soumissions.promutuelassurance.ca Open in urlscan Pro
207.236.172.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://soumissions.promutuelassurance.ca/
Effective URL:
https://soumissions.promutuelassurance.ca/html/index.html
Submission: On June 10 via automatic, source certstream-suspicious (June 10th 2020, 12:16:25 pm UTC)

Summary HTTP 33 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 7 countries across 10 domains to perform 33 HTTP transactions. The main IP is 207.236.172.139, located in Canada and belongs to BACOM, CA. The main domain is soumissions.promutuelassurance.ca.
TLS certificate: Issued by Entrust Certification Authority - L1M on July 12th 2018. Valid for: 2 years.

This is the only time soumissions.promutuelassurance.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	207.236.172.139 207.236.172.139	577 (BACOM) (BACOM)
1	35.241.48.88 35.241.48.88	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	147.75.101.5 147.75.101.5	54825 (PACKET) (PACKET)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1 2	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE)
2	147.75.84.31 147.75.84.31	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	52.17.192.34 52.17.192.34	16509 (AMAZON-02) (AMAZON-02)
33	12

16 207.236.172.139 (Canada)

ASN577 (BACOM, CA)

soumissions.promutuelassurance.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.48.88 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 88.48.241.35.bc.googleusercontent.com

ws1.postescanada-canadapost.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.101.5 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.230 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f6.1e100.net

9178054.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.31 (Parsippany, United States)

ASN54825 (PACKET, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.192.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-192-34.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	promutuelassurance.ca soumissions.promutuelassurance.ca	2 MB
5	google-analytics.com 1 redirects www.google-analytics.com	19 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	73 KB
3	doubleclick.net 2 redirects 9178054.fls.doubleclick.net stats.g.doubleclick.net	925 B
2	google.com 1 redirects www.google.com	747 B
2	bing.com bat.bing.com	8 KB
2	googletagmanager.com www.googletagmanager.com	76 KB
1	google.de www.google.de	106 B
1	gstatic.com www.gstatic.com	124 KB
1	postescanada-canadapost.ca ws1.postescanada-canadapost.ca	2 KB
33	10

	Domain	Requested by
16	soumissions.promutuelassurance.ca	soumissions.promutuelassurance.ca
5	www.google-analytics.com	1 redirects soumissions.promutuelassurance.ca www.google-analytics.com
2	9178054.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.com	1 redirects soumissions.promutuelassurance.ca
2	bat.bing.com	soumissions.promutuelassurance.ca
2	www.googletagmanager.com	soumissions.promutuelassurance.ca www.googletagmanager.com
1	in.hotjar.com	script.hotjar.com
1	www.google.de
1	stats.g.doubleclick.net	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	ws1.postescanada-canadapost.ca	soumissions.promutuelassurance.ca
33	14

This site contains links to these domains. Also see Links.

Domain
www.promutuelassurance.ca

Subject Issuer	Validity	Valid
soumissions.promutuelassurance.ca Entrust Certification Authority - L1M	`2018-07-12` - `2020-07-12`	2 years	crt.sh
ws1.postescanada-canadapost.ca Entrust Certification Authority - L1K	`2020-01-28` - `2022-03-28`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.hotjar.com Amazon	`2019-09-27` - `2020-10-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://soumissions.promutuelassurance.ca/html/index.html
Frame ID: DBD41ACBD4E939A85069D25D4FE5E361
Requests: 31 HTTP requests in this frame

Frame: https://9178054.fls.doubleclick.net/activityi;dc_pre=CMnPhfuc9-kCFUW9dwodaykJkw;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.html%2523%252Fauto;~oref=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html
Frame ID: D7169844F8C4CE4B79D46FD12618E5AD
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E9023249BA725BE470AEF03694329DB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://soumissions.promutuelassurance.ca/ Page URL
https://soumissions.promutuelassurance.ca/html/index.html Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

33
Requests

100 %
HTTPS

54 %
IPv6

10
Domains

14
Subdomains

12
IPs

7
Countries

2011 kB
Transfer

9389 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.promutuelassurance.ca/?utm_source=EspaceClient&utm_medium=LogoHeader
Title:

Search URL Search Domain Scan URL

URL: https://www.promutuelassurance.ca/fr/signaler-un-probleme
Title: Signaler un problème

Search URL Search Domain Scan URL

URL: https://www.promutuelassurance.ca/fr/juridique
Title: Notes juridiques

Search URL Search Domain Scan URL

URL: https://www.promutuelassurance.ca/fr/confidentialite-securite
Title: Confidentialité et sécurité

Search URL Search Domain Scan URL

URL: https://www.promutuelassurance.ca/fr/plainte
Title: Processus de plainte

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://soumissions.promutuelassurance.ca/ Page URL
https://soumissions.promutuelassurance.ca/html/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://9178054.fls.doubleclick.net/activityi;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.html%2523%252Fauto;~oref=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html HTTP 302
https://9178054.fls.doubleclick.net/activityi;dc_pre=CMnPhfuc9-kCFUW9dwodaykJkw;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.html%2523%252Fauto;~oref=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html

Request Chain 21

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=280212365&t=pageview&_s=1&dl=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html&dp=%2F&ul=en-us&de=UTF-8&dt=Soumission%20Assurance%20V%C3%A9hicules%20(Auto%2C%20Moto%2C%20VTT%2C%20etc)%20%7C%20Promutuel%20Assurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIR~&jid=2392284&gjid=1477591696&cid=574451168.1591791375&tid=UA-96794920-2&_gid=1950114791.1591791375&_r=1&z=563181058 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96794920-2&cid=574451168.1591791375&jid=2392284&_gid=1950114791.1591791375&gjid=1477591696&_v=j82&z=563181058 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96794920-2&cid=574451168.1591791375&jid=2392284&_v=j82&z=563181058 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96794920-2&cid=574451168.1591791375&jid=2392284&_v=j82&z=563181058&slf_rd=1&random=4004930056

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
soumissions.promutuelassurance.ca/ 176 B
843 B 583ms
120ms Document
text/html 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

cf58979a768e87252cca86d04731eaa5792cdff5a3a7eeaa7f7e69987c9a5c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Host: soumissions.promutuelassurance.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 12:16:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 09 Jun 2020 02:05:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 162
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
Set-Cookie: NSC_tbmu_rvpufboecvz-qse0-ud=ffffffff09fc1e1c45525d5f4f58455e445a4a42378b;expires=Wed, 10-Jun-2020 13:16:08 GMT;path=/;secure;httponly

GET
H/1.1 200
OK Primary Request Cookie set index.html Show response
soumissions.promutuelassurance.ca/html/ 5 KB
2 KB 119ms
119ms Document
text/html 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/html/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

b14e2108c43b36d0056029d17c6420c66af0a07ddeeec119335b18ec8c0cb218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Host: soumissions.promutuelassurance.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://soumissions.promutuelassurance.ca/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/

Response headers

Date: Wed, 10 Jun 2020 12:16:10 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Jun 2020 11:23:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 1744
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
Set-Cookie: NSC_tbmu_rvpufboecvz-qse0-ud=ffffffff09fc1e1f45525d5f4f58455e445a4a42378b;expires=Wed, 10-Jun-2020 13:16:10 GMT;path=/;secure;httponly

GET
H/1.1 200
OK application.css
soumissions.promutuelassurance.ca/styles/css/ 570 KB
68 KB 136ms
134ms Stylesheet
text/css 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/html/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

f70b056021530158dfd0948dab18e717921dbdc9f174d822ef89d0d403f26d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 12:16:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:21:47 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK modules.css
soumissions.promutuelassurance.ca/styles/css/ 73 KB
10 KB 463ms
227ms Stylesheet
text/css 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/css/modules.css?v=1591096943076

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/html/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

66c611e2f00594821a5738b5f01f387bb1569d16ec079654e5963eba73381b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 12:16:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 9279
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:23:25 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H2 200 addresscomplete-2.30.min.css
ws1.postescanada-canadapost.ca/css/ 8 KB
2 KB 141ms
60ms Stylesheet
text/css 35.241.48.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ws1.postescanada-canadapost.ca/css/addresscomplete-2.30.min.css?key=ha87-kx71-mb69-mx75
Requested by: Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/html/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.48.88 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 88.48.241.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5744781007abb7241f40199238019dbb5302998c477bf78f7201f2bf063cfdca

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 12:16:10 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/css;charset=UTF-8
status: 200
cache-control: public
x-robots-tag: noindex
alt-svc: clear
content-length: 2046
via: 1.1 google

GET
H/1.1 200
OK main.js Show response
soumissions.promutuelassurance.ca/js/ 7 MB
926 KB 473ms
237ms Script
application/javascript 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/html/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

da44fe93aa4c18421be123030088eb88c2a09a1df543ef1e5c90ce06ae345d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 12:16:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:23:25 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
44 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5N6BJW

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/html/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79f7180d728dd83ce4c532b4ba03e5ca3dea4c3c32549a790f8935732fe7dccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 12:16:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44439
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jun 2020 12:16:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9178054

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5N6BJW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b448a42ffed470f551ce34f48c3827873980ee14eff64e1261f47e62bda6315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 12:16:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33210
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jun 2020 12:16:10 GMT

GET
H2 200 hotjar-902131.js Show response
static.hotjar.com/c/ 4 KB
2 KB 207ms
110ms Script
application/javascript 147.75.101.5
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-902131.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5N6BJW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.101.5 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress16

Software

Resource Hash

4bbdaf2b4ab806576c89c11024bcd564656d98da29663c9b5f427e09687344a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 12:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
cache-control: max-age=60
etag: W/1b9e0d21efadacbc9d682b7490f3aa22
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.078
section-io-id: 7f6e6c45b8e2d8345ea489b7e48a9592
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 bat.js Show response
bat.bing.com/ 25 KB
8 KB 81ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 12:16:12 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2020 20:59:59 GMT
x-msedge-ref: Ref A: 214D90D82AD449BC98689144D40E11FD Ref B: FRAEDGE1209 Ref C: 2020-06-10T12:16:12Z
status: 200
etag: "80b179766929d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7767

GET
H/1.1 200
OK config.json Show response
soumissions.promutuelassurance.ca/html/resources/ 586 B
1 KB 124ms
121ms XHR
application/json 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/html/resources/config.json

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

e2f49423ab2f90c82507cd6060d55852b300ca532614eea446c661a70409a46d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://soumissions.promutuelassurance.ca/html/index.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 12:16:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 370
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 09 Jun 2020 02:05:26 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H2 204 0
bat.bing.com/action/ 0
148 B 32ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5565343&Ver=2&mid=7ced169c-ac61-5cdf-05d8-db11cfd652b1&sid=3448c2ad-689c-798e-fba6-0304b2fe9a58&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Soumission%20assurance%20auto%20et%20habitation%20%7C%20Promutuel%20Assurance&p=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html&r=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2F&lt=2938&evt=pageLoad&msclkid=N&sv=1&rn=405696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 10 Jun 2020 12:16:12 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 6A4C0B908AF04ED392BB4A71BB7E388E Ref B: FRAEDGE1209 Ref C: 2020-06-10T12:16:13Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5795
date: Wed, 10 Jun 2020 10:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 10 Jun 2020 12:39:38 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 739 B
571 B 28ms
20ms Script
text/javascript 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit&hl=fr

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61d6fcd46fff4d6261406a82a3d7d9ef2e9ab4fb66a9e09f9b21f7f843d171e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 12:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 1; mode=block
expires: Wed, 10 Jun 2020 12:16:13 GMT

GET
H/1.1 200
OK fr.json Show response
soumissions.promutuelassurance.ca/js/i18n/translations/ 288 KB
70 KB 135ms
128ms XHR
application/json 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/js/i18n/translations/fr.json

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

36bf4d2e44fa46c47e38b36cf9bc69e76736edc000ebe05936b88a1d4829088d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 12:16:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:21:48 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2

200

activityi;dc_pre=CMnPhfuc9-kCFUW9dwodaykJkw;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.html%2523%252Fauto;~oref=https%3A%2F%2...
9178054.fls.doubleclick.net/ Frame D716
Redirect Chain

https://9178054.fls.doubleclick.net/activityi;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.html%2523%252Fauto;~oref=https%3A%2F...
https://9178054.fls.doubleclick.net/activityi;dc_pre=CMnPhfuc9-kCFUW9dwodaykJkw;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.ht...

0
0

44ms
28ms

Document
text/html

216.58.205.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9178054.fls.doubleclick.net/activityi;dc_pre=CMnPhfuc9-kCFUW9dwodaykJkw;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.html%2523%252Fauto;~oref=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9178054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9178054.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMnPhfuc9-kCFUW9dwodaykJkw;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.html%2523%252Fauto;~oref=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://soumissions.promutuelassurance.ca/html/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 10 Jun 2020 12:16:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 420
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 10-Jun-2020 12:31:13 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 10 Jun 2020 12:16:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9178054.fls.doubleclick.net/activityi;dc_pre=CMnPhfuc9-kCFUW9dwodaykJkw;src=9178054;type=remar0;cat=qab_g0;ord=5316054522110;gtm=2od5r0;auiddc=734411969.1591791370;u1=%252Fhtml%252Findex.html%2523%252Fauto;~oref=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ProximaNova-Reg-webfont.woff
soumissions.promutuelassurance.ca/styles/fonts/proximanova_regular_french/ 18 KB
19 KB 157ms
119ms Font
application/font-woff 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/fonts/proximanova_regular_french/ProximaNova-Reg-webfont.woff

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

e8abef2189b65e7987cea1a63dbd0e4ad80e02e48675f3b26a6361124fd1e128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076
Origin: https://soumissions.promutuelassurance.ca

Response headers

Date: Wed, 10 Jun 2020 12:16:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 18329
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:18:45 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H2 200 modules.518a8356b69e9f23bc56.js Show response
script.hotjar.com/ 369 KB
70 KB 135ms
31ms Script
application/javascript 147.75.84.31
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.518a8356b69e9f23bc56.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-902131.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.31 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: /
Resource Hash: b00a4cb07775db4ee42a5cce5dc53a0bc44ca72390f3f575a234eadf711857bb

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 12:16:15 GMT
content-encoding: br
age: 12872
status: 200
section-io-cache: Hit
content-length: 71495
last-modified: Wed, 10 Jun 2020 08:38:48 GMT
etag: "766dcacbfa0addc2b250b45e6a39711a"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.132
section-io-id: c8469bd92077b91f729ec2bb2622d54a
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
827 B 8ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 11:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1918
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Wed, 10 Jun 2020 12:44:16 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/ 314 KB
124 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit&hl=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b95926c17f2fe0870080e5ef81005b9c4ae6e32f68ffe6058d7daf5535011c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 16:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jun 2020 19:45:58 GMT
server: sffe
age: 156541
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126341
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:47:13 GMT

GET
H/1.1 200
OK angular-locale_fr-ca.js Show response
soumissions.promutuelassurance.ca/node_modules/angular-i18n/ 2 KB
1 KB 118ms
118ms Script
application/javascript 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/node_modules/angular-i18n/angular-locale_fr-ca.js

Requested by

Host: soumissions.promutuelassurance.ca
URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

ddf35f8d385550145250aaa414d5d28b6ddf9fd8a83708b6805316945caff4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 12:16:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 821
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Fri, 16 Dec 2016 10:47:06 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame E902 0
0 99ms
33ms Document
text/html 147.75.84.31
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-902131.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.31 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://soumissions.promutuelassurance.ca/html/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/html/index.html

Response headers

status: 200
date: Wed, 10 Jun 2020 12:16:15 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 03 Jun 2020 11:24:24 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.120
section-origin-responded: true
age: 549340
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 3c32796cd0489dfa5f90c5543023fb32

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=280212365&t=pageview&_s=1&dl=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html&dp=%2F&ul=en-us&de=UTF-8&dt=Soumission%20Ass...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96794920-2&cid=574451168.1591791375&jid=2392284&_gid=1950114791.1591791375&gjid=1477591696&_v=j82&z=563181058
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96794920-2&cid=574451168.1591791375&jid=2392284&_v=j82&z=563181058
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96794920-2&cid=574451168.1591791375&jid=2392284&_v=j82&z=563181058&slf_rd=1&random=4004930056

42 B
106 B

21ms
21ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96794920-2&cid=574451168.1591791375&jid=2392284&_v=j82&z=563181058&slf_rd=1&random=4004930056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 12:16:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jun 2020 12:16:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96794920-2&cid=574451168.1591791375&jid=2392284&_v=j82&z=563181058&slf_rd=1&random=4004930056
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 15ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=280212365&t=pageview&_s=2&dl=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html&dp=%2Fquoteentry%2FPersonalAuto&ul=en-us&de=UTF-8&dt=Soumission%20Assurance%20V%C3%A9hicules%20(Auto%2C%20Moto%2C%20VTT%2C%20etc)%20%7C%20Promutuel%20Assurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIR~&jid=&gjid=&cid=574451168.1591791375&tid=UA-96794920-2&_gid=1950114791.1591791375&z=536505765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 May 2020 07:58:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2175478
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
97 B 13ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=280212365&t=pageview&_s=3&dl=https%3A%2F%2Fsoumissions.promutuelassurance.ca%2Fhtml%2Findex.html&dp=%2Fvirtual%2FSA%2Fidentification%2F&ul=en-us&de=UTF-8&dt=Soumission%20Vehicule%20-%20Identification&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIR~&jid=&gjid=&cid=574451168.1591791375&tid=UA-96794920-2&_gid=1950114791.1591791375&z=1221409991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 May 2020 07:58:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2175478
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bg-promutuel.jpg
soumissions.promutuelassurance.ca/styles/images/ 454 KB
440 KB 120ms
120ms Image
image/jpeg 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://soumissions.promutuelassurance.ca/styles/images/bg-promutuel.jpg?v=340800206685626

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

bf6760acddb62abb2033cdfca4f0b87a8a1f373879fa39ec70d63d58f82f59f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 12:16:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:18:45 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK ProximaNova-Bold-webfont.woff
soumissions.promutuelassurance.ca/styles/fonts/proximanova_bold_french/ 18 KB
19 KB 125ms
124ms Font
application/font-woff 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/fonts/proximanova_bold_french/ProximaNova-Bold-webfont.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

58fb825d7feae29d43b52946b59da4f8388718300685d4d6fd13e2b9462189c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076
Origin: https://soumissions.promutuelassurance.ca

Response headers

Date: Wed, 10 Jun 2020 12:16:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 18392
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:18:45 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK ProximaNova-Xbold-webfont.woff
soumissions.promutuelassurance.ca/styles/fonts/proximanova_extrabold_french/ 18 KB
18 KB 473ms
465ms Font
application/font-woff 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/fonts/proximanova_extrabold_french/ProximaNova-Xbold-webfont.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

81923501f264a19786d70d5644dc60ef89e09ab0107a0280317352d472bf3b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076
Origin: https://soumissions.promutuelassurance.ca

Response headers

Date: Wed, 10 Jun 2020 12:16:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 17886
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:18:45 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK fontawesome-webfont.woff2
soumissions.promutuelassurance.ca/styles/fonts/ 70 KB
71 KB 384ms
157ms Font
text/plain 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/fonts/fontawesome-webfont.woff2?v=4.6.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076
Origin: https://soumissions.promutuelassurance.ca

Response headers

Date: Wed, 10 Jun 2020 12:16:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 May 2016 07:43:19 GMT
Server: Apache
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Frame-Options: deny
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK promutuel-icons-oel.woff
soumissions.promutuelassurance.ca/styles/fonts/promutuel_icons/fonts/ 24 KB
24 KB 574ms
332ms Font
application/font-woff 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/fonts/promutuel_icons/fonts/promutuel-icons-oel.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

f9afe1c53bf346e0d4936462358e0d85a355edcb66b26340a8e2c41d69c363ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076
Origin: https://soumissions.promutuelassurance.ca

Response headers

Date: Wed, 10 Jun 2020 12:16:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 24386
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:18:45 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK ProximaNova-RegIt-webfont.woff
soumissions.promutuelassurance.ca/styles/fonts/proximanova_italic_french/ 19 KB
20 KB 489ms
247ms Font
application/font-woff 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/fonts/proximanova_italic_french/ProximaNova-RegIt-webfont.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

7cb0cf704aa3ccb728ba2f279d5a34a9eb5004b115bb1190866f1a6cff6d4b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076
Origin: https://soumissions.promutuelassurance.ca

Response headers

Date: Wed, 10 Jun 2020 12:16:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 19816
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:18:45 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK ProximaNova-Black-webfont.woff
soumissions.promutuelassurance.ca/styles/fonts/proximanova_black_french/ 17 KB
17 KB 489ms
248ms Font
application/font-woff 207.236.172.139
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://soumissions.promutuelassurance.ca/styles/fonts/proximanova_black_french/ProximaNova-Black-webfont.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.236.172.139 , Canada, ASN577 (BACOM, CA),

Reverse DNS

Software

Apache /

Resource Hash

abf70706afa5b04b04aac829e10d7ac20434c207fc2743947061dd19c08e78e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soumissions.promutuelassurance.ca/styles/css/application.css?v=1591096943076
Origin: https://soumissions.promutuelassurance.ca

Response headers

Date: Wed, 10 Jun 2020 12:16:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 17180
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Last-Modified: Tue, 02 Jun 2020 11:18:45 GMT
Server: Apache
X-Frame-Options: deny
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/902131/ 178 B
320 B 147ms
53ms XHR
application/json 52.17.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/902131/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.518a8356b69e9f23bc56.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.192.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-192-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://soumissions.promutuelassurance.ca/html/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 10 Jun 2020 12:16:16 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			soumissions.promutuelassurance.ca/	1970-01-19 10:09:54	Name: NSC_tbmu_rvpufboecvz-qse0-ud Value: ffffffff09fc1e1c45525d5f4f58455e445a4a42378b
			.promutuelassurance.ca/	1970-01-19 10:11:17	Name: _uetsid Value: 3448c2ad-689c-798e-fba6-0304b2fe9a58

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076(Line 49) Message: Sat Jun 10 1995 00:00:00 GMT+0200 (Central European Summer Time) Sat Jun 10 1995 00:00:00 GMT+0200 (Central European Summer Time) [object Object]
console-api	log	URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076(Line 49) Message: Wed Jun 10 2020 00:00:00 GMT+0200 (Central European Summer Time) Wed Jun 10 2020 00:00:00 GMT+0200 (Central European Summer Time) [object Object]
console-api	warning	URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076(Line 48) Message: Translation for typekey.RoofType.Dôme doesn't exist
console-api	warning	URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076(Line 48) Message: Translation for typekey.RoofType.Dôme doesn't exist
console-api	warning	URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076(Line 48) Message: Translation for custom.meta.baseQnbWizard.title doesn't exist
console-api	warning	URL: https://soumissions.promutuelassurance.ca/js/main.js?v=1591096943076(Line 48) Message: Translation for custom.meta.quoteentry.title doesn't exist
console-api	log	URL: https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__fr.js(Line 128) Message: reCAPTCHA couldn't find user-provided function: vcRecaptchaApiLoaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9178054.fls.doubleclick.net
bat.bing.com
in.hotjar.com
script.hotjar.com
soumissions.promutuelassurance.ca
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
ws1.postescanada-canadapost.ca
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
147.75.101.5
147.75.84.31
207.236.172.139
216.58.205.230
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:815::2004
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9a
35.241.48.88
52.17.192.34
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
36bf4d2e44fa46c47e38b36cf9bc69e76736edc000ebe05936b88a1d4829088d
4bbdaf2b4ab806576c89c11024bcd564656d98da29663c9b5f427e09687344a6
5744781007abb7241f40199238019dbb5302998c477bf78f7201f2bf063cfdca
58fb825d7feae29d43b52946b59da4f8388718300685d4d6fd13e2b9462189c1
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
61d6fcd46fff4d6261406a82a3d7d9ef2e9ab4fb66a9e09f9b21f7f843d171e6
66c611e2f00594821a5738b5f01f387bb1569d16ec079654e5963eba73381b28
78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c
79f7180d728dd83ce4c532b4ba03e5ca3dea4c3c32549a790f8935732fe7dccc
7cb0cf704aa3ccb728ba2f279d5a34a9eb5004b115bb1190866f1a6cff6d4b3b
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
81923501f264a19786d70d5644dc60ef89e09ab0107a0280317352d472bf3b0b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
9b448a42ffed470f551ce34f48c3827873980ee14eff64e1261f47e62bda6315
abf70706afa5b04b04aac829e10d7ac20434c207fc2743947061dd19c08e78e1
b00a4cb07775db4ee42a5cce5dc53a0bc44ca72390f3f575a234eadf711857bb
b14e2108c43b36d0056029d17c6420c66af0a07ddeeec119335b18ec8c0cb218
b7b95926c17f2fe0870080e5ef81005b9c4ae6e32f68ffe6058d7daf5535011c
bf6760acddb62abb2033cdfca4f0b87a8a1f373879fa39ec70d63d58f82f59f7
cf58979a768e87252cca86d04731eaa5792cdff5a3a7eeaa7f7e69987c9a5c2a
da44fe93aa4c18421be123030088eb88c2a09a1df543ef1e5c90ce06ae345d65
ddf35f8d385550145250aaa414d5d28b6ddf9fd8a83708b6805316945caff4a5
e2f49423ab2f90c82507cd6060d55852b300ca532614eea446c661a70409a46d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8abef2189b65e7987cea1a63dbd0e4ad80e02e48675f3b26a6361124fd1e128
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70b056021530158dfd0948dab18e717921dbdc9f174d822ef89d0d403f26d29
f9afe1c53bf346e0d4936462358e0d85a355edcb66b26340a8e2c41d69c363ed

soumissions.promutuelassurance.ca Open in urlscan Pro 207.236.172.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

54 %IPv6

10 Domains

14 Subdomains

12 IPs

7 Countries

2011 kBTransfer

9389 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

soumissions.promutuelassurance.ca Open in urlscan Pro
207.236.172.139 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

54 %
IPv6

10
Domains

14
Subdomains

12
IPs

7
Countries

2011 kB
Transfer

9389 kB
Size

2
Cookies

33 HTTP transactions
0 data transactions