emma.ca Open in urlscan Pro
34.197.10.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://emma.ca/
Effective URL:
https://emma.ca/
Submission: On June 24 via manual (June 24th 2022, 7:36:18 am UTC) from FR — Scanned from CA

Summary HTTP 62 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 29 IPs in 1 countries across 23 domains to perform 62 HTTP transactions. The main IP is 34.197.10.15, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is emma.ca.
TLS certificate: Issued by R3 on April 15th 2022. Valid for: 3 months.

This is the only time emma.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	34.197.10.15 34.197.10.15	14618 (AMAZON-AES) (AMAZON-AES)
8	18.64.155.2 18.64.155.2	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	18.64.229.75 18.64.229.75	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	18.64.155.43 18.64.155.43	16509 (AMAZON-02) (AMAZON-02)
4	23.47.145.211 23.47.145.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6816:1546	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:77::84 2a04:4e42:77::84	54113 (FASTLY) (FASTLY)
6	18.64.155.46 18.64.155.46	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:233... 2600:9000:2335:9400:15:decf:f580:21	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	3.12.47.149 3.12.47.149	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:13:... 2600:141b:13::17d7:82c3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
3	23.198.216.196 23.198.216.196	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:141b:13:... 2600:141b:13::17d7:82e3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9a	15169 (GOOGLE) (GOOGLE)
1 1	13.226.39.96 13.226.39.96	16509 (AMAZON-02) (AMAZON-02)
3	18.64.155.73 18.64.155.73	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:1446	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::393	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7c60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
62	29

2 34.197.10.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-10-15.compute-1.amazonaws.com

emma.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.64.155.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-155-2.atl56.r.cloudfront.net

global-uploads.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.229.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-229-75.atl56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.155.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-155-43.atl56.r.cloudfront.net

cdn2l.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.47.145.211 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-145-211.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1546 (United States)

ASN13335 (CLOUDFLARENET, US)

app.growsurf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:77::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.64.155.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-155-46.atl56.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2335:9400:15:decf:f580:21 (United States)

ASN16509 (AMAZON-02, US)

d38xvr37kwwhcm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.12.47.149 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-47-149.us-east-2.compute.amazonaws.com

capture-api.ap3prod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82c3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.198.216.196 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-196.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82e3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.96 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-96.ewr53.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.64.155.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-155-73.atl56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1446 (United States)

ASN13335 (CLOUDFLARENET, US)

api.growsurf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7c60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	webflow.com global-uploads.webflow.com — Cisco Umbrella Rank: 33169 uploads-ssl.webflow.com — Cisco Umbrella Rank: 14087	1 MB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 966	71 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	223 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2853	131 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 7301	675 B
3	google.com www.google.com — Cisco Umbrella Rank: 8	675 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 794	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 2859 api-iam.intercom.io — Cisco Umbrella Rank: 2723	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	427 B
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 595 p.typekit.net — Cisco Umbrella Rank: 706	1 KB
2	ap3prod.com capture-api.ap3prod.com — Cisco Umbrella Rank: 144859	6 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 784	19 KB
2	growsurf.com app.growsurf.com — Cisco Umbrella Rank: 117683 api.growsurf.com — Cisco Umbrella Rank: 110750	181 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	109 KB
2	cloudfront.net d3e54v103j8qbb.cloudfront.net d38xvr37kwwhcm.cloudfront.net	46 KB
2	emma.ca emma.ca	32 KB
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 6378	432 B
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2885	940 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	cdn2l.ink cdn2l.ink — Cisco Umbrella Rank: 328339	20 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1355	37 KB
62	23

	Domain	Requested by
8	global-uploads.webflow.com	emma.ca
6	uploads-ssl.webflow.com	global-uploads.webflow.com
4	analytics.tiktok.com	emma.ca analytics.tiktok.com
4	www.googletagmanager.com	emma.ca www.googletagmanager.com
3	js.intercomcdn.com	widget.intercom.io
3	www.google.ca	emma.ca
3	www.google.com	emma.ca
3	ct.pinterest.com	s.pinimg.com emma.ca
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.facebook.com	emma.ca
2	capture-api.ap3prod.com	cdn2l.ink
2	s.pinimg.com	emma.ca s.pinimg.com
2	connect.facebook.net	emma.ca connect.facebook.net
2	emma.ca	emma.ca
1	www.cloudflare.com	d38xvr37kwwhcm.cloudfront.net
1	res.cloudinary.com
1	api-iam.intercom.io	js.intercomcdn.com
1	api.growsurf.com	app.growsurf.com
1	widget.intercom.io	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	p.typekit.net	use.typekit.net
1	use.typekit.net	client
1	www.googleadservices.com	www.googletagmanager.com
1	d38xvr37kwwhcm.cloudfront.net	emma.ca
1	app.growsurf.com	emma.ca
1	cdn2l.ink	emma.ca
1	d3e54v103j8qbb.cloudfront.net	emma.ca
1	www.googleoptimize.com	emma.ca
62	29

This site contains links to these domains. Also see Links.

Domain
app.emma.ca
www.humania.ca
www.facebook.com
www.instagram.com
twitter.com
www.pinterest.ca
www.linkedin.com
goo.gl
growsurf.com

Subject Issuer	Validity	Valid
emma.ca R3	`2022-04-15` - `2022-07-14`	3 months	crt.sh
global-uploads.webflow.com Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-02` - `2022-07-01`	3 months	crt.sh
static.ap3prod.com Amazon	`2022-03-23` - `2023-04-22`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-08`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
uploads-ssl.webflow.com Amazon	`2021-09-27` - `2022-10-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.ap3prod.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
www.cloudflare.com Cloudflare Inc ECC CA-3	`2021-09-18` - `2022-09-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://emma.ca/
Frame ID: 437A35912D8AE6DA4CD1BED4E6BFF470
Requests: 59 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.a32cf68f.js
Frame ID: 5CD98712980EF77278E65313094BD3AC
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 059AE7A564DE6F31A81C444924D8916F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Emma: Affordable Online Life Insurance & No Medical Exam

Page URL History Show full URLs

http://emma.ca/ HTTP 307
https://emma.ca/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

59 %
IPv6

23
Domains

29
Subdomains

29
IPs

1
Countries

1987 kB
Transfer

5383 kB
Size

17
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://app.emma.ca/en/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.humania.ca/en-ca/individual
Title: Humania

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EmmaInfo/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/emma.ca/

Search URL Search Domain Scan URL

URL: https://twitter.com/emma_insurance

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/emmalabs/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/emma-labs/

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/ndBcex9ghVrxqExB8
Title: 7900-300 Boul. Pierre-BertrandQuebec, Qc, G2J 0C5

Search URL Search Domain Scan URL

URL: https://app.emma.ca/fr/login
Title: Se connecter à Emma

Search URL Search Domain Scan URL

URL: https://growsurf.com/powered-by-growsurf?utm_source=GrowSurf%20User%20Website&utm_medium=GrowSurf%20Window&utm_campaign=https://emma.ca/&company_name=&company_logo_image_url=&goal=
Title: Referral marketing powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emma.ca/ HTTP 307
https://emma.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://widget.intercom.io/widget/kibica1g HTTP 302
https://js.intercomcdn.com/shim.latest.js

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
emma.ca/
Redirect Chain

http://emma.ca/
https://emma.ca/

103 KB
26 KB

115ms
51ms

Document
text/html

34.197.10.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://emma.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.197.10.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-10-15.compute-1.amazonaws.com

Software

openresty /

Resource Hash

6c9b7de5446f10c3cc74614e7eca1cccafeb9652bd09498122bfe55dff46654e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 605
content-encoding: gzip
content-length: 26653
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Fri, 24 Jun 2022 07:36:12 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-cluster-name: us-east-1-prod-edge-eks-15
x-frame-options: SAMEORIGIN
x-served-by: cache-iad-kcgs7200131-IAD
x-timer: S1656056173.756222,VS0,VE1

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://emma.ca/
Non-Authoritative-Reason: HSTS

GET
H2 200 emma-ca.webflow.17fc42ad4.min.css
global-uploads.webflow.com/59dbe1c25428050001926167/css/ 654 KB
88 KB 131ms
44ms Stylesheet
text/css 18.64.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/css/emma-ca.webflow.17fc42ad4.min.css
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-2.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e751fd39e89d9cb9f69198b30d68c9018797996636cd9d0e5601c57c0b96c673

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 17:34:33 GMT
content-encoding: gzip
age: 50500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 89342
last-modified: Thu, 16 Jun 2022 16:38:02 GMT
server: AmazonS3
etag: "c50a7a6e606ddfe74d150803578e36ae"
x-amz-version-id: KkwxcXaZfpJ1RDvG2J7L.6hLqPCJCEJL
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: GJGhR5iXCH86ZpT8MdIJz0-yeyJsZqbGaqlbk4zG8EATWJPDAHKJ4g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 96ms
49ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103251504-1

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb06cfeaea5d0751b3e61c2a430ee9f13e681ce9b05bde641ca88df4b70fa9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40797
x-xss-protection: 0
expires: Fri, 24 Jun 2022 07:36:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 153 KB
57 KB 44ms
42ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-845805993

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19d669d25bc92f55ec6d1f9d43735120be4c787f040fabbed4ac15af8e0fdb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58175
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 07:36:13 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 95 KB
37 KB 97ms
41ms Script
application/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-5SCRFWZ

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d72759c4570ce2def296db93b2dac4f1d3eed0b6d1cd9829f9d72b4b31a3ab97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37803
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 07:36:12 GMT

GET
H2 200 60ff1dfbb4004dc27ef84243_shape-bg-home-hero-finance-x-template.svg
global-uploads.webflow.com/59dbe1c25428050001926167/ 527 B
961 B 41ms
39ms Image
image/svg+xml 18.64.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/60ff1dfbb4004dc27ef84243_shape-bg-home-hero-finance-x-template.svg
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-2.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4112d6697554780f46c0667deee479db26b018eb1dacef5e91c488e49f29f08

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 11:33:45 GMT
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 20:41:33 GMT
server: AmazonS3
age: 504148
etag: "13ff798b30089d2cb6859963988327ff"
x-cache: Hit from cloudfront
x-amz-version-id: 7vLm_lfvDUw9AUqk4AyUyafZAn1TcAeL
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 527
x-amz-cf-id: P-2vi4pX8iEQYw07bmAniTrD4p24spK2fAyHuHeeGZRpOrkgCqBuHQ==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 128ms
43ms Script
application/javascript 18.64.229.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=59dbe1c25428050001926167
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.229.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-229-75.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://emma.ca/
Origin: https://emma.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:37:02 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 61152
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5df6a6f843be2e6dd8ba492b043e12c4.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: ATL56-P1
x-amz-cf-id: FdWIVpuJl_oB69TpHULt9gO3Hf4o6v8SM_6kEsYrp-T7GNpH-1arDg==

GET
H2 200 webflow.cc4528c21.js Show response
global-uploads.webflow.com/59dbe1c25428050001926167/js/ 656 KB
95 KB 41ms
40ms Script
text/javascript 18.64.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/js/webflow.cc4528c21.js
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-2.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4eeb9d70c10b1ac0359132bce56f260f0043bf2bba6acc77890ab866f9ab21d9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 15:39:41 GMT
content-encoding: gzip
age: 57392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 96899
last-modified: Thu, 16 Jun 2022 16:38:02 GMT
server: AmazonS3
etag: "fa125111bb92b3d3c7ea4a296fcc5f54"
x-amz-version-id: 6i48iEa_YitMM_ADzUpD54OFGb0htI5Z
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: Uy5JQkHZ44AUEpPIaBiyAoVX3x2jMnYcyYEBcjCGxPAxiq6svUnDtA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 70ms
17ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: NpB+4WwqhyVCgVeL+suwKWom0GusgdZ2ZBrpuVlb6MAmKOUQ1Gwu6vGfT3alBsv2LJ4isWsyMXOF2g2nv/rbcQ==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Fri, 24 Jun 2022 07:36:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 app.js Show response
cdn2l.ink/ 87 KB
20 KB 141ms
43ms Script
text/javascript 18.64.155.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn2l.ink/app.js

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.155.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-155-43.atl56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

74777737414c7d173eefe1412f12b0004a0689c438369bda34bae0ae1ee27a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 22:39:08 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 22:38:59 GMT
server: AmazonS3
age: 32226
etag: W/"1999d1da250d01779c1655675e6d8271"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e8f78324e5bfcb2604bfdbcc16db2a58.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: ATL56-P2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: htPP6vEiD0njDiYIiu4TYY4T8tTP5SMDnfvc78_ZvClotTt9E1wC5A==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
38 KB 109ms
32ms Script
application/javascript 23.47.145.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C819AH11P6O4F58G1D2G&lib=ttq
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.145.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-145-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6b752dcc0e1a7704e2512964abc8c22e43f5ca960cf246545d228dbb42f51348

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id: 36df01e5.d083e54
date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-47-145-207.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 13,23.47.145.207
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=6, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202206240736130100020076370040050060030130BCB2891
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.5
x-tt-trace-host: 01aea78b356778cfaedf77c75b4c41ffd2a87fb182577eda812411ad4a0cf6def9758c2aaf185abee736a44d6f86ab3dd3a9ad7230622ba918e29cdf0667a0e0f5122281548d01b5f930ae34526669cd3ef35847f7932b7ab8cb3a5ae143bf28476c7f83e2f7c289bbb70b18735f3eb377
expires: Fri, 24 Jun 2022 07:36:13 GMT

GET
H2 200 growsurf.js Show response
app.growsurf.com/ 851 KB
175 KB 136ms
95ms Script
application/javascript 2606:4700:10::6816:1546
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.growsurf.com/growsurf.js?v=2.0.0

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1546 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93f223e8cb08298f71be135cfd090c5a007333f0520303637c97817661422c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 178587
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jun 2022 18:22:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2b99b-18172e72198"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7203ca898da37142-YUL

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 106ms
23ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 start
emma.ca/life-insurance/ 0
6 KB 30ms
29ms Other
text/html 34.197.10.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://emma.ca/life-insurance/start

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.197.10.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-10-15.compute-1.amazonaws.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
vary: x-wf-forwarded-proto, Accept-Encoding
age: 3227
x-cache: HIT
x-cluster-name: us-east-1-prod-edge-eks-15
content-length: 5455
x-served-by: cache-iad-kcgs7200174-IAD
server: openresty
x-timer: S1656056173.013129,VS0,VE1
date: Fri, 24 Jun 2022 07:36:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/html
via: 1.1 varnish
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 5a1f1a1d2756760001da233c_Mostardesign%20-%20SofiaProRegular.otf
uploads-ssl.webflow.com/59dbe1c25428050001926167/ 155 KB
156 KB 291ms
205ms Font
application/x-font-otf 18.64.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/59dbe1c25428050001926167/5a1f1a1d2756760001da233c_Mostardesign%20-%20SofiaProRegular.otf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/css/emma-ca.webflow.17fc42ad4.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-46.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e145b1a56b822a1f604021905dc0c661a5447c13a569b6424be2abc8c140b668

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://emma.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 13:41:05 GMT
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 582909
x-cache: Hit from cloudfront
content-length: 158708
last-modified: Wed, 29 Nov 2017 20:37:43 GMT
server: AmazonS3
etag: "f3775fefdc62abe3d65f8ad711bc367a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 9krFwVy0qYrfGbw4539siLs0to2wTdUS
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: NZt5RKFtN9u4_IDJ1vjUW6H86tlYqPE70pMyUXdqpM2O8luoUHGByg==

GET
H2 200 5a1f1a1d0c00b2000112dabc_Mostardesign%20-%20SofiaPro-Bold.otf
uploads-ssl.webflow.com/59dbe1c25428050001926167/ 163 KB
164 KB 191ms
105ms Font
application/x-font-otf 18.64.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/59dbe1c25428050001926167/5a1f1a1d0c00b2000112dabc_Mostardesign%20-%20SofiaPro-Bold.otf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/css/emma-ca.webflow.17fc42ad4.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-46.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd3544c991134803b697653dbffa19ee05654397f1321d1c1a1af4d43f080b76

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://emma.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:08:07 GMT
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 588487
x-cache: Hit from cloudfront
content-length: 167060
last-modified: Wed, 29 Nov 2017 20:37:15 GMT
server: AmazonS3
etag: "0062e54b10bd34c99d6de0c4126a2658"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: eoMXE9fTCKLYe4pRUvV1DlHs3otqEPKW
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: bBHEjS9K4L2Kq9-6-R1unMXFHerFQL-YB61ujtB1rFarCTF_cJIHRA==

GET
H2 200 5a1f1a1d3361430001fcb3eb_Mostardesign%20-%20SofiaProLight.otf
uploads-ssl.webflow.com/59dbe1c25428050001926167/ 158 KB
159 KB 239ms
154ms Font
application/x-font-otf 18.64.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/59dbe1c25428050001926167/5a1f1a1d3361430001fcb3eb_Mostardesign%20-%20SofiaProLight.otf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/css/emma-ca.webflow.17fc42ad4.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-46.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee2549b27550b99dda52cbaddbe38b2bc70d56d815af2f3710746bac7b8d5aa8

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://emma.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:21:00 GMT
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 580514
x-cache: Hit from cloudfront
content-length: 161884
last-modified: Wed, 29 Nov 2017 20:36:55 GMT
server: AmazonS3
etag: "6bf30b6ebc3c6b3c75070d42c4b289c1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: SwcIIo1h7FnWM97ueZRCJNf47TqM7M5d
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: aJtsNR8e3ngX6QQpAeltEvx4ELZfFkbyuH7UbCK-uHyD0wPqP-KRVg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 54ms
51ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-54HTWZ0YFQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103251504-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3a72bbff17d710ee5ed6d924ccc5bba67f0b58c876f7d48621962a262c5fba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70199
x-xss-protection: 0
expires: Fri, 24 Jun 2022 07:36:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 153 KB
57 KB 42ms
41ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-845805993&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103251504-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

908b01342b1cd5f1a6cccc149e6657330060ab723360fa9ec3a4c0f1e1a4bb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58168
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 07:36:13 GMT

GET
H2 200 59dc0921004ed80001e2dbdd_Mark-OT-Heavy.otf
uploads-ssl.webflow.com/59dbe1c25428050001926167/ 90 KB
90 KB 102ms
45ms Font
application/x-font-otf 18.64.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/59dbe1c25428050001926167/59dc0921004ed80001e2dbdd_Mark-OT-Heavy.otf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/css/emma-ca.webflow.17fc42ad4.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-46.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83054ee1b780a99e6807feeea46e688f3544a079cf1c095cd8721b08d4fa04d4

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://emma.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 02:24:00 GMT
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 537134
x-cache: Hit from cloudfront
content-length: 91964
last-modified: Mon, 09 Oct 2017 23:41:22 GMT
server: AmazonS3
etag: "ece24276a9c70e5b3e45097ee523fe5a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Ec2Oajv0DEheLin8uXQxFAlgKjsvvG6m
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: LmuDr2jia0cHjUd7DW2f306pJwVPyv2SrSrIipVqC6HJYspvRkuHgw==

GET
H2 200 5ad0120d91f6b269b1e10ac0_apercu_regular_pro.otf
uploads-ssl.webflow.com/59dbe1c25428050001926167/ 93 KB
94 KB 349ms
292ms Font
application/x-font-otf 18.64.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/59dbe1c25428050001926167/5ad0120d91f6b269b1e10ac0_apercu_regular_pro.otf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/css/emma-ca.webflow.17fc42ad4.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-46.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89c6549757249b3b91a07af96f087ae40b755cb8822b4678d27ef5caf22dc45d

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://emma.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:38:07 GMT
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 586687
x-cache: Hit from cloudfront
content-length: 95536
last-modified: Thu, 24 Jan 2019 00:29:36 GMT
server: AmazonS3
etag: "c4eb433996001178dc185a0db392344b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: ZsmS.1TMfbPr1V4D.rOMsD2V7tit3sFc
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: dcjJvCFvn2eEWt7gWP2ZgZapmYs0EaXSnLUKqYUb2-mh4U52OfWmnQ==

GET
H2 200 624ec71c1ad509622a4cc88e_trustpilot-logo%201.svg
global-uploads.webflow.com/59dbe1c25428050001926167/ 8 KB
4 KB 39ms
37ms Image
image/svg+xml 18.64.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/624ec71c1ad509622a4cc88e_trustpilot-logo%201.svg
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-2.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4291487eb20ba64804631c66a4d5da4696d963b22c02b0d2ea678d5d898ad6b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 13:18:02 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 11:12:30 GMT
server: AmazonS3
age: 497892
etag: W/"265766685c4d72263a5a7ca10c6dd1c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: XwGyq8bvnt2D26lY0SYZWIquStc4YpX_
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
content-type: image/svg+xml
x-amz-cf-id: jo38Z4vSZkEuIMkjpxpBG97IqfgsqveJDWeifu1cSKbjWkZ_cVdksA==

GET
H2 200 624ec8f33ff80d97055bf09e_Made%20for%20you.svg
global-uploads.webflow.com/59dbe1c25428050001926167/ 6 KB
2 KB 52ms
49ms Image
image/svg+xml 18.64.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/624ec8f33ff80d97055bf09e_Made%20for%20you.svg
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-2.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959bb21fcd31d7d5acbcce44aa32a10cfe34b6bffd396ba4d7376f5f147fb33b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 16:34:19 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 11:20:21 GMT
server: AmazonS3
age: 486115
etag: W/"70cf37b7c9daa717c1c0b782fef78ce0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ai20NDEnf_rBt_BtHho3J7Boc69gyFgv
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
content-type: image/svg+xml
x-amz-cf-id: jnziN0tEA_x7yysuy-3BYgOztSjPc_lbjuEBm40bAfrKCndXqkreBQ==

GET
H2 200 624ec9e0a60671c9d9fdc822_Illustrations-emma.png
global-uploads.webflow.com/59dbe1c25428050001926167/ 42 KB
43 KB 44ms
42ms Image
image/png 18.64.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/624ec9e0a60671c9d9fdc822_Illustrations-emma.png
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-2.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66a89d03cd3aa0eafb34b1fbe355849c058db771e161f23e1741609e3b1fb83e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 13:18:02 GMT
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
last-modified: Thu, 07 Apr 2022 11:24:17 GMT
server: AmazonS3
age: 497892
etag: "b0541ed49d03cc33c1d1423abdbf0b9d"
x-cache: Hit from cloudfront
x-amz-version-id: ZOMkdAAVCC62XbL0F.Ss_F.Hazz2quSW
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: image/png
content-length: 43510
x-amz-cf-id: JmIjjm8SjI5at4JRRUcjgEECfSl-ihxpIfuwpt_juYJBcl3ZR8xk4w==

GET
H2 200 624eca7ba0f2603c9cbe18cf_top-left-bg.svg
global-uploads.webflow.com/59dbe1c25428050001926167/ 7 KB
4 KB 53ms
50ms Image
image/svg+xml 18.64.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/624eca7ba0f2603c9cbe18cf_top-left-bg.svg
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-2.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94055177d74de3a3e3cc67077f5e7832d863f100c4361dae144f533e87053801

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 11:33:45 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 11:26:52 GMT
server: AmazonS3
age: 504148
etag: W/"0220d06cd8b13bfc142e732f9f2f04cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: vuJ5xQbEXeaih7jj.XefWj82XKlkgIQU
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
content-type: image/svg+xml
x-amz-cf-id: eOFFdo3dFqdcenAioSOGB8Nxw_Qkhdr0yLlR1g6mehoyW4AW1L4xIg==

GET
H2 200 624eca7b3ff80d1a415bff2d_top-right-bg.svg
global-uploads.webflow.com/59dbe1c25428050001926167/ 7 KB
4 KB 53ms
51ms Image
image/svg+xml 18.64.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/624eca7b3ff80d1a415bff2d_top-right-bg.svg
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-2.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 201d9cbb9ba985be05bf21aa151574f166dcd3297136e85267b633fe42804e63

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 16:34:19 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 11:26:52 GMT
server: AmazonS3
age: 486115
etag: W/"0aa7df664b7835da3f8ef7dd0096c662"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WnkBoUyXGzEFCinGsoaD8CkJ3x5ZVvIW
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
content-type: image/svg+xml
x-amz-cf-id: u7x6V-WyUGfZp2sUoYy0U7gvGnCiPCfz08rq_Vz_ll2ksUBKTyOFZw==

GET
H2 200 5a1f1a1d0953be00015e5d48_Mostardesign%20-%20SofiaProMedium.otf
uploads-ssl.webflow.com/59dbe1c25428050001926167/ 161 KB
161 KB 72ms
44ms Font
application/x-font-otf 18.64.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/59dbe1c25428050001926167/5a1f1a1d0953be00015e5d48_Mostardesign%20-%20SofiaProMedium.otf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/59dbe1c25428050001926167/css/emma-ca.webflow.17fc42ad4.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-46.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 362732757fd8ef2a7aca850ca0c0a291c44a1192c367281e532be6b90acab235

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://emma.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 06:30:35 GMT
via: 1.1 f556e7e00724091e424fc8e32058ec9e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 522339
x-cache: Hit from cloudfront
content-length: 164488
last-modified: Wed, 29 Nov 2017 20:37:30 GMT
server: AmazonS3
etag: "224a35b3c9de22dc339f018c06b0be24"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: djqA0zp62I8dTb6gw6fJElrXCTMY5xX6
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: OWZyWRKJXDY1vqnnU6KAXFrPHckaUM6_fB21fgR1n2-eT_s7l9Xkdw==

GET
H2 200 grin-sdk.js Show response
d38xvr37kwwhcm.cloudfront.net/js/ 45 KB
16 KB 141ms
42ms Script
application/javascript 2600:9000:2335:9400:15:decf:f580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js
Requested by: Host: emma.ca
URL: https://emma.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2335:9400:15:decf:f580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 534f1b852d1222d493f53c008c11f8ed9bcfd97d8a40d45980f7d63c869d82f5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 09:22:01 GMT
content-encoding: gzip
etag: W/"342611b8772b89642d8f910d8b74117e"
last-modified: Tue, 26 Apr 2022 15:00:35 GMT
server: AmazonS3
age: 80053
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d9385f35ab823b6294a5ec3a85ed4be6.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL56-P1
x-amz-cf-id: L5eHIYk4WqWB32Ol_wP-aM9aEbXviklRIoRv-82sMdiUNMFN345Dkg==

GET
H3 200 116773452310991 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 51ms
31ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/116773452310991?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a94120eadda69399fde7510ba3a976292bcfcbceec643ce320cb8a9e1d44ef5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84779
x-xss-protection: 0
pragma: public
x-fb-debug: vCwkaJfg0Pv7Qkwbz4/Cd08XrNm8sF8Ymjm3hQ0JaikIMmRR26aRZgrENED56mgysgmz2FAgssRpdqcLskM7UA==
x-frame-options: DENY
date: Fri, 24 Jun 2022 07:36:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 27ms
27ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
20ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103251504-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3141
date: Fri, 24 Jun 2022 06:43:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Jun 2022 08:43:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 112ms
44ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-845805993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 15252473734373555178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Jun 2022 07:36:13 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
165 B 78ms
38ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-54HTWZ0YFQ&gtm=2oe6m0&_p=986461802&_z=ccd.v9B&cid=852966988.1656056173&ul=en-us&sr=1600x1200&_s=1&sid=1656056173&sct=1&seg=0&dl=https%3A%2F%2Femma.ca%2F&dt=Emma%3A%20Affordable%20Online%20Life%20Insurance%20%26%20No%20Medical%20Exam&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-54HTWZ0YFQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://emma.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 54ms
54ms Script
application/javascript 23.47.145.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C819AH11P6O4F58G1D2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.145.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-145-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8e53ff1ed1e86e6e55ce41ddd909d8802b08b66ca24171ecae21c65b3da77c75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id: 5f3090c.d083fcb
date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-217-116-151.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-47-145-207.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 34,23.47.145.207
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=17, inner; dur=3
content-length: 30956
pragma: no-cache
server: nginx
x-tt-logid: 202206240736130100020060050050060030470BF29361
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.217.116.151
x-tt-trace-host: 01aea78b356778cfaedf77c75b4c41ffd2a87fb182577eda812411ad4a0cf6def95cd27eabf3795b964519d4d7cf2e71aee01f14fb8cee7e0c2e064847820a586e5db769b81605d16f0949d729cb92a7b1bd8caa5114be3a0fb1aa381797ed02d6c3176c238e20ab491b00258e7021ae56
expires: Fri, 24 Jun 2022 07:36:13 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 857 B
1 KB 34ms
33ms Script
application/javascript 23.47.145.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C819AH11P6O4F58G1D2G&hostname=emma.ca
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C819AH11P6O4F58G1D2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.145.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-145-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 832ef11e93c51f679d81f64d89ed1900c645d780347518033a0a2abcb06abd48

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id: be8edff7.d084027
date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-47-145-207.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 16,23.47.145.207
server-timing: cdn-cache; desc=MISS, edge; dur=11, origin; dur=5, inner; dur=2
content-length: 342
pragma: no-cache
server: nginx
x-tt-logid: 20220624073613010004003007735002011019C2969
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.104.8
x-tt-trace-host: 01aea78b356778cfaedf77c75b4c41ffd2a87fb182577eda812411ad4a0cf6def90cec176f6d456bbd07f5274b5dbb99ad57c978adb5b4b397eff17f4a7db532f35957bb6c2b39349e9262729d5649885aaeb35077bbb5078bf7c74b6104ef9e1183b8da0303a5f07f9b47bf6548471ada
expires: Fri, 24 Jun 2022 07:36:13 GMT

POST
H2 200 page-event Show response
capture-api.ap3prod.com/-/events/ 68 B
498 B 120ms
39ms XHR
application/json 3.12.47.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capture-api.ap3prod.com/-/events/page-event

Requested by

Host: cdn2l.ink
URL: https://cdn2l.ink/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.47.149 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-47-149.us-east-2.compute.amazonaws.com

Software

Resource Hash

8700af521481de785f65b1e3538dfec324b95fcba9ea4fb58cb4d0da6647f312

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://emma.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
allow: GET, POST, PUT, DELETE, OPTIONS
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://emma.ca
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 68
x-version: master-2206170241-2858-843c22a
expires: 0

GET
H2 200 dbq5jeg.css
use.typekit.net/ 4 KB
1006 B 114ms
33ms Stylesheet
text/css 2600:141b:13::17d7:82c3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/dbq5jeg.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fa72b03513fde4b60302c87fa8b6d88b873283a74d2fd09d6e514d672ff92e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 24 Jun 2022 07:36:13 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 774

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 71ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=116773452310991&ev=PageView&dl=https%3A%2F%2Femma.ca%2F&rl=&if=false&ts=1656056173482&sw=1600&sh=1200&v=2.9.62&r=stable&a=plwebflow&ec=0&o=30&fbp=fb.1.1656056173481.348919051&it=1656056173184&coo=false&rqm=GET

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 24 Jun 2022 07:36:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/845805993/ 2 KB
2 KB 82ms
37ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845805993/?random=1656056173507&cv=9&fst=1656056173507&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Femma.ca%2F&tiba=Emma%3A%20Affordable%20Online%20Life%20Insurance%20%26%20No%20Medical%20Exam&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0a1b829c6cb144922d9e979600e43bcf5b8d1421424883607c7ce779f1531dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 get Show response
capture-api.ap3prod.com/-/widgets/ 44 KB
5 KB 39ms
38ms XHR
application/json 3.12.47.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capture-api.ap3prod.com/-/widgets/get

Requested by

Host: cdn2l.ink
URL: https://cdn2l.ink/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.47.149 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-47-149.us-east-2.compute.amazonaws.com

Software

Resource Hash

e0fc51c3ce70e0dcd3770542f6ad35ac0d69bd647c8fa19ad89029b3d0e85843

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://emma.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-version: master-2206170241-2858-843c22a
date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
vary: Accept-Encoding
allow: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://emma.ca
strict-transport-security: max-age=63072000; includeSubDomains; preload

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 67ms
67ms Ping
application/octet-stream 23.47.145.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C819AH11P6O4F58G1D2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.145.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-145-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://emma.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 223307d.d084172
date: Fri, 24 Jun 2022 07:36:13 GMT
x-cache-remote: TCP_MISS from a23-217-116-207.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-47-145-207.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 33,23.47.145.207
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=24, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206240736130100020030020050060030060478EDB8
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.217.116.207
x-tt-trace-host: 01aea78b356778cfaedf77c75b4c41ffd2a87fb182577eda812411ad4a0cf6def9c61f1c94eedfbb73561e4092b1d2d2026e5e2604620b5d352c54cc5e84dba4baea69508a1af78cd23285cb4d937787c117371fed07d057f9cc884518586ed9d7b5f8fbb7bc5bc24b6c0a561c06bf4b74
expires: Fri, 24 Jun 2022 07:36:13 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 482 B
826 B 124ms
30ms XHR
application/json 23.198.216.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614064918353&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1656056173520

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-198-216-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

ced49017b1747b55cec9c576da1dc15fa47ce9cd77ec6e0cf27033892e826864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.cc403617.1656056173.407a2814
x-envoy-upstream-service-time: 3
x-pinterest-rid: 9002450832088342
pin-unauth: dWlkPU1EY3paR0kxT0dJdE1qTTRNQzAwT1dZMUxUZzVaR0l0WXpFMk1qTXpZekEzWlRObA
access-control-allow-origin: https://emma.ca
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
33ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=986461802&t=pageview&_s=1&dl=https%3A%2F%2Femma.ca%2F&ul=en-us&de=UTF-8&dt=Emma%3A%20Affordable%20Online%20Life%20Insurance%20%26%20No%20Medical%20Exam&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=890785409&gjid=1231349758&cid=852966988.1656056173&tid=UA-103251504-1&_gid=131929767.1656056174&_r=1&gtm=2ou6m0&z=431683025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://emma.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://emma.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 109ms
29ms Image
image/gif 23.198.216.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614064918353&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Femma.ca%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1656056173534

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-198-216-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.cc403617.1656056173.407a2815
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 3835751372724809
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
576 B 111ms
31ms Image
image/gif 23.198.216.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&tid=2614064918353&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Femma.ca%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1656056173534

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.198.216.196 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-198-216-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.cc403617.1656056173.407a2816
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1682005762898807
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 95ms
18ms Stylesheet
text/css 2600:141b:13::17d7:82e3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=dbq5jeg&ht=tk&f=39512.39518.39519.39521.39523&a=952416&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/dbq5jeg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82e3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:13 GMT
last-modified: Sat, 02 Oct 2021 08:25:28 GMT
server: nginx
etag: "61581778-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 /
www.google.com/pagead/1p-user-list/845805993/ 42 B
548 B 83ms
37ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/845805993/?random=1656056173507&cv=9&fst=1656054000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Femma.ca%2F&tiba=Emma%3A%20Affordable%20Online%20Life%20Insurance%20%26%20No%20Medical%20Exam&async=1&fmt=3&is_vtc=1&random=1207871080&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/845805993/ 42 B
548 B 87ms
39ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/845805993/?random=1656056173507&cv=9&fst=1656054000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Femma.ca%2F&tiba=Emma%3A%20Affordable%20Online%20Life%20Insurance%20%26%20No%20Medical%20Exam&async=1&fmt=3&is_vtc=1&random=1207871080&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: emma.ca
URL: https://emma.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
436 B 83ms
32ms XHR
text/plain 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-103251504-1&cid=852966988.1656056173&jid=890785409&gjid=1231349758&_gid=131929767.1656056174&_u=YADAAUAAAAAAAC~&z=518557637

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://emma.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 07:36:13 GMT
content-type: text/plain
access-control-allow-origin: https://emma.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/kibica1g
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

118ms
36ms

Script
application/javascript

18.64.155.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Server: 18.64.155.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-73.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b63059905e202d8f38a6f81438650a0196de636e9e769789ff57aba7acaa55b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:32:42 GMT
content-encoding: gzip
age: 212
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6156
last-modified: Thu, 23 Jun 2022 15:52:35 GMT
server: AmazonS3
etag: "fbebe29baed709631b32f70fbc0d0a8c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 c65258796184f23c2d9864ea7ca60348.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
x-amz-cf-id: 81AtYME2VVumEaKlMIa_f8w6-sfrHJtVAV99fE7vFNjfYqqZlPUhhg==

Redirect headers

date: Tue, 21 Jun 2022 12:38:52 GMT
via: 1.1 2755a65ada03bcb40dcec9e77a7c9160.cloudfront.net (CloudFront)
server: AmazonS3
age: 241042
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: EWR53-C2
content-length: 0
x-amz-cf-id: dSZxhRyupOE1eDgZ39x2Gjv2_HYq9ehwtcu3OnvIZCzxIRcfcqvmzA==

GET
H2 200 pnugyr Show response
api.growsurf.com/api/v2/client/auth/ 17 KB
6 KB 423ms
386ms XHR
application/json 2606:4700:10::6816:1446
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.growsurf.com/api/v2/client/auth/pnugyr?unique=true

Requested by

Host: app.growsurf.com
URL: https://app.growsurf.com/growsurf.js?v=2.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1446 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a3aecd0c4a295ab97c47f4880e341c276ea4646100f221f789330f451698e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://emma.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains, max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-grsf-uuid-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMzNmY2FkZWItNzI4My00ZTVlLTgxMWItMTQ5MDVkNWE2Yjg3IiwiaWF0IjoxNjU2MDU2MTc0LCJleHAiOjE2NTk2NTYxNzR9.Z8n9TVvlVuaYqHBSBU1tQYKQudB2cqD1nFDUyMe9nfg
x-dns-prefetch-control: off
x-ratelimit-reset: 1656056235
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 24 Jun 2022 07:36:14 GMT
x-download-options: noopen
x-ratelimit-remaining: 99
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-GRSF-UUID-TOKEN
etag: W/"432c-1G4i91eGlwn24yE/RJNpCMvPje8"
x-ratelimit-limit: 100
cf-ray: 7203ca8ddcfd4bbe-YUL

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 78ms
37ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103251504-1&cid=852966988.1656056173&jid=890785409&_u=YADAAUAAAAAAAC~&z=1840439924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 79ms
39ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103251504-1&cid=852966988.1656056173&jid=890785409&_u=YADAAUAAAAAAAC~&z=1840439924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 frame-modern.a32cf68f.js Show response
js.intercomcdn.com/ Frame 5CD9 316 KB
84 KB 44ms
43ms Script
application/javascript 18.64.155.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.a32cf68f.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/kibica1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-73.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4b4d1bf2eb5b17090a05348422ccc04b6d1fd84910573b05ab627c31797f7e0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jun 2022 07:05:57 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:51:24 GMT
server: AmazonS3
age: 1817
etag: "be9b78994c1e036a5bba3a5752cc2f7c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 c65258796184f23c2d9864ea7ca60348.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
content-length: 85826
x-amz-cf-id: YgeUEoNGJzjjOfNqErZxJbBuoxag9__xpGIoy6FqQa8s5t2md88sXQ==

GET
H2 200 vendor-modern.5545dea7.js Show response
js.intercomcdn.com/ Frame 5CD9 130 KB
40 KB 105ms
105ms Script
application/javascript 18.64.155.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.5545dea7.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/kibica1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.155.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-155-73.atl56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cbb5f8a8286a04cadbf06c75bebb9a343d63760d660d7afba3111a8d996d514

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:06:01 GMT
content-encoding: gzip
age: 1813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40346
last-modified: Thu, 23 Jun 2022 15:51:24 GMT
server: AmazonS3
etag: "4e25bbf88dc02312db75d6ba5cd2340c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 c65258796184f23c2d9864ea7ca60348.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: ATL56-P2
accept-ranges: bytes
x-amz-cf-id: NO35KdmHbJ0lLOyg3QG0zvtxLfyVWALLbDAmtwtWx8zlKHuU9RA5WA==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 059A 0
18 B 38ms
18ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://emma.ca
Referer: https://emma.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://emma.ca
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 07:36:14 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/845805993/ 2 KB
1 KB 81ms
41ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845805993/?random=1656056174001&cv=9&fst=1656056174001&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Femma.ca%2F&tiba=Emma%3A%20Affordable%20Online%20Life%20Insurance%20%26%20No%20Medical%20Exam&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e20a6cff60d555ac3380279eaab67a5b909d3ca36ca993922efbb189a363ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 5CD9 5 KB
2 KB 571ms
516ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.a32cf68f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

c529ee15853aa0d4424586a2bc1a09ef93269e123c78f48745ca2539b1c426a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 07:36:14 GMT
content-encoding: gzip
x-ami-version: ami-0917d28b6623bbbce
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 001cchcvf2nke8fsa7vg
x-runtime: 0.483332
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"c529ee15853aa0d4424586a2bc1a09ef"
x-ratelimit-remaining: 13332
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emma.ca
x-intercom-version: 0c668a5b708dda051e155670959cfbd1f932b0ad
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1656056180
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H3 200 /
www.google.com/pagead/1p-user-list/845805993/ 42 B
64 B 39ms
38ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/845805993/?random=1656056174001&cv=9&fst=1656054000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Femma.ca%2F&tiba=Emma%3A%20Affordable%20Online%20Life%20Insurance%20%26%20No%20Medical%20Exam&async=1&fmt=3&is_vtc=1&random=4105829592&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/845805993/ 42 B
64 B 41ms
40ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/845805993/?random=1656056174001&cv=9&fst=1656054000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Femma.ca%2F&tiba=Emma%3A%20Affordable%20Online%20Life%20Insurance%20%26%20No%20Medical%20Exam&async=1&fmt=3&is_vtc=1&random=4105829592&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 07:36:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baf580129e1e14cc202c6c03df6a3da954160cdd5037c3e5544bdf80fe7b9c27

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 itjiwxj7xeycfnyn7zyu.svg
res.cloudinary.com/growsurf-prod/image/upload/v1613061035/production/ 993 B
940 B 60ms
12ms Image
image/svg+xml 2a04:4e42:200::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/growsurf-prod/image/upload/v1613061035/production/itjiwxj7xeycfnyn7zyu.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

53e637f40beb048e9f979aa45b2f886e889b6e73bdedd16c02743e5ec2f27a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-disposition: attachment; filename="itjiwxj7xeycfnyn7zyu.svg"
server-timing: fastly;dur=1;start=2022-06-24T07:36:14.191Z;desc=hit,rtt;dur=9
vary: Accept-Encoding
content-length: 517
last-modified: Thu, 11 Feb 2021 16:30:36 GMT
server: Cloudinary
etag: W/"39e35580eb71f62166d349d43c449682"
strict-transport-security: max-age=604800
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 286 B
432 B 52ms
13ms XHR
text/plain 2606:4700::6810:7c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: d38xvr37kwwhcm.cloudfront.net
URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d3d46459d4b800b4e20637e3fa2c143ffaba99192ec4523cceb6d3a6738d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://emma.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7203ca91ba267144-YUL
expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.emma.ca/	1970-01-20 06:10:32	Name: _gcl_au Value: 1.1.1030806189.1656056173
.emma.ca/	1970-01-20 21:32:08	Name: _ga_54HTWZ0YFQ Value: GS1.1.1656056173.1.0.1656056173.0
.tiktok.com/	1970-01-20 13:22:32	Name: _ttp Value: 2B0wBOeG9uMxE6pb8MCNW6TYhB0
.emma.ca/	1970-01-20 06:10:32	Name: _fbp Value: fb.1.1656056173481.348919051
emma.ca/	1970-01-20 12:46:32	Name: ap3c Value: IGK1aW3Rr2mpyi4BAGK1aW0Tdn4ojKuYz8LCiIdxUJ88euQUYg
.emma.ca/	1970-01-20 13:22:32	Name: _tt_enable_cookie Value: 1
.emma.ca/	1970-01-20 13:22:32	Name: _ttp Value: 7f0c69c9-e7ac-4635-a45b-bb7dff52d822
.emma.ca/	1970-01-20 21:32:08	Name: _ga Value: GA1.2.852966988.1656056173
.emma.ca/	1970-01-20 04:02:22	Name: _gid Value: GA1.2.131929767.1656056174
.emma.ca/	1970-01-20 04:00:56	Name: _gat_gtag_UA_103251504_1 Value: 1
.facebook.com/	1970-01-20 06:10:32	Name: fr Value: 0DA3ylvDr8bOuS44T..BitWlt...1.0.BitWlt.
.ct.pinterest.com/	1970-01-20 12:46:32	Name: _pinterest_ct_ua Value: "TWc9PSZaR1NmOXFMR0Fic2VGM3dMcmMwaTRrTTIyOGNWRFBmZTdWWG1xajY2U3Z0cnlJWTc5QllYcEo0WUFzd3hBbGRacW5Dc0tqcGxGNnFDanpnUml6Y0dxZlVmcXRiaUlINGdDMk14VTRzeWRyST0mSzhaT1RINEtTRDdybEtHS2Z3dG1GNkROamJrPQ=="
.emma.ca/	1970-01-20 12:46:32	Name: _pin_unauth Value: dWlkPU1EY3paR0kxT0dJdE1qTTRNQzAwT1dZMUxUZzVaR0l0WXpFMk1qTXpZekEzWlRObA
.doubleclick.net/	1970-01-20 21:32:08	Name: IDE Value: AHWqTUm5srD1zMm7IDbO2cecCR4l7CqVhucS9EFoyEbwzycha6v3UcTySl1ivKde
.emma.ca/	1970-01-20 04:00:59	Name: pnugyr.grsf.uuid Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMzNmY2FkZWItNzI4My00ZTVlLTgxMWItMTQ5MDVkNWE2Yjg3IiwiaWF0IjoxNjU2MDU2MTc0LCJleHAiOjE2NTk2NTYxNzR9.Z8n9TVvlVuaYqHBSBU1tQYKQudB2cqD1nFDUyMe9nfg
.emma.ca/	1970-01-20 10:29:46	Name: intercom-id-kibica1g Value: fd346a34-bd2f-4221-893f-fd8eec00b25d
.emma.ca/	1970-01-20 04:11:00	Name: intercom-session-kibica1g Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://emma.ca/ Message: [.WebGL-0x3d28025d1b00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels (this message will no longer repeat)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-iam.intercom.io
api.growsurf.com
app.growsurf.com
capture-api.ap3prod.com
cdn2l.ink
connect.facebook.net
ct.pinterest.com
d38xvr37kwwhcm.cloudfront.net
d3e54v103j8qbb.cloudfront.net
emma.ca
global-uploads.webflow.com
googleads.g.doubleclick.net
js.intercomcdn.com
p.typekit.net
res.cloudinary.com
s.pinimg.com
stats.g.doubleclick.net
uploads-ssl.webflow.com
use.typekit.net
widget.intercom.io
www.cloudflare.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
13.226.39.96
142.250.80.34
18.64.155.2
18.64.155.43
18.64.155.46
18.64.155.73
18.64.229.75
23.198.216.196
23.47.145.211
2600:141b:13::17d7:82c3
2600:141b:13::17d7:82e3
2600:9000:2335:9400:15:decf:f580:21
2606:4700:10::6816:1446
2606:4700:10::6816:1546
2606:4700::6810:7c60
2607:f8b0:4004:c09::9a
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2002
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::200e
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::393
2a04:4e42:77::84
3.12.47.149
34.197.10.15
99.83.219.81
0e20a6cff60d555ac3380279eaab67a5b909d3ca36ca993922efbb189a363ff3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19d669d25bc92f55ec6d1f9d43735120be4c787f040fabbed4ac15af8e0fdb53
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
201d9cbb9ba985be05bf21aa151574f166dcd3297136e85267b633fe42804e63
2a94120eadda69399fde7510ba3a976292bcfcbceec643ce320cb8a9e1d44ef5
362732757fd8ef2a7aca850ca0c0a291c44a1192c367281e532be6b90acab235
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3cbb5f8a8286a04cadbf06c75bebb9a343d63760d660d7afba3111a8d996d514
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
4291487eb20ba64804631c66a4d5da4696d963b22c02b0d2ea678d5d898ad6b1
4eeb9d70c10b1ac0359132bce56f260f0043bf2bba6acc77890ab866f9ab21d9
534f1b852d1222d493f53c008c11f8ed9bcfd97d8a40d45980f7d63c869d82f5
53e637f40beb048e9f979aa45b2f886e889b6e73bdedd16c02743e5ec2f27a76
66a89d03cd3aa0eafb34b1fbe355849c058db771e161f23e1741609e3b1fb83e
6b752dcc0e1a7704e2512964abc8c22e43f5ca960cf246545d228dbb42f51348
6c9b7de5446f10c3cc74614e7eca1cccafeb9652bd09498122bfe55dff46654e
74777737414c7d173eefe1412f12b0004a0689c438369bda34bae0ae1ee27a2d
83054ee1b780a99e6807feeea46e688f3544a079cf1c095cd8721b08d4fa04d4
832ef11e93c51f679d81f64d89ed1900c645d780347518033a0a2abcb06abd48
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8700af521481de785f65b1e3538dfec324b95fcba9ea4fb58cb4d0da6647f312
89c6549757249b3b91a07af96f087ae40b755cb8822b4678d27ef5caf22dc45d
8e53ff1ed1e86e6e55ce41ddd909d8802b08b66ca24171ecae21c65b3da77c75
908b01342b1cd5f1a6cccc149e6657330060ab723360fa9ec3a4c0f1e1a4bb98
93f223e8cb08298f71be135cfd090c5a007333f0520303637c97817661422c24
94055177d74de3a3e3cc67077f5e7832d863f100c4361dae144f533e87053801
959bb21fcd31d7d5acbcce44aa32a10cfe34b6bffd396ba4d7376f5f147fb33b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4b4d1bf2eb5b17090a05348422ccc04b6d1fd84910573b05ab627c31797f7e0
a6a3aecd0c4a295ab97c47f4880e341c276ea4646100f221f789330f451698e4
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
b63059905e202d8f38a6f81438650a0196de636e9e769789ff57aba7acaa55b9
baf580129e1e14cc202c6c03df6a3da954160cdd5037c3e5544bdf80fe7b9c27
bb06cfeaea5d0751b3e61c2a430ee9f13e681ce9b05bde641ca88df4b70fa9b6
c3a72bbff17d710ee5ed6d924ccc5bba67f0b58c876f7d48621962a262c5fba5
c529ee15853aa0d4424586a2bc1a09ef93269e123c78f48745ca2539b1c426a3
ced49017b1747b55cec9c576da1dc15fa47ce9cd77ec6e0cf27033892e826864
d72759c4570ce2def296db93b2dac4f1d3eed0b6d1cd9829f9d72b4b31a3ab97
dd3544c991134803b697653dbffa19ee05654397f1321d1c1a1af4d43f080b76
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0fc51c3ce70e0dcd3770542f6ad35ac0d69bd647c8fa19ad89029b3d0e85843
e145b1a56b822a1f604021905dc0c661a5447c13a569b6424be2abc8c140b668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e751fd39e89d9cb9f69198b30d68c9018797996636cd9d0e5601c57c0b96c673
ee2549b27550b99dda52cbaddbe38b2bc70d56d815af2f3710746bac7b8d5aa8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a1b829c6cb144922d9e979600e43bcf5b8d1421424883607c7ce779f1531dc
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f4112d6697554780f46c0667deee479db26b018eb1dacef5e91c488e49f29f08
f5d3d46459d4b800b4e20637e3fa2c143ffaba99192ec4523cceb6d3a6738d2f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa72b03513fde4b60302c87fa8b6d88b873283a74d2fd09d6e514d672ff92e10

emma.ca Open in urlscan Pro 34.197.10.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

59 %IPv6

23 Domains

29 Subdomains

29 IPs

1 Countries

1987 kBTransfer

5383 kBSize

17 Cookies

10 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

emma.ca Open in urlscan Pro
34.197.10.15 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

59 %
IPv6

23
Domains

29
Subdomains

29
IPs

1
Countries

1987 kB
Transfer

5383 kB
Size

17
Cookies

62 HTTP transactions
1 data transactions