1	imgsrcdata.com light.imgsrcdata.com	1 KB
1	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 39288	89 KB
1	3mye94ye.com 1 redirects 3mye94ye.com	208 B
1	servclick1move.com 1 redirects myemp.servclick1move.com	559 B
1	keyaff.com 1 redirects keyaff.com	262 B
1	goo.su 1 redirects goo.su — Cisco Umbrella Rank: 611428	1 KB
96	21

	Domain	Requested by
50	myempire.com	myempire.com
7	static.zdassets.com	myempire.com static.zdassets.com
6	fonts.gstatic.com	myempire.com www.google.com
4	ib.adnxs.com	3 redirects event.getblue.io
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	myempire.com www.gstatic.com www.google.com
3	event.getblue.io	www.googletagmanager.com event.getblue.io
2	cms.getblue.io	event.getblue.io
2	cm.g.doubleclick.net	2 redirects
2	a1.adform.net	s2.adform.net
2	metrics.getrmads.com	www.googletagmanager.com metrics.getrmads.com
2	adjs.media	myempire.com adjs.media
2	www.googletagmanager.com	myempire.com www.googletagmanager.com
1	widget.getblue.io	event.getblue.io
1	vc.hotjar.io	myempire.com
1	www.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	s2.adform.net	myempire.com
1	track.adform.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	myempire1.zendesk.com	static.zdassets.com
1	light.imgsrcdata.com	myempire.com
1	ekr.zdassets.com	myempire.com
1	cdn.cookie-script.com	myempire.com
1	3mye94ye.com	1 redirects
1	myemp.servclick1move.com	1 redirects
1	keyaff.com	1 redirects
1	goo.su	1 redirects
96	28

This site contains links to these domains. Also see Links.

Domain
www.miomedia.com

Subject Issuer	Validity	Valid
myempire.com Cloudflare Inc ECC CA-3	`2023-08-20` - `2024-08-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
myempire1.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-09`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.getblue.io Amazon RSA 2048 M02	`2023-10-30` - `2024-11-27`	a year	crt.sh
adjs.media E1	`2023-11-28` - `2024-02-26`	3 months	crt.sh
getrmads.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
Frame ID: F3382C2CB5EEAB4C03C2312507313ADF
Requests: 76 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: 62CEB1D0AF0627405DC35FA517E5091F
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoiCApAAAAAATLO54AilCmdtnblyXFT9AYclR6&co=aHR0cHM6Ly9teWVtcGlyZS5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c2c60idpytt
Frame ID: 90D492DEC0E7CC0B56877D226819F3FE
Requests: 8 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&ulc=&v=29092023-1023&nocache=9497289906822.191
Frame ID: D20C45466E2AFC48953BEAC92681E4F4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

myempire

Page URL History Show full URLs

https://goo.su/PK2mZ HTTP 301
https://keyaff.com/l/?id=380292 HTTP 302
https://myemp.servclick1move.com/?mid=41665_386673&clickid=22301718 HTTP 302
https://3mye94ye.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79... HTTP 307
https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

96
Requests

97 %
HTTPS

33 %
IPv6

21
Domains

28
Subdomains

22
IPs

8
Countries

2587 kB
Transfer

7422 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.miomedia.com/
Title: Partners

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://goo.su/PK2mZ HTTP 301
https://keyaff.com/l/?id=380292 HTTP 302
https://myemp.servclick1move.com/?mid=41665_386673&clickid=22301718 HTTP 302
https://3mye94ye.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718 HTTP 307
https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&google_ula=6572934421&ula=6572934421&google_hm=NzM0MDA0NDAtMTM3My00OEI3LUIxQUNBMjAzN0Q1NDhDQUQ&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&google_ula=6572934421&ula=6572934421&google_hm=NzM0MDA0NDAtMTM3My00OEI3LUIxQUNBMjAzN0Q1NDhDQUQ&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&google_tc= HTTP 302
https://cms.getblue.io/cm/?src=adx&child=europe&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&ula=6572934421&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&google_gid=CAESEJf49QPdUBrBUD_rex6q50c&google_cver=1&google_ula=6572934421,0

Request Chain 83

https://ib.adnxs.com/setuid?entity=449&code=73400440-1373-48B7-B1ACA2037D548CAD HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3D73400440-1373-48B7-B1ACA2037D548CAD

Request Chain 84

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&appnexusid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3D73400440-1373-48B7-B1ACA2037D548CAD%26cid%3DB8C3E9A6-C0D1-36AB-2D44B513FA8C81D3%26blueID%3Dc70ec79f-ddf9-4309-9b1d-500327925b0c%26appnexusid%3D%24UID HTTP 302
https://cms.getblue.io/cm/?src=appnexus&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&appnexusid=7972341840443585036

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request welcome-package Show response
myempire.com/nz/promotions/
Redirect Chain

https://goo.su/PK2mZ
https://keyaff.com/l/?id=380292
https://myemp.servclick1move.com/?mid=41665_386673&clickid=22301718
https://3mye94ye.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

32 KB
4 KB

553ms
467ms

Document
text/html

94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4729fe634dea3a7464e64be98910b903d27e4ed05aabc34b9b2691c52ff090f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 843173b90cbf1c59-AKL
content-encoding: br
content-type: text/html
date: Wed, 10 Jan 2024 02:22:24 GMT
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload always
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 843173b7e90d1c4c-AKL
content-length: 0
date: Wed, 10 Jan 2024 02:22:24 GMT
location: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
server: cloudflare
vary: Accept-Encoding

GET
H2 200 loader.png
myempire.com/assets/images/ 367 KB
368 KB 53ms
51ms Image
image/png 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/assets/images/loader.png

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

74f7a1e34d4e17f756e649ac76875a935bd4d5578719729a84594a1fc3fa36bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 132406
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 375992
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
server: cloudflare
etag: "65940b9b-5bcb8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 843173bbf9c81c59-AKL
expires: Sat, 03 Feb 2024 02:22:24 GMT

GET
H2 200 runtime.800c10b16966c75b850d.js Show response
myempire.com/ 3 KB
2 KB 89ms
88ms Script
application/javascript 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/runtime.800c10b16966c75b850d.js

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

909a43991aef468d9b931cea09d5e47808597fb61eb7152c854a24155bb64d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 29
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:21:55 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65940b9b-b80"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ttl: 1704853375788
cf-ray: 843173bbf9ca1c59-AKL

GET
H2 200 polyfills.b1e14b684b383409f92f.js Show response
myempire.com/ 56 KB
19 KB 122ms
121ms Script
application/javascript 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/polyfills.b1e14b684b383409f92f.js

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

362b7b348273dda482d105ff5c1e58c301b6cce02ed14d487c19bc573b7f7380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 29
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:21:55 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65940b9b-de21"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ttl: 1704853375631
cf-ray: 843173bc09cc1c59-AKL

GET
H2 200 scripts.568694a568f45ab03c95.js Show response
myempire.com/ 87 KB
31 KB 122ms
121ms Script
application/javascript 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/scripts.568694a568f45ab03c95.js

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e9e644bc924e9a33199b01db0bfb47ee2b22d7b7fb31ef6a50368fcc0036e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 29
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:21:55 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65940b9b-15b15"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ttl: 1704853375863
cf-ray: 843173bc09ce1c59-AKL

GET
H2 200 main.5dad124b2cf3b3892403.js Show response
myempire.com/ 2 MB
558 KB 122ms
121ms Script
application/javascript 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/main.5dad124b2cf3b3892403.js

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdee6f53127d290b82702d862c91a3a5c55b7d76bc9ca483b9d5441ec280df33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 32
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:21:52 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65940b9b-234cab"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ttl: 1704853372609
cf-ray: 843173bc09d11c59-AKL

GET
H2 200 initial.css
myempire.com/assets/ 318 B
286 B 86ms
85ms Stylesheet
text/css 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/assets/initial.css

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f996e458c52f78f6341754ec742e64193eb177dd1014b8f6f3bfb42632324136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 132406
cf-polished: origSize=524
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
server: cloudflare
etag: W/"65940b9b-20c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2073600
cf-ray: 843173bc09d31c59-AKL
expires: Sat, 03 Feb 2024 02:22:24 GMT

GET
H2 200 styles.1eb103fd2e3adfbf0bb0.css
myempire.com/ 255 KB
37 KB 122ms
122ms Stylesheet
text/css 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/styles.1eb103fd2e3adfbf0bb0.css

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a74d2923f26fe3443fdb5eb4e7f7c867d735c0757d2b56013c511684c14cdc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 28
cf-polished: origSize=261291
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:21:56 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65940b9b-3fcab"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cf-ttl: 1704853376062
cf-ray: 843173bc09d41c59-AKL

GET
H3 200 locales.7e5f3a5a95c158f1d432.js Show response
myempire.com/ 100 KB
11 KB 83ms
82ms Script
application/javascript 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/locales.7e5f3a5a95c158f1d432.js

Requested by

Host: myempire.com
URL: https://myempire.com/runtime.800c10b16966c75b850d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f53995f863d8404d1c4e7482b289142b6b5a9a32efe7c58230ea8547cd79ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 33
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:21:52 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65940b9b-191c2"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ttl: 1704853372382
cf-ray: 843173be09851c56-AKL

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 652ms
252ms Script
text/javascript 2404:6800:4006:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfoiCApAAAAAATLO54AilCmdtnblyXFT9AYclR6

Requested by

Host: myempire.com
URL: https://myempire.com/main.5dad124b2cf3b3892403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2004 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce148dbe8339839d9469d376eae006346b837953a099da996a2b76ecdbad59fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jan 2024 02:22:25 GMT

GET
H3 200 translation Show response
myempire.com/en/api/v2/lang/ 100 KB
29 KB 109ms
109ms XHR
application/json 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/en/api/v2/lang/translation

Requested by

Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2611e12dadc87efd11865f3a1badc9b4d3a196451701fd32d0b4f047e03adcf1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Accept: application/json, text/plain, */*
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
x-content-type-options: nosniff, nosniff always
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
age: 36519
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block always
x-request-id: 65f580b5-e9ae-4059-a000-950cff35ff5c
referrer-policy: no-referrer, no-referrer-when-downgrade
last-modified: Tue, 09 Jan 2024 16:13:46 GMT
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN always
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ttl: 1704816885644
cf-ray: 843173be9ac91c56-AKL

GET
H3 200 translation Show response
myempire.com/nz/api/v2/lang/ 100 KB
29 KB 107ms
107ms XHR
application/json 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/nz/api/v2/lang/translation

Requested by

Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e892a0034377c80edb5573975aff093dbcec7a1b0a9263c1a6886692e752823f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Accept: application/json, text/plain, */*
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
x-content-type-options: nosniff, nosniff always
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
age: 75326
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block always
x-request-id: fbabae35-0da4-462b-8399-ef1d3c3e1c00
referrer-policy: no-referrer, no-referrer-when-downgrade
last-modified: Tue, 09 Jan 2024 05:26:59 GMT
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN always
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ttl: 1704778079945
cf-ray: 843173be9acc1c56-AKL

GET
H3 200 info Show response
myempire.com/nz/api/v2/system/ 343 B
1 KB 478ms
477ms XHR
application/json 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/nz/api/v2/system/info

Requested by

Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa188235128c826f21d91ed2cb4ff9216031d82feb33f138383b06de9bf96dd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Accept: application/json, text/plain, */*
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
x-content-type-options: nosniff, nosniff always
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block always
x-request-id: 09f0e4b2-c8a2-4db4-b246-0cde5e1f953f
referrer-policy: no-referrer, no-referrer-when-downgrade
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN always
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ray: 843173bedb3c1c56-AKL

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 128ms
51ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=fdeebcd0-ff66-4ca1-b823-ca687287d5e9

Requested by

Host: myempire.com
URL: https://myempire.com/main.5dad124b2cf3b3892403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 43
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSUrDWm%2Fioq%2FGYP5DHSEUeGMQon364J9Eum8jXkHO6TM%2Fp%2F6xuhX%2BUdkNwxBGra6IW9JxoQx%2FFeCVArNm6EkZ65GIqTHwpxvg5%2FsVcOm68RnPZmUB%2FOHSULuUjDfX%2FQycZP7ip0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 843173c01d021c4c-AKL

GET
H2 200 b3c9c74309988df7f4cff1e520efa06a.js Show response
cdn.cookie-script.com/s/ 459 KB
89 KB 953ms
316ms Script
application/javascript 116.203.90.127
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/b3c9c74309988df7f4cff1e520efa06a.js
Requested by: Host: myempire.com
URL: https://myempire.com/main.5dad124b2cf3b3892403.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.203.90.127 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.127.90.203.116.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ae49bd166fdf2bf7ef40d3ac654d261802d1cb65cb94b47787999ef8f0d2dbfb

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
content-encoding: gzip
last-modified: Sat, 23 Sep 2023 10:41:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"e09064032cb888a22670e7e44af3041a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
67 KB 660ms
262ms Script
application/javascript 2404:6800:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T4XMJ9L

Requested by

Host: myempire.com
URL: https://myempire.com/main.5dad124b2cf3b3892403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3de15b1d2847ca0b87f24337f4b62dab22ae8a3431135310bf18142be6687b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68237
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jan 2024 02:22:26 GMT

GET
H3 200 4.20690374324ec8d01a2b.js Show response
myempire.com/ 78 KB
14 KB 71ms
70ms Script
application/javascript 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/4.20690374324ec8d01a2b.js

Requested by

Host: myempire.com
URL: https://myempire.com/runtime.800c10b16966c75b850d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b893d480519c3b693f770b1729fb28d15bce4012d41e2f5fc55b3ef6e0a36f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 35
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:21:50 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65940b9b-139f2"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ttl: 1704853370365
cf-ray: 843173c2a8ca1c56-AKL

GET
H3 200 14.67a2d4740da187f60849.js Show response
myempire.com/ 5 KB
2 KB 74ms
74ms Script
application/javascript 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/14.67a2d4740da187f60849.js

Requested by

Host: myempire.com
URL: https://myempire.com/runtime.800c10b16966c75b850d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5533cd88c08c727ab0ff2d1413bca57be1259b4e91586b3c969653205d417b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 38
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:21:47 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65940b9b-134f"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ttl: 1704853367020
cf-ray: 843173c2a8cc1c56-AKL

GET
H3 200 preloader-bg1.png
myempire.com/cdn-static/images/my-empire/general/ 2 KB
2 KB 97ms
97ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/general/preloader-bg1.png?v2

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f0072578a1de0cbcdd5f0b3a2ecef1bb87cd52f67a37453d12b42b639c2df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 123713
cf-polished: origFmt=png, origSize=3562
x-cache-status: HIT
content-disposition: inline; filename="preloader-bg1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1947
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2a-dea"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853405171
accept-ranges: bytes
cf-ray: 843173befb6a1c56-AKL
expires: Sun, 14 Jan 2024 03:29:35 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 552ms
153ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myempire.com/
Origin: https://myempire.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 03:59:44 GMT
x-content-type-options: nosniff
age: 426161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 03:59:44 GMT

GET
H2 200 fdeebcd0-ff66-4ca1-b823-ca687287d5e9 Show response
ekr.zdassets.com/compose/ 853 B
1 KB 433ms
354ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/fdeebcd0-ff66-4ca1-b823-ca687287d5e9

Requested by

Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9329b49dc5ad9c07ed461690a46d4558a96cbcdeffee1ac8fc748a71e7a38f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 83e8f9e6784aa23b-SEA, 83e8f9e6784aa23b-SEA
x-runtime: 0.028070
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c9329b49dc5ad9c07ed461690a46d455"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMbM2LVmEMa9YHFEXVVwHWKeBLk7V0uyRW%2FpwlBoYVAkrxohFHk2Pl49Ji6KxGSilSzfbd8tZfGuGRz1UgBBPt1nGXoTgYPQ1FIlxnFq%2B1T0w32UZE5HsrThn6fcS389tKE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 843173c0efc3508c-AKL

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 503 KB
202 KB 569ms
152ms Script
text/javascript 2404:6800:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfoiCApAAAAAATLO54AilCmdtnblyXFT9AYclR6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
Origin: https://myempire.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 17:06:51 GMT

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 62CE 923 KB
265 KB 58ms
57ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fdeebcd0-ff66-4ca1-b823-ca687287d5e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
x-amz-version-id: PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPBW7W4HNMQNRZQ
age: 3108812
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"6f8511a72c96db8b22e6373718b842ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGLus6qMfqIEG67jHYlwV0m7ngnGY72cATjN5Ri0IsddT1kJCnkgBDfuqW1Gvk3PhH3u5bpCts6D7HxBli7W5SITh%2BInAJWS%2Fimlyt7iUqCx20mA4vEzCjAUa5ho%2F7Cw8phlmiY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 843173c33a051c4c-AKL
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H3 400 item Show response
myempire.com/nz/api/v2/seo/ 15 B
1 KB 108ms
108ms XHR
application/json 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/nz/api/v2/seo/item?id=promotions__welcome-package

Requested by

Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Accept: application/json, text/plain, */*
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
x-content-type-options: nosniff, nosniff always
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
age: 1132
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 15
x-xss-protection: 0, 1; mode=block always
x-request-id: 2562c1ac-e9fe-42a1-b79b-68a0f42ed375
referrer-policy: no-referrer, no-referrer-when-downgrade
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN always
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ttl: 1704852223756
cf-ray: 843173c349ee1c56-AKL

GET
H3 200 sprite.svg
myempire.com/assets/ 76 KB
24 KB 58ms
57ms Other
image/svg+xml 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/assets/sprite.svg

Requested by

Host: myempire.com
URL: https://myempire.com/main.5dad124b2cf3b3892403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80c3f3f88940ecf3ce26dd20cc4424e0882e31f1512c43bb78893451473b2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 127144
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2024 13:11:55 GMT
server: cloudflare
etag: W/"65940b9b-12f3a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2073600
cf-ray: 843173c36a261c56-AKL
expires: Sat, 03 Feb 2024 02:22:25 GMT

GET
H3 200 menu_icon.png
myempire.com/cdn-static/images/my-empire/icons/ 2 KB
2 KB 122ms
122ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/icons/menu_icon.png

Requested by

Host: myempire.com
URL: https://myempire.com/styles.1eb103fd2e3adfbf0bb0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5feaa5d7eeb90014c974422cd68d9da4000f72edddc5fd0b2dba4ca74424aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/styles.1eb103fd2e3adfbf0bb0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 123714
cf-polished: origFmt=png, origSize=2235
x-cache-status: HIT
content-disposition: inline; filename="menu_icon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1876
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2a-8bb"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853405904
accept-ranges: bytes
cf-ray: 843173c37a321c56-AKL
expires: Mon, 22 Jan 2024 15:47:15 GMT

GET
H3 200 tooltip-arrow.svg
myempire.com/cdn-static/images/my-empire/icons/ 186 B
537 B 129ms
129ms Image
image/svg+xml 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/icons/tooltip-arrow.svg

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9d046f47824fe5502804a349c421b1c82f73dfcc555aeaaa09d270e997831d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 728
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:10:17 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: W/"645e0e2a-ba"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cf-ttl: 1704852677641
cf-ray: 843173c37a341c56-AKL
expires: Mon, 22 Jan 2024 15:48:31 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 153ms
153ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu3cOWxw.woff2

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myempire.com/
Origin: https://myempire.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 12:26:04 GMT
x-content-type-options: nosniff
age: 50181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14188
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 12:26:04 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 199ms
198ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myempire.com/
Origin: https://myempire.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:50:18 GMT
x-content-type-options: nosniff
age: 365527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 20:50:18 GMT

GET
H3 200 item Show response
myempire.com/nz/api/v2/promo/ 6 KB
3 KB 100ms
100ms XHR
application/json 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/nz/api/v2/promo/item?name=welcome-package

Requested by

Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

148efd925eb3bdbb504b5d39905ecb469bc93c13279b1181b7460fa320655744

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Accept: application/json, text/plain, */*
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
x-content-type-options: nosniff, nosniff always
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
age: 85436
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block always
x-request-id: 26128276-ab84-4b07-b5b1-cf26b173102d
referrer-policy: no-referrer, no-referrer-when-downgrade
last-modified: Tue, 09 Jan 2024 02:38:29 GMT
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN always
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ttl: 1704767969464
cf-ray: 843173c38a531c56-AKL

GET
H3 200 list Show response
myempire.com/nz/api/v2/collection/ 9 KB
2 KB 106ms
106ms XHR
application/json 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/nz/api/v2/collection/list

Requested by

Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4becc8448ea5ae1dbe2c75afb6386fc83af1ac2f41c8144adfc8aa851ea6a60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Accept: application/json, text/plain, */*
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
x-content-type-options: nosniff, nosniff always
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
age: 38460
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block always
x-request-id: 1b160c41-aacf-4b16-ac1c-73c4ba14bfa7
referrer-policy: no-referrer, no-referrer-when-downgrade
last-modified: Tue, 09 Jan 2024 13:06:09 GMT
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN always
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ttl: 1704805629854, 1704812928882, 1704814895463
cf-ray: 843173c39a5f1c56-AKL

GET
H3 200 list Show response
myempire.com/nz/api/v2/icon/ 752 B
1 KB 113ms
113ms XHR
application/json 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://myempire.com/nz/api/v2/icon/list?category=footer_pay&count=3

Requested by

Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6484b754b8f91ec798c725c1f2fc95a5a8657d58596955185224b2125305e78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Accept: application/json, text/plain, */*
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
x-content-type-options: nosniff, nosniff always
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://soft2bet.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://devmalinacasino-mga.imgsrcdata.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
age: 38459
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block always
x-request-id: fbd6dbad-0c70-4c2f-a1ac-124c99a1a6ec
referrer-policy: no-referrer, no-referrer-when-downgrade
last-modified: Tue, 09 Jan 2024 13:02:25 GMT
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN always
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cf-ttl: 1704805405114, 1704812972334, 1704814896045
cf-ray: 843173c39a791c56-AKL

GET
H3 200 map.png
myempire.com/cdn-static/images/my-empire/general/ 1 KB
1 KB 125ms
124ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/general/map.png

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0616bb0807d34cb7924ce1373abc1c173e22f78916a3361069b0606ce7e1065b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 677774
cf-polished: origFmt=png, origSize=1291
x-cache-status: HIT
content-disposition: inline; filename="map.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1118
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e4f-50b"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853405952
accept-ranges: bytes
cf-ray: 843173c3bac11c56-AKL
expires: Mon, 08 Jan 2024 15:48:21 GMT

GET
H3 200 bonus-crab@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 2 KB
2 KB 89ms
88ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/bonus-crab@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

45682d8c7c94751d8a6439ec863ed1e7e5586d33fac4047f057d1073c84c2e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1796
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: "645e0e2a-704"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3baae1c56-AKL
cf-ttl: 1704853285663

GET
H3 200 logotype@2x.webp
myempire.com/cdn-static/images/my-empire/general/webp/ 15 KB
15 KB 91ms
90ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/general/webp/logotype@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5f75d2f2032c82f8d6110a837b67d1b7ce7f1f69ff74f055f2b537886287a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 121
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 15076
cf-revalidated: Wed Jan 10 2024 02:20:24 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: "645e0e2a-3ae4"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3baad1c56-AKL
cf-ttl: 1704853284949

GET
H3 200 home@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 2 KB
2 KB 129ms
127ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/home@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b085e0d753ef2cae7d319f1148b1dfdd911d48fd59d2f0facf784fe7a6824a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 121
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 1846
cf-revalidated: Wed Jan 10 2024 02:20:24 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 May 2023 13:17:37 GMT
server: cloudflare
etag: "64638271-736"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3bab11c56-AKL
cf-ttl: 1704853284975

GET
H3 200 search@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 1 KB
2 KB 93ms
92ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/search@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f1e333780d21097959dc94087cde1bbabe0ac9b088667abd63045972709c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1230
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: "645e0e2a-4ce"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3baa61c56-AKL
cf-ttl: 1704853285035

GET
H3 200 casino@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 2 KB
2 KB 108ms
107ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/casino@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb6bbe653682e779044b976ce0de03ffb18942a5f510e983188fb1671b70b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1602
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
server: cloudflare
etag: "645e0e4f-642"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3baa81c56-AKL
cf-ttl: 1704853285173

GET
H3 200 live@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 1 KB
2 KB 120ms
118ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/live@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1debc27deb0789a0f21750d64111de6e52c840358a7238bfd76e56d6b9b7fa05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1372
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: "645e0e2a-55c"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3babf1c56-AKL
cf-ttl: 1704853285312

GET
H3 200 jackpots@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 2 KB
2 KB 106ms
106ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/jackpots@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6af5aadc312184ca2b6e69b0fc36ee3ee0519ad05a32bdb37956cf6c749f823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 2194
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: "645e0e2a-892"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3baa41c56-AKL
cf-ttl: 1704853285319

GET
H3 200 my-empire_v2@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 5 KB
5 KB 100ms
99ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/my-empire_v2@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9d6867f01932d4e11927a70507c0da4fda4d263be2a9479f95518e7cfb1e977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 5172
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Jun 2023 13:24:42 GMT
server: cloudflare
etag: "6489bf9a-1434"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3bab01c56-AKL
cf-ttl: 1704853285503

GET
H3 200 promotion@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 2 KB
2 KB 119ms
118ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/promotion@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3116dd92d855f0ee87e991cb2a7caa76e644b9bbe90b7db73a55b593a65b250e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 1626
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: "645e0e2a-65a"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3babc1c56-AKL
cf-ttl: 1704853285654

GET
H3 200 vip@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 2 KB
2 KB 108ms
107ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/vip@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

04477e193170fd4d0fb96a4031a7fb20231f835321779fbc07165a232f434626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 1880
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
server: cloudflare
etag: "645e0e4f-758"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3bab41c56-AKL
cf-ttl: 1704853285757

GET
H3 200 my-empire@2x.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 2 KB
2 KB 104ms
103ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/my-empire@2x.webp

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f32c892a62bc6ad1f64fa59c5124bce577d59d1278a2eaba30929845df1bf95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 120
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 1948
cf-revalidated: Wed Jan 10 2024 02:20:25 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
server: cloudflare
etag: "645e0e4f-79c"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3bab61c56-AKL
cf-ttl: 1704853285934

GET
H2 200 nz.svg
light.imgsrcdata.com/vector/flags/ 3 KB
1 KB 134ms
48ms Image
image/svg+xml 104.16.181.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://light.imgsrcdata.com/vector/flags/nz.svg
Requested by: Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.181.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b11fde2cdab44fff4b3fd5f2ac640191855abf84506ea5323cfe4d3cc622e24

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 12 May 2023 10:00:55 GMT
server: cloudflare
age: 1063381
etag: W/"645e0e57-b27"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 843173c43a1950c0-AKL
expires: Mon, 08 Jan 2024 12:38:06 GMT

GET
H3 200 bg-vip.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 530 B
890 B 93ms
91ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/bg-vip.webp?v4

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b02878988493c37f41285b00a88e30747dad07c7632c912d14331ff598bc9b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 119
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
content-length: 530
cf-revalidated: Wed Jan 10 2024 02:20:26 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: "645e0e2a-212"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3baab1c56-AKL
cf-ttl: 1704853286036

GET
H3 200 bg-vip-active.webp
myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/ 550 B
909 B 98ms
97ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/header/sidebar-links-icons/webp/bg-vip-active.webp?v4

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

abae1898b2227033d3a63f0bd56ded56a1372e99a2046bcd509271fa2bf45971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 119
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 550
cf-revalidated: Wed Jan 10 2024 02:20:26 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
server: cloudflare
etag: "645e0e4f-226"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 843173c3baba1c56-AKL
cf-ttl: 1704853286042

GET
H3 200 bg-pattern.png
myempire.com/cdn-static/images/my-empire/general/ 1 KB
2 KB 119ms
118ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/general/bg-pattern.png

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddacd187a78f84e287b1113eb332a48661ad2b0a185c4272b43a807d305b7ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 123713
cf-polished: origFmt=png, origSize=2418
x-cache-status: MISS
content-disposition: inline; filename="bg-pattern.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1342
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e4f-972"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853405945
accept-ranges: bytes
cf-ray: 843173c3baa31c56-AKL
expires: Mon, 22 Jan 2024 15:47:56 GMT

GET
H3 200 promotions-bg-desktop.jpg
myempire.com/cdn-static/images/my-empire/promotions/ 57 KB
57 KB 134ms
132ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/promotions/promotions-bg-desktop.jpg

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

654cc6be8f74e6d2401bd4be15c17879903ab520bebc9ce614fbf6e3bfb3074d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 1008
cf-polished: qual=85, origFmt=jpeg, origSize=59000
x-cache-status: MISS
content-disposition: inline; filename="promotions-bg-desktop.webp"
alt-svc: h3=":443"; ma=86400
content-length: 58426
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 11:04:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e1d5b-e678"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853405965
accept-ranges: bytes
cf-ray: 843173c3baa91c56-AKL
expires: Mon, 22 Jan 2024 02:23:40 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 206ms
206ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myempire.com/
Origin: https://myempire.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 03:58:34 GMT
x-content-type-options: nosniff
age: 80631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 03:58:34 GMT

GET
H3 200 18+.svg
myempire.com/cdn-static/images/my-empire/footer/ 2 KB
1 KB 103ms
103ms Image
image/svg+xml 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/footer/18+.svg

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2944249735bdecdf47162ceb4c36fe51a9c3b2548bd9494186786fe00fb33e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 118
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:20:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
server: cloudflare
etag: W/"645e0e4f-612"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cf-ttl: 1704853287366
cf-ray: 843173c3dada1c56-AKL
expires: Mon, 22 Jan 2024 15:46:12 GMT

GET
H3 200 iso.svg
myempire.com/cdn-static/images/my-empire/footer/ 28 KB
11 KB 97ms
97ms Image
image/svg+xml 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/footer/iso.svg

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

76f014fab08dcc2671f278a6d15a229faea2ba683698eed58df9c2a7f500c789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 118
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:20:27 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
server: cloudflare
etag: W/"645e0e4f-7117"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cf-ttl: 1704853287366
cf-ray: 843173c3dad91c56-AKL
expires: Mon, 22 Jan 2024 15:46:12 GMT

GET
H3 200 1686063536767_testlil.png
myempire.com/dimg/promo/ 12 KB
12 KB 56ms
56ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/dimg/promo/1686063536767_testlil.png?extension=webp&height=900

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c26a379f7b399f7aa5e966c8cf16ee9a3646b5949dbd8bfa166c5db34dbf608a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 132407
content-disposition: inline; filename="1686063536767_testlil.webp"
x-front-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11952
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Jan 2024 13:09:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=3600, public
accept-ranges: bytes
cf-ray: 843173c4fc871c56-AKL
x-conv-cache-status: HIT
expires: Tue, 01 Aug 2023 08:19:20 GMT

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 62CE 25 KB
6 KB 51ms
51ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
x-amz-version-id: Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPFGS4SBCJ216KA
age: 1701534
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified: Tue, 05 Dec 2023 00:24:12 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzI0hBNsE3U3t4IjM%2BlKSlUUy%2FXqHKZLVNdlMhn6%2BONDsHRnLZecEeVrjnPw0w1qcI3Vr2odFzrBFzQsdEvWg57jVrEApZfIEcSzeko2gr6c5rzuUDza%2F%2BUjkfWhUF7UJ5zXfWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 843173c59df91c4c-AKL
expires: Wed, 04 Dec 2024 00:24:11 GMT

GET
H2 200 config Show response
myempire1.zendesk.com/embeddable/ Frame 62CE 508 B
1 KB 469ms
372ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myempire1.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b40ffc4ccc020d27a1624238ff208124ea24af0944f811f605af372eeeccf90

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-8566df6bc6-zkrpg
x-cached: MISS
x-request-id: 843173c57d9d725c-SYD
x-runtime: 0.002102
last-modified: Wed, 10 Jan 2024 02:20:34 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9MOAH6WLisyETNWHxGyBdU80sdDfTrOD%2BFiQOpVF2jaTVSJOwvuzEcl0gf3qFZeoPZfqHtVUwyRfx0WcLXxJ6GqAgMx6QmO9m%2FrxpUspy30%2FG%2B28VK6dVv9GlVFNqcwDt3b3p7xeA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 843173c57d9d725c-AKL

GET
H3 200 stars-1.png
myempire.com/cdn-static/images/my-empire/promotions/ 38 KB
39 KB 97ms
95ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/promotions/stars-1.png

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5edf0ce5c2a8cfbff8c8e4435f8a3fab0c58e935f8fb40088d48ce3b89066c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 121270
cf-polished: origFmt=png, origSize=43855
x-cache-status: HIT
content-disposition: inline; filename="stars-1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 39222
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e4f-ab4f"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853406124
accept-ranges: bytes
cf-ray: 843173c4fc901c56-AKL
expires: Mon, 22 Jan 2024 15:49:23 GMT

GET
H3 200 left.png
myempire.com/cdn-static/images/my-empire/ribbons/red/ 3 KB
3 KB 92ms
90ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/ribbons/red/left.png

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b91a617006e82801898abb1d3267ae8993faffda592f9b5e4bc0457111b42b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 214353
cf-polished: origFmt=png, origSize=3191
x-cache-status: HIT
content-disposition: inline; filename="left.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2658
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e4f-c77"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853406125
accept-ranges: bytes
cf-ray: 843173c4fc941c56-AKL
expires: Mon, 08 Jan 2024 15:48:22 GMT

GET
H3 200 center.png
myempire.com/cdn-static/images/my-empire/ribbons/red/ 140 B
541 B 86ms
84ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/ribbons/red/center.png

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9605c6cbed32faa7bbd89262e28417eae2b27498f22bda3e432c71eeff1815e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 677776
cf-polished: origFmt=png, origSize=171
x-cache-status: HIT
content-disposition: inline; filename="center.webp"
alt-svc: h3=":443"; ma=86400
content-length: 140
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e4f-ab"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853406118
accept-ranges: bytes
cf-ray: 843173c4fc921c56-AKL
expires: Mon, 08 Jan 2024 15:48:27 GMT

GET
H3 200 right.png
myempire.com/cdn-static/images/my-empire/ribbons/red/ 2 KB
3 KB 104ms
102ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/ribbons/red/right.png

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc121f8634d10426fd127092807817dced592293d6c8e89ec34e679aaaadd3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 214353
cf-polished: origFmt=png, origSize=3005
x-cache-status: HIT
content-disposition: inline; filename="right.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e2a-bbd"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853406136
accept-ranges: bytes
cf-ray: 843173c4fc961c56-AKL
expires: Mon, 08 Jan 2024 15:48:27 GMT

GET
H3 200 number-polygon.png
myempire.com/cdn-static/images/my-empire/vip/ 726 B
1 KB 104ms
102ms Image
image/webp 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/vip/number-polygon.png

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e417c1c42b16cd81ec89a6216f06bcc6149658c7a9a8d3e1d9344276e898c4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
cf-cache-status: HIT
age: 121253
cf-polished: origFmt=png, origSize=839
x-cache-status: MISS
content-disposition: inline; filename="number-polygon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 726
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:48 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "645e0e50-347"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cf-ttl: 1704853406135
accept-ranges: bytes
cf-ray: 843173c4fc981c56-AKL
expires: Mon, 22 Jan 2024 16:25:35 GMT

GET
H3 200 paymsystem_visa.svg
myempire.com/cdn-static/vector/payments/monochrome-light/ 4 KB
2 KB 88ms
88ms Image
image/svg+xml 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/vector/payments/monochrome-light/paymsystem_visa.svg

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

819139ba1036d6cea3e0d6ae29c27254a81b04cfde04b56cd7b9b7edb980e7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 118
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:20:28 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
etag: W/"645e0e31-e94"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cf-ttl: 1704853288447
cf-ray: 843173c59dbf1c56-AKL
expires: Mon, 22 Jan 2024 15:46:20 GMT

GET
H3 200 paymsystem_mastercard.svg
myempire.com/cdn-static/vector/payments/color-dark-bg/ 5 KB
2 KB 76ms
76ms Image
image/svg+xml 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/vector/payments/color-dark-bg/paymsystem_mastercard.svg

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc4b2ad204eff9b0dcee6fc539bcd8830a8813e7e9be464b4ddc89ad075f0f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 118
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:20:28 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:17 GMT
server: cloudflare
etag: W/"645e0e31-1477"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cf-ttl: 1704853288467
cf-ray: 843173c5fe681c56-AKL
expires: Mon, 22 Jan 2024 15:31:26 GMT

GET
H3 200 paymsystem_banktransfer.svg
myempire.com/cdn-static/vector/payments/monochrome-light/ 12 KB
5 KB 84ms
84ms Image
image/svg+xml 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/vector/payments/monochrome-light/paymsystem_banktransfer.svg

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

025cf6abb05fc2309b52b049d6761b66fd2f0ad005380ccdf4613612202ad037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 118
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:20:28 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:56 GMT
server: cloudflare
etag: W/"645e0e58-2eec"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cf-ttl: 1704853288465
cf-ray: 843173c62ebc1c56-AKL
expires: Mon, 22 Jan 2024 15:46:20 GMT

GET
H2 200 en-gb-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 62CE 25 KB
6 KB 54ms
54ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-gb-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26aefa0a7d1d180cddb476db556c9d3b7d591b58ecc688fa639a9207fcdfa862

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
x-amz-version-id: 5hsOaMV6Nb_DATYF4aSGtDqtZKcg9ZRe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DGAZDMQN9E6ZMS5M
age: 3108810
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: bfPK4iaaTI+kCZMEyWAICt5ivE8yAq1RnUpPrv7rxsM10j0rcl/BcEJDebZuN8DVzGIbc8MbgVA=
last-modified: Tue, 05 Dec 2023 00:24:11 GMT
server: cloudflare
etag: W/"f5aab4f8b4a810ac0dae8f81aa2cbcc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omrEFbZecRhoyDzJJL1SGPStgiG6qnxF1jPSxvvYbVrjOMvTIqYzUgDRA48qtZjFoXuR2ew0hYgTwZsFxsV2%2BDce3HHykBQjtbIVu8w1u0EZuJviPs1PrOYuY3WILlZ4bxzDbho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 843173c66f381c4c-AKL
expires: Wed, 04 Dec 2024 00:24:10 GMT

GET
H2 200 web-widget-chat-sdk-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 62CE 202 KB
51 KB 53ms
52ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
x-amz-version-id: TdcYv88Lf5u9m3AG8eAA2HBmnexgob8V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0X24BSPSV39D8D28
age: 3108811
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 1eGND/GjxrlQxia9pWdTTwHT8UuCrrKDdbJzZuma1/VkfAY1PcOzD5FH1w1FjTJn2c8rVgJg5Po=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa%2BRr9Ypt0G0zq070yTS6AfP6sJagNia4%2B0T2KzMMhQA82p1h5XABOu47xCmqOkTgRrMrWj9pk0socV%2BfVscvp91JPUMitsuGoXynJVsH1S9s2UfYUUb8u67X5ZrS%2BUmOssspzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 843173c6bfa21c4c-AKL
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 265ms
265ms Script
application/javascript 2404:6800:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LBNMHCRHG0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4XMJ9L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

491ae32a6042278c5ba66fcf9dffad32d2c5c51649c4ae8b8d081c8564e9ae69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 02:22:26 GMT

GET
H2 200 hotjar-3564538.js Show response
static.hotjar.com/c/ 9 KB
4 KB 215ms
73ms Script
application/javascript 18.67.111.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3564538.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4XMJ9L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-7.syd62.r.cloudfront.net

Software

Resource Hash

afc642adb8ed053a8f870917e7c7b8c0849a03c71914089d5ea2a2a1af1709ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 02:22:26 GMT
via: 1.1 f10eedb52fc0d82204e85d20112deafa.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
etag: W/0996614d9413e6c366f135ad10e79cff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: V8zyS7yi_r9D9IIbHarVl1j6reqWI8fMG6HNoTtanGLWxEv9wLiUDA==

GET
H2 200 blue-tag.min.js Show response
event.getblue.io/js/ 9 KB
3 KB 1133ms
360ms Script
application/javascript 54.232.135.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/js/blue-tag.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4XMJ9L

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.232.135.155 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-232-135-155.sa-east-1.compute.amazonaws.com

Software

Resource Hash

a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 12 Nov 2023 13:58:10 GMT
etag: W/"9113-1699797490074"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 myempire.js Show response
adjs.media/resources/content/ 3 KB
2 KB 841ms
505ms Script
text/javascript 2606:4700:3037::6815:54ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/resources/content/myempire.js

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:54ee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f128d8a60c39a9efdae6feeebb48f587f98fe0606f59906673290e12c56866f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 695832c4-d022-406a-a7ef-f85de1a88ed3
x-runtime: 0.001680
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5f128d8a60c39a9efdae6feeebb48f58"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsp8B93ANY2x%2FfVaNPP%2FYFghYV%2BrNHgCubPQU7cDtGonI3p1%2B%2BXIvnpjCWjbrDFcsiBcESv9WoMLkon%2BUH%2BhZJ8Q%2B5G7kdrXCjHMssX%2BYkFCN0Pm9ntnytgD1CvrwmluVQI2IUcUQraN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, private
cf-ray: 843173ca5c5aa965-SYD

GET
H2 200 js Show response
metrics.getrmads.com/tag/ 4 KB
2 KB 366ms
281ms Script
text/javascript 2606:4700:3032::ac43:cb12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4XMJ9L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b5752199f1b2af9eb9009bc61b15b32cf726fd369851f02ad40bddc9a3fa60

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBuHHKsFUa%2BjOWM22lDOVHGlxRASfSS06u507nnTS2Mr%2FoAhtWpAQfHan%2BTyearc2PNQwnQYC5hclaG3S2gRv4%2Fa3Bop1UDH0xENqxB5uOivKDtE7IBwYnO0LxDM2hAF3KCtoXhUYK%2Fefs3gbGiK4vQ5ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 843173c8b9b750c0-AKL
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ 73 B
618 B 1710ms
337ms Script
text/javascript 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4XMJ9L

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 180
expires: -1

GET
H/1.1 200
OK trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
32 KB 666ms
75ms Script
application/javascript 104.72.70.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.72.70.165 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-72-70-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 02:22:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 09:56:34 GMT
Server: nginx
x-amz-request-id: tx000007146e0b4837b0e1c-00646c8ee1-3295d04c-default
ETag: W/"f937ab3eef01c118930b200e5087d00d"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Cache-Control: public, max-age=66621
Connection: keep-alive
Content-Length: 31849

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 90D4 41 KB
26 KB 261ms
260ms Document
text/html 2404:6800:4006:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoiCApAAAAAATLO54AilCmdtnblyXFT9AYclR6&co=aHR0cHM6Ly9teWVtcGlyZS5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c2c60idpytt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2004 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e07dcde9a172cb69620d28a7b756eb150ba7da3a52847d944b9c4dfe966c9afd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Sz-lN_QOj53jFezTENiWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2Sz-lN_QOj53jFezTENiWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 02:22:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 modules.abdef350bc65bc59cb61.js Show response
script.hotjar.com/ 220 KB
55 KB 223ms
79ms Script
application/javascript 13.35.147.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.abdef350bc65bc59cb61.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3564538.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-91.syd1.r.cloudfront.net

Software

Resource Hash

5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d0c0855de58a470001e3701ff4871f82.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 143059
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55659
last-modified: Mon, 08 Jan 2024 10:37:27 GMT
etag: "80c44d9c04a527e3fdaa01818eb305c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: XR64GW77WKPU00UbI1tbBLsDYKEXihRw4DcIL91_fMaU1WQRtr0skw==

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 649ms
248ms Ping
text/plain 2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LBNMHCRHG0&gtm=45je4180v9119540975z89119536910&_p=1704853345090&gcd=11l1l1l1l1&dma=0&cid=1462588980.1704853347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704853347&sct=1&seg=0&dl=https%3A%2F%2Fmyempire.com%2Fnz%2Fpromotions%2Fwelcome-package%3Fmid%3D41665_386673%26fluid%3D64464987-5b5f-4fea-bb79-db5225bed583%26clickid%3D22301718&dt=myempire&en=page_view&_fv=1&_nsi=1&_ss=1&ep.UserID=Not%20Login&tfd=5808
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBNMHCRHG0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myempire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 90D4 55 KB
24 KB 460ms
153ms Stylesheet
text/css 2404:6800:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoiCApAAAAAATLO54AilCmdtnblyXFT9AYclR6&co=aHR0cHM6Ly9teWVtcGlyZS5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c2c60idpytt

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:80a::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 03:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 03:46:57 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 90D4 503 KB
201 KB 543ms
236ms Script
text/javascript 2404:6800:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:80a::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 17:06:51 GMT

GET
H2 204 3564538 Show response
vc.hotjar.io/sessions/ 0
258 B 472ms
330ms XHR
text/plain 13.35.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3564538?s=0.25&r=0.22957039557871406
Requested by: Host: myempire.com
URL: https://myempire.com/polyfills.b1e14b684b383409f92f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-3.syd1.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:27 GMT
via: 1.1 1c65a9672d4009a4b2d2b0463141bfa6.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: SYD1-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: KLgL1a7ZkLg8WZ1vkTlYmvM6y3ywFfaR1Tn65QiTLJBZdLB99NhdJA==

GET
H2 200 myempire.gif Show response
adjs.media/hit/ 0
324 B 296ms
296ms Script
text/javascript 2606:4700:3037::6815:54ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/hit/myempire.gif?page=https%3A%2F%2Fmyempire.com%2Fnz%2Fpromotions%2Fwelcome-package%3Fmid%3D41665_386673%26fluid%3D64464987-5b5f-4fea-bb79-db5225bed583%26clickid%3D22301718&ref=&date=1704853347&tid=v1.0.18377524087.13067093650&plt=Win32

Requested by

Host: adjs.media
URL: https://adjs.media/resources/content/myempire.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:54ee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6ac2f53a-9427-4637-9263-58d071bacc4e
x-runtime: 0.004434
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJiJUjON0wmomDXLGDXKS5pfCRlvAepsk4H3tPXjiGN9mzV5kzqV4et9U1BCsubaOPxXJ3KKEt2A%2BdFAruDwGzttmq9Z9Q83l8rRLXGhiIvaB1SOxWUFVNxnrVxNiGu8esUyBthYstlC"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 843173cd885ea965-SYD

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 1 KB
1 KB 1527ms
270ms Script
text/javascript 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?pm=2796857&ADFPageName=myempire.com%2Fnz&ADFdivider=%7C&ord=858910711052&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJueiIsInBubSI6IndlbGNvbWUtcGFja2FnZT9taWQ9NDE2NjVfMzg2NjczJmZsdWlkPTY0NDY0OTg3LTViNWYtNGZlYS1iYjc5LWRiNTIyNWJlZDU4MyZjbGlja2lkPTIyMzAxNzE4In1dfQ&loc=https%3A%2F%2Fmyempire.com%2Fnz%2Fpromotions%2Fwelcome-package%3Fmid%3D41665_386673%26fluid%3D64464987-5b5f-4fea-bb79-db5225bed583%26clickid%3D22301718&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a8b4ad7d4ba60f33d180f7683195fe9dc0f1b2fc348d8f431f5e8423481ed1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 719
expires: -1

POST
H2 200 wmetrics
metrics.getrmads.com/ 0
315 B 260ms
259ms Ping
text/plain 2606:4700:3032::ac43:cb12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.getrmads.com/wmetrics?rtid=REH-1691446272083886&lg=en-us&sr=1600x1200&fr=0&dr=&dl=https%3A%2F%2Fmyempire.com%2Fnz%2Fpromotions%2Fwelcome-package%3Fmid%3D41665_386673%26fluid%3D64464987-5b5f-4fea-bb79-db5225bed583%26clickid%3D22301718&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: metrics.getrmads.com
URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odDMgJQW7OhKEsIgAKU7%2BzUrF6zm%2B5b9t9QjTgnmvpNzX3oToFTPdnztrd5Cl16yX83DgZP338aDPFvmyIuozPXsry9muAWswUdDM%2FbFRTgXKHaIwQP5hbUab0%2B65lDU76dtMf%2BJ5JiJNcHbZvjNaaNvkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 843173cf4b3e50c0-AKL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
event.getblue.io/p/ Frame D20C 1 KB
867 B 453ms
452ms Document
text/html 54.232.135.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.getblue.io/p/?cId=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&ulc=&v=29092023-1023&nocache=9497289906822.191
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.232.135.155 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-232-135-155.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: c103ea846ff554786ff3ebcc139272d269b44eafe321b01621902c705452e3e8

Request headers

Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 10 Jan 2024 02:22:27 GMT
tagcontainer-version: 1201-09112023-2349
vary: Accept-Encoding

GET
H2 200 / Show response
widget.getblue.io/event/ 13 B
92 B 372ms
365ms Script
text/javascript 54.232.135.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getblue.io/event/?cId=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&ulc=&v=29092023-1023&if=0&nocache=4467623549456.543
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.232.135.155 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-232-135-155.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:27 GMT
content-length: 13
content-type: text/javascript;charset=UTF-8

GET
H2

200

/
cms.getblue.io/cm/ Frame D20C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&google_ula=6572934421&ula=65729344...
https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&google_ula=6572934421&ula=6572934...
https://cms.getblue.io/cm/?src=adx&child=europe&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&ula=6572934421&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&google_gi...

2 B
100 B

1082ms
359ms

Image
application/json

18.229.228.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&ula=6572934421&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&google_gid=CAESEJf49QPdUBrBUD_rex6q50c&google_cver=1&google_ula=6572934421,0
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&ulc=&v=29092023-1023&nocache=9497289906822.191
Protocol: H2
Server: 18.229.228.20 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-228-20.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:29 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&ula=6572934421&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&google_gid=CAESEJf49QPdUBrBUD_rex6q50c&google_cver=1&google_ula=6572934421,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 493
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D20C
Redirect Chain

https://ib.adnxs.com/setuid?entity=449&code=73400440-1373-48B7-B1ACA2037D548CAD
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3D73400440-1373-48B7-B1ACA2037D548CAD

43 B
1 KB

263ms
262ms

Image
image/gif

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3D73400440-1373-48B7-B1ACA2037D548CAD

Requested by

Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&ulc=&v=29092023-1023&nocache=9497289906822.191

Protocol

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:29 GMT
an-x-request-uuid: be51baf0-e597-4b68-87d7-dcd54fae2281
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.75.11.87; 103.75.11.87; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:28 GMT
an-x-request-uuid: f15f7d06-56ad-4dba-b9db-a90fd3a49d3f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3D73400440-1373-48B7-B1ACA2037D548CAD
cache-control: no-store, no-cache, private
x-proxy-origin: 103.75.11.87; 103.75.11.87; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
cms.getblue.io/cm/ Frame D20C
Redirect Chain

https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&appn...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3D73400440-1373-48B7-B1ACA2037D548CAD%26cid%3DB8C3E9A6-C0D1-36AB-2D44B513FA8C81D3%26blueID%3Dc70...
https://cms.getblue.io/cm/?src=appnexus&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&appnexusid=7972341840443585036

2 B
99 B

612ms
360ms

Image
application/json

18.229.228.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.getblue.io/cm/?src=appnexus&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&appnexusid=7972341840443585036
Requested by: Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&ulc=&v=29092023-1023&nocache=9497289906822.191
Protocol: H2
Server: 18.229.228.20 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-228-20.sa-east-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:29 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:29 GMT
an-x-request-uuid: 490d2050-45df-472c-9ab2-feb348e95fe7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cms.getblue.io/cm/?src=appnexus&ckid=73400440-1373-48B7-B1ACA2037D548CAD&cid=B8C3E9A6-C0D1-36AB-2D44B513FA8C81D3&blueID=c70ec79f-ddf9-4309-9b1d-500327925b0c&appnexusid=7972341840443585036
x-proxy-origin: 103.75.11.87; 103.75.11.87; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 audience-pixel.min.js Show response
event.getblue.io/r/ Frame D20C 5 KB
3 KB 365ms
364ms Script
application/javascript 54.232.135.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/r/audience-pixel.min.js?nocache=1090

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.232.135.155 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-232-135-155.sa-east-1.compute.amazonaws.com

Software

Resource Hash

53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 21:25:22 GMT
etag: W/"5608-1704835522229"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 web-widget-chat-incoming-message-notification-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 62CE 236 B
703 B 46ms
46ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:28 GMT
x-amz-version-id: vFeMRdO_ves3AqXqcJa51X.kBsGbKmeW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: GRA1MY759DHF3G52
age: 3108812
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OSrWoUKuQeRSOfEP3ilQGfEUL8jjwmS3wL3JKxWvedoRTpCGl8rhaGrej2QkpRTFIErUaQGZHmE=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xC14z3IZKcbjI4Sic4iBHuYXiImxjdc%2FbMidf6pCG07rlfKWna%2BK1oZEs33HX3fC8MiBUyLZlThRcapTMdjVD3vrGQxgccXYHE1yOAPjwIGVip6%2BPiX6Itm7N6Fzew%2Fm17tGJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 843173d30c9e1c4c-AKL
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H3 200 kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js Show response
www.google.com/js/bg/ Frame 90D4 17 KB
7 KB 153ms
153ms Script
text/javascript 2404:6800:4006:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2004 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoiCApAAAAAATLO54AilCmdtnblyXFT9AYclR6&co=aHR0cHM6Ly9teWVtcGlyZS5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c2c60idpytt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 23:43:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 527958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6851
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 23:43:10 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 90D4 2 KB
2 KB 153ms
152ms Image
image/png 2404:6800:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:80a::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:49:57 GMT
x-content-type-options: nosniff
age: 534751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 10 Jan 2024 21:49:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 90D4 15 KB
15 KB 153ms
153ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 14:23:25 GMT
x-content-type-options: nosniff
age: 43143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 14:23:25 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 90D4 15 KB
15 KB 161ms
161ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 23:36:53 GMT
x-content-type-options: nosniff
age: 528335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 23:36:53 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 90D4 102 B
135 B 247ms
247ms Other
text/javascript 2404:6800:4006:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:814::2004 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoiCApAAAAAATLO54AilCmdtnblyXFT9AYclR6&co=aHR0cHM6Ly9teWVtcGlyZS5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c2c60idpytt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jan 2024 02:22:28 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 62CE 19 KB
20 KB 49ms
48ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: myempire.com
URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 10 Jan 2024 02:22:28 GMT
x-amz-version-id: 7mQmj5CjPPHXphZWB9MwFHsB8G6GZRZR
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HT3YBWDSMX7GGWKJ
age: 6163071
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: u4rjVl6bznOFELXxWcdEy4cxf3HS8QD5+1jVYrU8pTGZTnnUMyhwdvSjilQjVnwTrzYblOccmBE=
last-modified: Tue, 26 Sep 2023 06:59:46 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHvWYk5HfcCXgqQuI%2Fjv4Fg%2FDDz77NU3gmD66MWsFag4i7V1bL0MyRSzl78MJgkQQTkYhAlEhXOaN597qqyTCYLhCmLZ%2ByHaGPAou0Ar1rg6y7vSfbZ%2BmCyebsUoUZMZ7zIYU14%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 843173d39d891c4c-AKL
expires: Wed, 25 Sep 2024 06:59:45 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 116 B
719 B 271ms
270ms Script
text/javascript 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2796857&ADFPageName=myempire.com%2Fnz&ADFdivider=%7C&ord=858910711052&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJueiIsInBubSI6IndlbGNvbWUtcGFja2FnZT9taWQ9NDE2NjVfMzg2NjczJmZsdWlkPTY0NDY0OTg3LTViNWYtNGZlYS1iYjc5LWRiNTIyNWJlZDU4MyZjbGlja2lkPTIyMzAxNzE4In1dfQ&loc=https%3A%2F%2Fmyempire.com%2Fnz%2Fpromotions%2Fwelcome-package%3Fmid%3D41665_386673%26fluid%3D64464987-5b5f-4fea-bb79-db5225bed583%26clickid%3D22301718&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=6173306328103948284

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6b69d6e91000938c7dbf51d27521178be5ea672313b21ff7110d640ddd07a8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 02:22:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 190
expires: -1

GET
H3 200 corner-decoration-white.svg
myempire.com/cdn-static/images/my-empire/general/svg/ 4 KB
2 KB 117ms
116ms Image
image/svg+xml 94.242.228.13
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myempire.com/cdn-static/images/my-empire/general/svg/corner-decoration-white.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

94.242.228.13 , Luxembourg, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0331e1dfc26179f448ee433632bf2b48297451003930e22325c1197681f0f49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:22:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
content-encoding: br
cf-cache-status: HIT
age: 184
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cf-revalidated: Wed Jan 10 2024 02:19:26 GMT+0000 (Coordinated Universal Time)
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 10:00:10 GMT
server: cloudflare
etag: W/"645e0e2a-ec6"
vary: null, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cf-ttl: 1704853226801
cf-ray: 843173dd8f0d1c56-AKL
expires: Mon, 22 Jan 2024 15:46:21 GMT

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
myempire.com/cdn-static/images/my-empire/general/svg	1969-12-31 23:59:59	Name: _cf_reyid Value: hcFHwWMcf1fgBDD9ksfLmaDdfVaBTS1GILFcVB/H4tGfN59XsBLGkSp1F4vNbznK
myempire.com/nz/api/v2/system	1969-12-31 23:59:59	Name: ws Value: "66c0dd5252d9efd2"
myempire.com/nz/api/v2/system	1969-12-31 23:59:59	Name: Value: HttpOnly
myempire.com/nz/promotions	1969-12-31 23:59:59	Name: user Value: "c838d894d5d31ec1"
myempire.com/socket	1969-12-31 23:59:59	Name: ws Value: "c5d1c69fcfcc48f2"
goo.su/	1970-01-20 17:35:20	Name: XSRF-TOKEN Value: eyJpdiI6IjJpdjloNjQveWVkb3NGcEY5dDhXVEE9PSIsInZhbHVlIjoiTVUrcHRCMWEvVDQzQ0lxRWNFTWM3Tm5hWENucGlMWnZxSjlScnRpRlF4b1hDTVdnelRMNUd1T2toMTZENnBESGl4VVNVTUFoSEpRUXp1Y3JSQ1NXM3JlS1h0WEljWWlicEdkRWZrLzBPMW1YTTFkb0dBTkJhOGJUR1BsbGNHdXQiLCJtYWMiOiJhMDVlNDU4N2QxMTNjNGI3Y2U2MTMwMzk2OGFkYzA0NzlhYWNlYzdmNGFmZjFkZGYyODY0YTE3OTdkZDg5MDU0IiwidGFnIjoiIn0%3D
goo.su/	1970-01-20 17:35:20	Name: goosu_session Value: eyJpdiI6Ik1NNzNKS0hqVTZKbVRRSVB2eUtXdWc9PSIsInZhbHVlIjoiaFYrcnQ0UUNXRzZ6MUQ1VDlON2paWFBpV3J3d0hrekpQWkZ4eE1vbUJGVk9uMUQ5d0pGMklwTHRVTlZXRHQ3TFh5aHBSd2hCaytVM1dUMzJYZHpmaGVGZHRGUHlISm1TR1ovR0FDQU9leExLN04wSFc0dU1qbEZ1SlpDeDhDZnMiLCJtYWMiOiIwNzc2NWZlYzY2NzIyNzIwYjYxODQ2ZjI3MzIwYjg2ZWVjNzc3YWFiNTQ1N2IzYzU2ZjMyYWRkYjA2YzI0N2U5IiwidGFnIjoiIn0%3D
keyaff.com/	1969-12-31 23:59:59	Name: session Value: 3ls7jroc13tf8i5b8t7gj243o0
widget-mediator.zopim.com/	1970-01-20 17:44:18	Name: AWSALBCORS Value: cIdkF0YU86VznIUW/qT85xOWeGfX9iPeYgcwCfaiotmUNEz35ZlgDJxJgxSPOZAk3QDzbGKOBxyQkq5dobMsPkdfLa2sYCw17OXdt5c6e6L4u8qADf/F1CWKXT1w
.myempire.com/	1970-01-20 17:34:15	Name: _hjFirstSeen Value: 1
.myempire.com/	1970-01-20 17:34:15	Name: _hjAbsoluteSessionInProgress Value: 1
.getblue.io/	1970-01-21 02:19:49	Name: ckid Value: 73400440-1373-48B7-B1ACA2037D548CAD
.doubleclick.net/	1970-01-21 03:10:13	Name: IDE Value: AHWqTUkoFMbvxW7TqqGLxdbpa0fw3iVOi_eRB-txndl6Ha18ej37e9tRL_9Ph6xpObk
.adform.net/	1970-01-20 18:18:51	Name: C Value: 1
.adform.net/	1970-01-20 19:00:37	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 19:43:49	Name: uuid2 Value: 7972341840443585036
.adform.net/	1970-01-20 19:00:37	Name: uid Value: 2545532454141025126
.adnxs.com/	1970-01-21 03:10:13	Name: XANDR_PANID Value: 89MdeAgcBYWM3GB5cTD02DLYKLUZSV8ELQE29lGkTiLgZKckGk99Jz8I-Sz97iM8n7Kk7vvhwaEw7n8MCRu0IYi5PjilUvmlwB-zvyh0xBE.
.adnxs.com/	1970-01-20 19:43:49	Name: anj Value: dTM7k!M4.FD>6NRF']wIg2E?gs/(W>!]tbPl@/8LQ0[eC=E2.Ue8)4/e)Hw%kaFXae8=[%kC+Gjl!VrZkaJLve8>6X:L!JJrvcU%bpRzqF1`be!B?OsQ
myempire.com/	1969-12-31 23:59:59	Name: _cf_reyid Value: hcFHwWMcf1fgBDD9ksfLmaDdfVaBTS1GILFcVB/H4tGfN59XsBLGkSp1F4vNbznK

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://myempire.com/nz/promotions/welcome-package?mid=41665_386673&fluid=64464987-5b5f-4fea-bb79-db5225bed583&clickid=22301718(Line 10) Message: <link rel=preload> uses an unsupported `as` value
network	error	URL: https://myempire.com/nz/api/v2/seo/item?id=promotions__welcome-package Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3mye94ye.com
a1.adform.net
adjs.media
cdn.cookie-script.com
cm.g.doubleclick.net
cms.getblue.io
ekr.zdassets.com
event.getblue.io
fonts.gstatic.com
goo.su
ib.adnxs.com
keyaff.com
light.imgsrcdata.com
metrics.getrmads.com
myemp.servclick1move.com
myempire.com
myempire1.zendesk.com
s2.adform.net
script.hotjar.com
static.hotjar.com
static.zdassets.com
track.adform.net
vc.hotjar.io
widget.getblue.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
103.43.90.53
104.16.181.247
104.16.51.111
104.18.70.113
104.18.72.113
104.72.70.165
116.203.90.127
13.35.147.3
13.35.147.91
142.250.204.2
159.65.121.218
18.229.228.20
18.67.111.7
185.84.60.23
2404:6800:4006:809::2003
2404:6800:4006:809::200e
2404:6800:4006:80a::2003
2404:6800:4006:80a::2008
2404:6800:4006:814::2004
2606:4700:3032::6815:2a95
2606:4700:3032::ac43:cb12
2606:4700:3036::ac43:8b69
2606:4700:3037::6815:54ee
37.157.3.26
54.232.135.155
94.242.228.13
94.242.231.44
025cf6abb05fc2309b52b049d6761b66fd2f0ad005380ccdf4613612202ad037
0331e1dfc26179f448ee433632bf2b48297451003930e22325c1197681f0f49f
04477e193170fd4d0fb96a4031a7fb20231f835321779fbc07165a232f434626
0616bb0807d34cb7924ce1373abc1c173e22f78916a3361069b0606ce7e1065b
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d5feaa5d7eeb90014c974422cd68d9da4000f72edddc5fd0b2dba4ca74424aa
148efd925eb3bdbb504b5d39905ecb469bc93c13279b1181b7460fa320655744
1b11fde2cdab44fff4b3fd5f2ac640191855abf84506ea5323cfe4d3cc622e24
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1debc27deb0789a0f21750d64111de6e52c840358a7238bfd76e56d6b9b7fa05
2611e12dadc87efd11865f3a1badc9b4d3a196451701fd32d0b4f047e03adcf1
26aefa0a7d1d180cddb476db556c9d3b7d591b58ecc688fa639a9207fcdfa862
2b40ffc4ccc020d27a1624238ff208124ea24af0944f811f605af372eeeccf90
2b893d480519c3b693f770b1729fb28d15bce4012d41e2f5fc55b3ef6e0a36f4
3116dd92d855f0ee87e991cb2a7caa76e644b9bbe90b7db73a55b593a65b250e
362b7b348273dda482d105ff5c1e58c301b6cce02ed14d487c19bc573b7f7380
3de15b1d2847ca0b87f24337f4b62dab22ae8a3431135310bf18142be6687b56
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
45682d8c7c94751d8a6439ec863ed1e7e5586d33fac4047f057d1073c84c2e2c
4729fe634dea3a7464e64be98910b903d27e4ed05aabc34b9b2691c52ff090f9
491ae32a6042278c5ba66fcf9dffad32d2c5c51649c4ae8b8d081c8564e9ae69
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e9e644bc924e9a33199b01db0bfb47ee2b22d7b7fb31ef6a50368fcc0036e7e
53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
5533cd88c08c727ab0ff2d1413bca57be1259b4e91586b3c969653205d417b22
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
5f128d8a60c39a9efdae6feeebb48f587f98fe0606f59906673290e12c56866f
5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7
654cc6be8f74e6d2401bd4be15c17879903ab520bebc9ce614fbf6e3bfb3074d
6b69d6e91000938c7dbf51d27521178be5ea672313b21ff7110d640ddd07a8a8
74f7a1e34d4e17f756e649ac76875a935bd4d5578719729a84594a1fc3fa36bb
76b5752199f1b2af9eb9009bc61b15b32cf726fd369851f02ad40bddc9a3fa60
76f014fab08dcc2671f278a6d15a229faea2ba683698eed58df9c2a7f500c789
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b91a617006e82801898abb1d3267ae8993faffda592f9b5e4bc0457111b42b9
819139ba1036d6cea3e0d6ae29c27254a81b04cfde04b56cd7b9b7edb980e7b3
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
909a43991aef468d9b931cea09d5e47808597fb61eb7152c854a24155bb64d3c
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
9605c6cbed32faa7bbd89262e28417eae2b27498f22bda3e432c71eeff1815e8
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9cb6bbe653682e779044b976ce0de03ffb18942a5f510e983188fb1671b70b6c
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a74d2923f26fe3443fdb5eb4e7f7c867d735c0757d2b56013c511684c14cdc61
a8b4ad7d4ba60f33d180f7683195fe9dc0f1b2fc348d8f431f5e8423481ed1b0
aa188235128c826f21d91ed2cb4ff9216031d82feb33f138383b06de9bf96dd6
abae1898b2227033d3a63f0bd56ded56a1372e99a2046bcd509271fa2bf45971
ae49bd166fdf2bf7ef40d3ac654d261802d1cb65cb94b47787999ef8f0d2dbfb
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
afc642adb8ed053a8f870917e7c7b8c0849a03c71914089d5ea2a2a1af1709ec
b02878988493c37f41285b00a88e30747dad07c7632c912d14331ff598bc9b7b
b085e0d753ef2cae7d319f1148b1dfdd911d48fd59d2f0facf784fe7a6824a39
c103ea846ff554786ff3ebcc139272d269b44eafe321b01621902c705452e3e8
c26a379f7b399f7aa5e966c8cf16ee9a3646b5949dbd8bfa166c5db34dbf608a
c2944249735bdecdf47162ceb4c36fe51a9c3b2548bd9494186786fe00fb33e6
c6af5aadc312184ca2b6e69b0fc36ee3ee0519ad05a32bdb37956cf6c749f823
c9329b49dc5ad9c07ed461690a46d4558a96cbcdeffee1ac8fc748a71e7a38f3
c9d6867f01932d4e11927a70507c0da4fda4d263be2a9479f95518e7cfb1e977
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca9d046f47824fe5502804a349c421b1c82f73dfcc555aeaaa09d270e997831d
ce148dbe8339839d9469d376eae006346b837953a099da996a2b76ecdbad59fe
d3f1e333780d21097959dc94087cde1bbabe0ac9b088667abd63045972709c4e
d4becc8448ea5ae1dbe2c75afb6386fc83af1ac2f41c8144adfc8aa851ea6a60
d9f0072578a1de0cbcdd5f0b3a2ecef1bb87cd52f67a37453d12b42b639c2df1
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
dc4b2ad204eff9b0dcee6fc539bcd8830a8813e7e9be464b4ddc89ad075f0f5c
ddacd187a78f84e287b1113eb332a48661ad2b0a185c4272b43a807d305b7ebc
e07dcde9a172cb69620d28a7b756eb150ba7da3a52847d944b9c4dfe966c9afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417c1c42b16cd81ec89a6216f06bcc6149658c7a9a8d3e1d9344276e898c4c6
e80c3f3f88940ecf3ce26dd20cc4424e0882e31f1512c43bb78893451473b2ed
e892a0034377c80edb5573975aff093dbcec7a1b0a9263c1a6886692e752823f
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d
efc121f8634d10426fd127092807817dced592293d6c8e89ec34e679aaaadd3a
f32c892a62bc6ad1f64fa59c5124bce577d59d1278a2eaba30929845df1bf95f
f5edf0ce5c2a8cfbff8c8e4435f8a3fab0c58e935f8fb40088d48ce3b89066c0
f5f75d2f2032c82f8d6110a837b67d1b7ce7f1f69ff74f055f2b537886287a5c
f6484b754b8f91ec798c725c1f2fc95a5a8657d58596955185224b2125305e78
f6f53995f863d8404d1c4e7482b289142b6b5a9a32efe7c58230ea8547cd79ab
f996e458c52f78f6341754ec742e64193eb177dd1014b8f6f3bfb42632324136
fdee6f53127d290b82702d862c91a3a5c55b7d76bc9ca483b9d5441ec280df33

myempire.com Open in urlscan Pro 94.242.228.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

97 %HTTPS

33 %IPv6

21 Domains

28 Subdomains

22 IPs

8 Countries

2587 kBTransfer

7422 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

myempire.com Open in urlscan Pro
94.242.228.13 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

97 %
HTTPS

33 %
IPv6

21
Domains

28
Subdomains

22
IPs

8
Countries

2587 kB
Transfer

7422 kB
Size

20
Cookies

96 HTTP transactions
0 data transactions