urlscan.io logo urlscan.io
SecurityTrails logo

www.avantages.ca Open in urlscan Pro
13.226.34.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.avantages.ca//
Effective URL: https://www.avantages.ca/
Submission: On August 19 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 14 domains to perform 72 HTTP transactions. The main IP is 13.226.34.49, located in United States and belongs to AMAZON-02, US. The main domain is www.avantages.ca.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 9th 2024. Valid for: a year.
This is the only time www.avantages.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

40    13.226.34.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-49.ewr53.r.cloudfront.net
www.avantages.ca
3    151.101.194.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
rdc.m32.media
1    142.250.65.164 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f4.1e100.net
www.google.com
2    52.92.210.144 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3.us-west-2.amazonaws.com
1    208.91.248.5 (Canada)

ASN46095 (RSI-CA-SITE1, CA)
PTR: smtp.repsolution.com
t.ofsys.com
2    2600:9000:2510:a00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
4    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    52.201.86.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-86-253.compute-1.amazonaws.com
mia-placement-server.rubiconproject.com
5    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.164.96.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-127.jfk50.r.cloudfront.net
sdk.privacy-center.org
1    44.210.222.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-222-161.compute-1.amazonaws.com
sync.springserve.com
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.176.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net
www.google.ca
1    44.213.189.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-189-213.compute-1.amazonaws.com
tv.springserve.com
Apex Domain
Subdomains		 Transfer
40 avantages.ca
www.avantages.ca
4 MB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
326 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
3 rubiconproject.com
mia-placement-server.rubiconproject.com — Cisco Umbrella Rank: 78310
1 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
181 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4906
150 KB
3 m32.media
rdc.m32.media — Cisco Umbrella Rank: 237567
27 KB
2 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 4818
tv.springserve.com — Cisco Umbrella Rank: 6137
652 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
182 KB
2 amazonaws.com
s3.us-west-2.amazonaws.com
38 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
analytics.google.com — Cisco Umbrella Rank: 238
962 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
63 B
1 ofsys.com
t.ofsys.com — Cisco Umbrella Rank: 425191
43 KB
0 freeskreen.com Failed
static.freeskreen.com Failed
72 14
Domain Requested by
40 www.avantages.ca 1 redirects www.avantages.ca
5 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com www.avantages.ca
3 mia-placement-server.rubiconproject.com s3.us-west-2.amazonaws.com
3 sdk.privacy-center.org www.avantages.ca
sdk.privacy-center.org
3 rdc.m32.media www.avantages.ca
rdc.m32.media
2 www.googletagmanager.com www.avantages.ca
www.googletagmanager.com
2 securepubads.g.doubleclick.net rdc.m32.media
securepubads.g.doubleclick.net
2 s3.us-west-2.amazonaws.com www.avantages.ca
s3.us-west-2.amazonaws.com
1 tv.springserve.com s3.us-west-2.amazonaws.com
1 www.google.ca www.avantages.ca
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 sync.springserve.com s3.us-west-2.amazonaws.com
1 www.gstatic.com www.google.com
1 t.ofsys.com www.avantages.ca
1 www.google.com www.avantages.ca
0 static.freeskreen.com Failed s3.us-west-2.amazonaws.com
72 18
Subject Issuer Validity Valid
avatar.tcmediasaffaires.com
Amazon RSA 2048 M02		 2024-01-09 -
2025-02-06		 a year crt.sh
*.m32.media
Sectigo RSA Domain Validation Secure Server CA		 2023-11-20 -
2024-11-22		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-07-15 -
2025-07-08		 a year crt.sh
t.ofsys.com
RapidSSL TLS RSA CA G1		 2024-04-03 -
2025-04-06		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M03		 2024-03-10 -
2025-04-07		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.springserve.com
Amazon RSA 2048 M02		 2023-08-02 -
2024-08-30		 a year crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.avantages.ca/
Frame ID: 153BB844153DA1192CC0B5E594ECBB8B
Requests: 71 HTTP requests in this frame

Frame: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/passbacks/standard.js
Frame ID: E15FD56704B486C09FD66A70A146D015
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Accueil | Avantages

Page URL History Show full URLs

  1. http://www.avantages.ca// HTTP 307
    https://www.avantages.ca// HTTP 301
    https://www.avantages.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

72
Requests

99 %
HTTPS

39 %
IPv6

14
Domains

18
Subdomains

19
IPs

2
Countries

4796 kB
Transfer

7197 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.avantages.ca// HTTP 307
    https://www.avantages.ca// HTTP 301
    https://www.avantages.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.avantages.ca/
Redirect Chain
  • http://www.avantages.ca//
  • https://www.avantages.ca//
  • https://www.avantages.ca/
79 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 / PHP/7.1.33
Resource Hash
69c774000f3b9687d908e404cf722daa8d85568a5bd842e45c6b044a1e63e08c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
max-age=0
content-encoding
gzip
content-length
14215
content-type
text/html; charset=UTF-8
date
Mon, 19 Aug 2024 22:50:31 GMT
expires
Mon, 19 Aug 2024 22:50:30 GMT
link
<https://www.avantages.ca/wp-json/>; rel="https://api.w.org/" <https://www.avantages.ca/>; rel=shortlink
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-id
LC1MN6XfecLQCWbpDNUUT4vSAKJ1zJdjo3yvnDNLsCYPSqpvazr49g==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
x-powered-by
PHP/7.1.33

Redirect headers

access-control-allow-origin
*
cache-control
max-age=3600
content-length
1
content-type
text/html; charset=UTF-8
date
Mon, 19 Aug 2024 22:50:30 GMT
expires
Mon, 19 Aug 2024 23:50:30 GMT
location
https://www.avantages.ca/
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-id
UxlrKGSD-2Ew0S-7A4SEeP-kP080Isg0LzPt11x1vqeNdMc1OAc9pA==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
x-powered-by
PHP/7.1.33
madops.min.js
rdc.m32.media/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdc.m32.media/madops.min.js
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
93df24806614fab027c094f3c77a7630279f179a649eb98842e68775e756372f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:31 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
age
52624
x-guploader-uploadid
AHxI1nNjEUUS1bZcjXdYyX4f7puw3aNg9AZQwALv7m3ZWt8yLJgU4bxEsAW4t7ok5_WtNGsIi91PwCWPeQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
18594
x-served-by
cache-yul1970037-YUL
last-modified
Tue, 13 Aug 2024 23:44:22 GMT
server
UploadServer
x-timer
S1724107832.607402,VS0,VE0
etag
"01d8adab7f2b4f0146acbdae6a547e3d"
vary
Accept-Encoding
x-goog-hash
crc32c=AwoNag==, md5=Aditq38rTwFGrL2ualR+PQ==
x-goog-generation
1723592662341705
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=600
x-goog-stored-content-length
67476
x-amz-checksum-crc32c
AwoNag==
accept-ranges
bytes
x-cache-hits
33884
m32pixel.min.js
rdc.m32.media/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdc.m32.media/m32pixel.min.js
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
22de6e4042c182513a5612e20d9c7f41c6ef8b7829912a4eab0895dd3dea05a6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:31 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
age
52006
x-guploader-uploadid
AHxI1nM7eYyOz-eB9CZVEO46l7miQ7NnGVrQldpgLvk8gh_l4r1MDeVZii9AB2DyncJ-5fVeWig
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
6546
x-served-by
cache-yul1970037-YUL
last-modified
Wed, 03 Apr 2024 04:29:51 GMT
server
UploadServer
x-timer
S1724107832.607373,VS0,VE0
etag
"7856c307df29103401712780527c73b7"
vary
Accept-Encoding
x-goog-hash
crc32c=7Sb3Xw==, md5=eFbDB98pEDQBcSeAUnxztw==
x-goog-generation
1712118591447468
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=600
x-goog-stored-content-length
21764
x-amz-checksum-crc32c
7Sb3Xw==
accept-ranges
bytes
x-cache-hits
15323
vendors.min.css
www.avantages.ca/wp-content/themes/avatar-tcm/assets/css/ 		163 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-content/themes/avatar-tcm/assets/css/vendors.min.css?ver=1.0.2
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
f3bafeec8fcfc573f5d00aabea95008696875dd6e87f34048b14eb2cba853d72

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 02:52:19 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
71891
x-cache
Hit from cloudfront
content-length
29472
last-modified
Wed, 07 Feb 2024 21:03:04 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
Fe2jDdPs9aeO8G_o80sD_VCKxtxfhqRwBvFTbp2RgW_6-Vs4rwq_Pw==
expires
Tue, 19 Aug 2025 02:52:19 GMT
style.css
www.avantages.ca/wp-content/themes/avatar-tcm/ 		532 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-content/themes/avatar-tcm/style.css?ver=2.2
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
07ff015d1a1147e70fdc0f24cbc4077a8094d902309544eddc6722e462b6e853

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 02:52:20 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Wed, 07 Feb 2024 21:03:04 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
x-amz-cf-pop
EWR53-C2
age
71891
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
PFXcAPpq7PK5_3IMVbKZWa920XGylv4YXRSGjO-DEmL48il4RNgrZQ==
expires
Tue, 19 Aug 2025 02:52:19 GMT
style.css
www.avantages.ca/wp-content/themes/avatar-av/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-content/themes/avatar-av/style.css?ver=1.1.7
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
5b86619602a928278fd3626bbe554eae0ee3fef1ea71a4a6169d292e3843841d

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 02:52:19 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
71892
x-cache
Hit from cloudfront
content-length
926
last-modified
Wed, 07 Feb 2024 21:03:04 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
g8bb7l-1qTR_ZAJm-9FKWMeHVDRyR9nrYtdP3ERtXT_GtCQz21kSVQ==
expires
Tue, 19 Aug 2025 02:52:19 GMT
jquery.js
www.avantages.ca/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 02:52:19 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
71892
x-cache
Hit from cloudfront
content-length
33766
last-modified
Mon, 23 May 2016 09:00:29 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
dOZw4xe26t8mJJosHpjL6uQ23kwSpykPUPkEnro9ZQQI_lVJNrjciQ==
expires
Wed, 18 Sep 2024 02:52:19 GMT
jquery-migrate.min.js
www.avantages.ca/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 02:52:19 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
71892
x-cache
Hit from cloudfront
content-length
4014
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
laeKtncCNN9Sh1gGEL7YyLydS49LXG3SZGTYm0U8IeNkc1VlQjmwGA==
expires
Wed, 18 Sep 2024 02:52:19 GMT
api.js
www.google.com/recaptcha/ 		1 KB
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f4.1e100.net
Software
GSE /
Resource Hash
70925c4bda48e2ae325950aab67fe70a75dc2984b9e4f5844f4858c5adf6ef2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 19 Aug 2024 22:50:32 GMT
pub.js
s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.92.210.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6179df96d14a7d4945c4ced9cda689b950e7ef36936034650a80f1f9bda3d9b6

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 22:50:32 GMT
Last-Modified
Tue, 06 Aug 2024 15:08:40 GMT
Server
AmazonS3
x-amz-request-id
R6N347VA53MH2RRV
ETag
"80741307ab89ca0d3172aa2af0659398"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
37759
x-amz-id-2
+XDY1GZJCTJjMP/FuS9O40+ySDTV7xPMHhdduWdof5dnlbfF0MwvtSci9LKVdNbNBhby/iSuZ64=
avantages_rouge-01.svg
www.avantages.ca/wp-content/uploads/sites/6/2018/09/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2018/09/avantages_rouge-01.svg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88d6a0c187b938417cde43806ff2468c2b85a00633f2f03dccbe96c4fd05b6c8

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
date
Mon, 19 Aug 2024 22:50:32 GMT
last-modified
Mon, 26 Nov 2018 22:55:53 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
etag
W/"07dc8b7d22f7fd9bbf62efc5d8ae3a89"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
5FsaePndntzip8NQTk47N58iIQ_-VyauogYREYiUHubzpVD7QiqeVw==
L%E2%80%99union-fait-la-force.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/06/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/06/L%E2%80%99union-fait-la-force.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb31372db14820f8fbfd2880acd0c62c6f435dd9c456c1b138541e9bbf4cd55a

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:30:23 GMT
x-amz-version-id
aP0xYlWFVEBx0nEJNQG.3nf9iihg5p6r
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
548409
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
110300
last-modified
Thu, 20 Jun 2024 19:33:47 GMT
server
AmazonS3
etag
"af07c0660576aec24be21bc934c6386a"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pPii7Zb3crNkHcR2DTz_hIwqbjmIqxJh7a6qRmJoY9YGQoxh9m8t6w==
expires
Fri, 20 Jun 2025 19:33:46 GMT
medicaments.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/08/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/08/medicaments.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8581831a1d8daefaac521fc8ef155877a4dfb6e9f7c4c74eb2b139deea97bef6

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
.7rqDZfw_RX5k2c23G19Vnx8Mcns_Ai8
date
Mon, 19 Aug 2024 21:39:45 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7224
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
168422
last-modified
Mon, 12 Aug 2024 20:43:07 GMT
server
AmazonS3
etag
"33971c261aab04e91db5f4e283b4eaf9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NpHMIgI3YRmZmiw2TzOZIEd446iBgOdLa8nvPhFVZ502a30112WLUw==
expires
Tue, 12 Aug 2025 20:43:06 GMT
calculatrice_decourage_stress.jpg
www.avantages.ca/wp-content/uploads/sites/6/2020/04/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2020/04/calculatrice_decourage_stress.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab647ce01f31f5cd2149376aae4357022c02eb607ff1b32b26b29457abcd4e2f

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 12:45:59 GMT
x-amz-version-id
JYZF0NKd.b4vsHZb.idrAKbIJK54xYxV
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 06 Apr 2020 19:45:28 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
381873
etag
"91b7aaa70e19d35ac560da647bc3fabf"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
230090
x-amz-cf-id
LEvuWVfmrbTM3t88k23UWFYbE4iIhNiad6GnXmG-QIhZp1wnCd-uQA==
expires
Tue, 06 Apr 2021 19:45:27 GMT
therapie_physio.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/08/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/08/therapie_physio.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e2d31c4405de635093bfba0133a01ce8e1f0bc284d944290f8e334ebfd3c688

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6qRfYBha_1RI26JbpEc2uq3.khqu2Dx2
date
Mon, 19 Aug 2024 15:23:56 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
26796
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
150096
last-modified
Mon, 12 Aug 2024 15:10:39 GMT
server
AmazonS3
etag
"c57121beee17bd6c7caa28da3ec3772d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
YAzpAedluIpIWeb6jvI4AqtNcBRluNGM8hQOI_xyBpfoixHRkfMnYg==
expires
Tue, 12 Aug 2025 15:10:38 GMT
caisse.jpg
www.avantages.ca/wp-content/uploads/sites/6/2019/10/ 		379 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2019/10/caisse.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e7c825125796f9dc12b044f40fa98fb671a08a9f7874d148ba0aa90cf82e47b

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:00:53 GMT
x-amz-version-id
null
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Wed, 30 Oct 2019 19:02:23 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
550180
etag
"1921c5dead5a788f1694e3baee53ccbd"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
388282
x-amz-cf-id
QL0J5yZF_ZTvesUpyOCJw8xahFs2OfOKfCjNtg_iDWnQxCg06OkeNg==
expires
Thu, 29 Oct 2020 19:02:22 GMT
Canada-retraite-250x188.jpg
www.avantages.ca/wp-content/uploads/sites/6/2018/11/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2018/11/Canada-retraite-250x188.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da09b0fd2505543cab0e1e8cc01f87ad4f87540a45b68eca331672825f6e0d4e

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 19 Aug 2024 12:45:30 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Nov 2018 22:56:02 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
36303
etag
"084b369e68adff58323a3b863e04e7e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
6095
x-amz-cf-id
879B0ngldIe53CuzGIwWjz4B9mwapuLSK9wsOEaGGHQmfgiEdi_H-g==
exercice_physique_sport_bureau.jpg
www.avantages.ca/wp-content/uploads/sites/6/2021/01/ 		347 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2021/01/exercice_physique_sport_bureau.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9815ce712113c5278031f59788c3a3dfcafeaf51975e695f4130d056331c8af8

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 21:27:26 GMT
x-amz-version-id
EneKOCcXCjFg0z23zNeP0QCyZS12walJ
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 21:15:07 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
264187
etag
"356a4fb2685385839ac5f91f4dbddebe"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
355626
x-amz-cf-id
XMwsG82bTJ-zHmlSFJsq8-vBsBLCjUYIvFaug4M7ftCG_aNA0hpxcg==
expires
Tue, 18 Jan 2022 21:15:06 GMT
telemedecine_soins_virtuels.jpg
www.avantages.ca/wp-content/uploads/sites/6/2021/03/ 		436 KB
437 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2021/03/telemedecine_soins_virtuels.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2beeea8d6626aaaec6f6e1db21236fea3438472442dcdc588092e238c98f425

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
54mauuMB3mRST730oNY.20XtNd2pemby
date
Mon, 19 Aug 2024 11:51:51 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
39522
x-cache
Hit from cloudfront
content-length
446065
last-modified
Wed, 31 Mar 2021 19:40:15 GMT
server
AmazonS3
etag
"60e0e9660a59c3ae57c3b3f050ba428a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rQ2-ny6ZVBsxp9-vtO6OQt81I6jkZbOKeb2MnlcRgkU9t1wHz0UDaA==
expires
Thu, 31 Mar 2022 19:40:14 GMT
age_vieux.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/08/ 		429 KB
430 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/08/age_vieux.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b03418f642887d336a97dd04d9b615379e95528698b9143d4c2dc212fc83671

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
byxoe0tghkrqCS2d2SjGi_29kZ7aRyDx
date
Mon, 19 Aug 2024 22:50:32 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7225
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
439787
last-modified
Mon, 12 Aug 2024 20:34:05 GMT
server
AmazonS3
etag
"e5515319f2ba2efdb8b302fd64c00b70"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zFeRAtir5tGFcljDLpxaxIT9g0khgkyTUySE7WCn_sKKRe7WrrsQBA==
expires
Tue, 12 Aug 2025 20:34:04 GMT
41753020_custom-250x188.jpg
www.avantages.ca/wp-content/uploads/sites/6/2010/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2010/11/41753020_custom-250x188.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6e8726ef10ffe8379f7ea273bd7d18a0718edb56fb188c268e0eb9d9942c80f

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 13:05:40 GMT
x-amz-version-id
null
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Nov 2018 22:54:52 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
35093
etag
"596a6bbe5c5b45efda3f9f937b4e112d"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
9874
x-amz-cf-id
a2xIsc6XpPfP8rcywEOmtD2Y9HTLQgLv2J0VNNl0fiy9dEQTNCV5fg==
sante_femmes-menopause.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/08/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/08/sante_femmes-menopause.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fccc3184f99513a7dcb9773de97a860681430f2e913fa8b55197bee40388a530

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 13:28:23 GMT
x-amz-version-id
pRE9xYFOsZ.zdC8TJBwO87GBFtQ20dEO
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
379330
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
171159
last-modified
Wed, 07 Aug 2024 18:07:39 GMT
server
AmazonS3
etag
"16624fbdaf9c265ce40857145cfd739a"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xdnDN7p6m2ZMDPt0Ecdt7xC79t7CnvqRAw5--zoWv5Ys5-Y9EMaUZg==
expires
Thu, 07 Aug 2025 18:07:38 GMT
conseiller_financier.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/05/ 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/05/conseiller_financier.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
778cab4ab276563c8ff1588fa7cd9171b79d4035b3ffa5e1cda1b4f15bedf571

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:12:34 GMT
x-amz-version-id
11Ce_gCZeMxO0RRAqj_p50nzxXowSj1D
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
272279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
217575
last-modified
Mon, 13 May 2024 21:21:20 GMT
server
AmazonS3
etag
"8e3317c336de1c10871626905e696756"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rRA101f7uXQcoyh_bWxnbEC7CmnCAlSS1ZKcrOdFLHBO9k9qIHv-VA==
expires
Tue, 13 May 2025 21:21:19 GMT
insomnie.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/08/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/08/insomnie.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c43aa0ae011b5504153bb9af8579218f27f6ecd70aeffe8587797e3a60bae65a

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6hXFJXV98g5pkV4SnhX441VEv0lLPBs3
date
Mon, 19 Aug 2024 14:24:42 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
30351
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
303465
last-modified
Wed, 07 Aug 2024 18:23:15 GMT
server
AmazonS3
etag
"d0ec0bf8cf7658e28a26742870d08efe"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FjehFZOiO-KWKoC4BvWMQLor-ba3qFhOuKLbT17so4En4YJqmZqQ1w==
expires
Thu, 07 Aug 2025 18:23:14 GMT
223444451_presentation_normal_none.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/08/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/08/223444451_presentation_normal_none.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b6cdf23c46bfab912551fae15dc37a3b8a7cf00c413856d10a3475f33450992

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
u_DewL9.F_fxUUrY58HFvTWx_9_nExGq
date
Mon, 19 Aug 2024 14:24:42 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
30351
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
100851
last-modified
Tue, 06 Aug 2024 10:10:46 GMT
server
AmazonS3
etag
"4254014b67d27f0d85ee740160699781"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7C5RRSUJ-XiBiZuX43FzsZ2IDVmpXe_QObMXWi8dWpZdPU8sSZSi9A==
expires
Wed, 06 Aug 2025 10:10:45 GMT
soins_dentaires.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/08/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/08/soins_dentaires.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d9be758f1c74ee4abb3d11a05479b1075d437f9b6866fe1d35999ee294cd74d

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 14:01:08 GMT
x-amz-version-id
e6XHus.elvigr9Xh7Up1snUx30QjGh77
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
377365
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
152321
last-modified
Wed, 07 Aug 2024 18:15:25 GMT
server
AmazonS3
etag
"8332588e724d8545f786892ab07dee96"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6k2obAGTxidiZAfq3X8J3DhmvV8_9GUyVN4wkvTBGoChRaHzaI5Ntw==
expires
Thu, 07 Aug 2025 18:15:24 GMT
benefits-in-action-homepage-widget-french.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/06/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/06/benefits-in-action-homepage-widget-french.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cf60845b78ad8ae403d6e2ba267543c33778aa11de90515345a7b91eb900183

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 12:49:45 GMT
x-amz-version-id
spjb4_.coBx1VnpFRMN.8cCYEGFhKFsB
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
381648
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23629
last-modified
Fri, 21 Jun 2024 18:38:56 GMT
server
AmazonS3
etag
"70d598c08d2ddf7c9892b267cdd23ef3"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0N6TwJWFDMySSG2Xp_XQ-tLS2RetKR2cqLbFe1k9QLfOMBL45kW5Yg==
expires
Sat, 21 Jun 2025 18:38:55 GMT
BCHS-Web-HomepageWidget-345x150-2024-FRE.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/06/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/06/BCHS-Web-HomepageWidget-345x150-2024-FRE.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf60363909feb0ff7f80c65a239e6821f232f6e57e9aeb02ab9c462855823bbb

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
nywq0gP8H4vK1ytrrlaqSM6rWG__hsdX
date
Mon, 19 Aug 2024 11:12:00 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
49407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
40195
last-modified
Fri, 28 Jun 2024 14:37:51 GMT
server
AmazonS3
etag
"d05998e5202cf7f7927a3fcb3a970267"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
EQ2uNu1QoWoClgza5E5fKJHPBnVaeqyCePYX1AKj4lEjGM5Rysm8FA==
expires
Sat, 28 Jun 2025 14:37:50 GMT
2023-FOW-homepage-widget-FR.jpg
www.avantages.ca/wp-content/uploads/sites/6/2023/11/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2023/11/2023-FOW-homepage-widget-FR.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3510081aa1974e469430461b0027e8f1414d46010d9bc66778d200a86647a342

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 12:55:33 GMT
x-amz-version-id
vm7c6dGPP9jm06osgc6MHTLIvM9LGFM7
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
554100
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12514
last-modified
Fri, 17 Nov 2023 16:49:00 GMT
server
AmazonS3
etag
"a95331bd893e33cf181ccdb4a5fa7332"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5Qf95yMCl4pOlu7OaiI906Nbbma4hylVq4ZRHNm7YgVeW4--Xp_jnQ==
expires
Sat, 16 Nov 2024 16:48:59 GMT
assurance_collective_avantages_sociaux.jpg
www.avantages.ca/wp-content/uploads/sites/6/2020/08/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2020/08/assurance_collective_avantages_sociaux.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7378940c8407db403845dcf0c8bdff2feecdc8aa6d3bb6f918fd276c7de7efa

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 13:05:40 GMT
x-amz-version-id
JahpUsaVbQcjjbOlKp0DeME7HNcABcFB
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 21:37:22 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
35093
etag
"576dca967ac40733a64d4c19d52c7d82"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
57865
x-amz-cf-id
0xt4b_gwryaGh3KEuvpZlRsEM8HHS_YYpfWdp-lCitvfdmirLuvL4A==
expires
Tue, 24 Aug 2021 21:37:21 GMT
AVA_eBook_Regimes-PD_800x600.jpg
www.avantages.ca/wp-content/uploads/sites/6/2019/05/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2019/05/AVA_eBook_Regimes-PD_800x600.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94bbd1820c2842f6ae38d7b6d29c6741b90b93fced601d8dcdf2b5d73dc2fad1

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 14:01:11 GMT
x-amz-version-id
null
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 27 May 2019 18:24:52 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
377362
etag
"d992ff94e4564ecb2cd31844ca045370"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63598
x-amz-cf-id
9fcjEmrfDz1L8ujvOWOkqufyaNv9sndL5oICmDqjzAh1ICb7hG-W7A==
expires
Tue, 26 May 2020 18:24:51 GMT
AVA-Juin-2024.jpg
www.avantages.ca/wp-content/uploads/sites/6/2024/06/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2024/06/AVA-Juin-2024.jpg
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1569785b55e12258b6efd4515e69c87a7f94d3528a1e88c90256c510dbe3006

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 12:55:33 GMT
x-amz-version-id
Z9MWifk_f4MDyZV1YYee1CjiRzBV500u
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
554100
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
151231
last-modified
Wed, 19 Jun 2024 13:37:54 GMT
server
AmazonS3
etag
"4fe252954ac17722444391cfc4596290"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8jYWHOemEmCKkCftIvPJNMp935qHe-NesMMCbeDzM6JP7CeTy6kNeg==
expires
Thu, 19 Jun 2025 13:37:53 GMT
LOGO-Acquizition-blanc.png
www.avantages.ca/wp-content/uploads/sites/6/2023/06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2023/06/LOGO-Acquizition-blanc.png
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59dad5a09fa6be9c1a998f2a899ef182de3e1d204d5b2e5dd72c41b6317d1995

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
.w27L6oMk4OGV_XitJApZhgBA..hzyUs
date
Mon, 19 Aug 2024 11:12:01 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
56138
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6075
last-modified
Tue, 06 Jun 2023 13:53:56 GMT
server
AmazonS3
etag
"863295195815740554439e9d700dbc2d"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Uyb0g3A2CqM0hkG04ZHjF1pfQgogyqsFdTutt3P3V8WC9VuxwAzQig==
expires
Wed, 05 Jun 2024 13:53:55 GMT
Avantages_2012w.png
www.avantages.ca/wp-content/uploads/sites/6/2018/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2018/05/Avantages_2012w.png
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14466f041b4b990865284bd6eb409aed61ebf2fa42ae0dbc3b467ab95146d71c

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 19 Aug 2024 22:50:33 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Nov 2018 22:54:58 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
etag
"451e6e18eafdc309d1237697344fde13"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6948
x-amz-cf-id
elVsaFlKwgpsVJWWMUqAPNFay_HFtEOGLpJO5wE2N2cRODJ6U_I9KA==
BenefitsCanada-Logo-White.png
www.avantages.ca/wp-content/uploads/sites/6/2018/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2018/09/BenefitsCanada-Logo-White.png
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f42cfa3c8ef87f84cbf220cab248f0c451f3ac31411e0240f1f3cf4bd2e85c7

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 19 Aug 2024 11:12:01 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Nov 2018 22:55:48 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
42702
etag
"1796a1f8e64abf557181b1ba1743e398"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7141
x-amz-cf-id
hvicpckmFWpxu0kMrmYv0Mge5iY_yyzeAcbs-j3wjCTRCjIn3Lqi-g==
LOGO-Contech-blanc.png
www.avantages.ca/wp-content/uploads/sites/6/2023/09/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2023/09/LOGO-Contech-blanc.png
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dfb5eab19729d2d8ddacd314984422dda18fcbc53d6a0a370d04f491ec68645

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
XuOiyOSrni9nIrygjSHZj0izYO.ZoRsp
date
Mon, 19 Aug 2024 11:12:01 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
49407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
13583
last-modified
Wed, 06 Sep 2023 15:35:19 GMT
server
AmazonS3
etag
"01b767c68d6a356361ff0b4ad53a736a"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CVploXw_tHd6cBCKFWcHKlz-XgeoxDGf8p5IeBEs9hWEhcvxHh_Ghg==
expires
Thu, 05 Sep 2024 15:35:18 GMT
logo_site_lesaffaires.png
www.avantages.ca/wp-content/uploads/sites/6/2019/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2019/10/logo_site_lesaffaires.png
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28e4f45d7d62c58ba90d63e49ec48a2296b20de59c856195e20627f21473c587

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 12:49:45 GMT
x-amz-version-id
null
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Tue, 08 Oct 2019 14:32:35 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
381648
etag
"2fdb0befffd23707162fba3902b61d0b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9132
x-amz-cf-id
gI2MQkn0kpZo_6MI-nrrFMZx3csUalAV3UDVer950zAdq2jbFVjHuw==
expires
Wed, 07 Oct 2020 14:32:34 GMT
Logo-Contex-NBG.png
www.avantages.ca/wp-content/uploads/sites/6/2021/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2021/02/Logo-Contex-NBG.png
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d60c409faf2c1bc1d4cdef5a0a719a8c8f23ae103b092c8c650bb4a9458b2f61

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
RBStKgcJqTQWT.jHzo3YfD7MYEAvCcmb
date
Mon, 19 Aug 2024 14:16:02 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
37749
x-cache
Hit from cloudfront
content-length
7828
last-modified
Mon, 22 Feb 2021 19:34:54 GMT
server
AmazonS3
etag
"f327e8f167e6d493b67a87b3ec65f7d6"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Bh9OBYR2UGlpoRWjeYPc-pppKg1OfsA3A6mkZbs3l19G8zuB280g5g==
expires
Tue, 22 Feb 2022 19:34:53 GMT
DI.Journey-min.js
t.ofsys.com/js/Journey/1/AAQAAGxhWkhJcHscAABORDBkbngVCAAA/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ofsys.com/js/Journey/1/AAQAAGxhWkhJcHscAABORDBkbngVCAAA/DI.Journey-min.js
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.91.248.5 , Canada, ASN46095 (RSI-CA-SITE1, CA),
Reverse DNS
smtp.repsolution.com
Software
/
Resource Hash
41c7722e2158c4f5d45451f1e2b932338a7aaf1ac65b4714e8b9ddbd15e8e276

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:31 GMT
cache-control
max-age=900
server
etag
"-32050380"
content-type
application/javascript
vendors.min.js
www.avantages.ca/wp-content/themes/avatar-tcm/assets/javascripts/ 		76 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-content/themes/avatar-tcm/assets/javascripts/vendors.min.js?ver=4.9.8
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
fad6921438493bdaccf27caa773ed5a79e7a1498b4c8d1a23ccb620e6d8c4dbf

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 02:52:20 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
71891
x-cache
Hit from cloudfront
content-length
21266
last-modified
Wed, 07 Feb 2024 21:03:04 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
_ZiP3G2LFvB92C63Qm_qluxK__lRJUfRT9_bC_aMwHBdQpL4Q-s2rw==
expires
Wed, 18 Sep 2024 02:52:20 GMT
main.min.js
www.avantages.ca/wp-content/themes/avatar-tcm/assets/javascripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-content/themes/avatar-tcm/assets/javascripts/main.min.js?ver=4.9.8
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
ee30dfefc3b21776329dcdcc03bd10c08b79afadcae7dfbd2df9bad0319767fb

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 02:52:20 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
71892
x-cache
Hit from cloudfront
content-length
3766
last-modified
Wed, 07 Feb 2024 21:03:04 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
_-8Fvq6tqM1kpjnRmBd_MXIcWlJwXkIUyC_SfalkzsF0VoKrUvrBbw==
expires
Wed, 18 Sep 2024 02:52:20 GMT
wp-embed.min.js
www.avantages.ca/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 02:52:20 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
71892
x-cache
Hit from cloudfront
content-length
751
last-modified
Wed, 23 Nov 2016 13:38:33 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
i7vv7WkfJJMZE8AxxGlZeJ4JnIZUSXjqHv1i1F9QiYGLiZ3smEn6UA==
expires
Wed, 18 Sep 2024 02:52:20 GMT
loader.js
sdk.privacy-center.org/d0913bd2-e061-464f-be6d-294a4397bca0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/d0913bd2-e061-464f-be6d-294a4397bca0/loader.js?target_type=notice&target=MMYgRMJj
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7804486d6e0c08700310dc1fdd2a732de75e7a1cb11fb05d650cb77428f239ce

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:31 GMT
x-didomi-configs-version
112
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:false
content-encoding
br
via
1.1 57a5349e40888d521545fc9b83f270a4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amzn-requestid
65865061-bd29-403a-a078-0d4aa75984a4
x-amzn-trace-id
root=1-66c3cc37-172f309672b971e46c406bd4;parent=3a4cc7ef4a0761f1;sampled=0;lineage=eaae1266:0
vary
Accept-Encoding
etag
W/"496ad6ad0b23b4d511974e182e5bacd9"
content-type
application/javascript; charset=utf-8
x-cache
Miss from cloudfront
cache-control
max-age=7200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YBWFu47mGBg_aDRYG7LF4R5HTsMeWjw9Vr8nAXhi-JwvWLy7eG3pIA==
custom.json
rdc.m32.media/adops/custom_files/avantages.ca/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rdc.m32.media/adops/custom_files/avantages.ca/custom.json
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4f947e56fdb175eada527ae294993f8333159f1cf03a9eac4722dd7047f7544a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:31 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
age
49406
x-guploader-uploadid
AHxI1nP-9ggOA_8fND8SL2MisqsCGpDpqDEFaLRGS7jx07n_DAs1Ogf_NcUH7xRAvl0KaGeoVwJurqNQwA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
632
x-served-by
cache-yul1970050-YUL
last-modified
Mon, 19 Aug 2024 09:05:06 GMT
server
UploadServer
x-timer
S1724107832.897660,VS0,VE1
etag
"4c9d2210568cb213d651512187f1e9f0"
vary
Accept-Encoding
x-goog-hash
crc32c=QloIdw==, md5=TJ0iEFaMshPWUVEhh/Hp8A==
x-goog-generation
1724058306613078
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=600
x-goog-stored-content-length
1496
x-amz-checksum-crc32c
QloIdw==
accept-ranges
bytes
x-cache-hits
0
css
fonts.googleapis.com/ 		7 KB
827 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/wp-content/themes/avatar-tcm/style.css?ver=2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3273996622afec9de3fde1cdde7686ad7e8a0c67b0073df16e84c8e099d6d898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 22:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 22:43:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 22:50:31 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Tinos:400,400i,700,700i
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/wp-content/themes/avatar-tcm/style.css?ver=2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25cc5732ffb20dc6b9aedc6fc301cb771211ff7fd57938b7391a4213b4d64433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 22:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 22:50:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 22:50:31 GMT
css
fonts.googleapis.com/ 		4 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/wp-content/themes/avatar-tcm/style.css?ver=2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93d1697ee9f1a843a40e09ef85127252bbd95ff577a44eb06990949cb6ad365b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 22:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 22:30:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 22:50:31 GMT
css
fonts.googleapis.com/ 		2 KB
527 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/wp-content/themes/avatar-tcm/style.css?ver=2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
764a2a854a30881a7ccc3e4a0e3fb0b24262e4771e196e5569c1694266b5349a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 22:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 22:50:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 22:50:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/m32pixel.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
8837eb879ba8120e321430d41a786eb24a37b717ceddddf2c413163c7ae04d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32552
x-xss-protection
0
server
cafe
etag
803 / 19954 / m202408150101 / config-hash: 16900804115967644429
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 19 Aug 2024 22:50:32 GMT
gtm.js
www.googletagmanager.com/ 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFMQX3J
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6deb19abece4b403c88125df5876c397a39a0f6fed9852761e65274b42def50d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84219
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 22:32:03 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Aug 2024 22:50:32 GMT
placements
mia-placement-server.rubiconproject.com/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/placements?location=https%3A%2F%2Fwww.avantages.ca%2F&publisherId=66130&size=xl
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.86.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-86-253.compute-1.amazonaws.com
Software
/
Resource Hash
d81696553fc9f2e1a727c16c41a95a57a94e53aa03657b185c57c3d4926def21

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Aug 2024 22:50:32 GMT
content-length
1318
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avantages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
352661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 20:52:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avantages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
352661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 20:52:51 GMT
fontawesome-webfont.woff2
www.avantages.ca/wp-content/themes/avatar-tcm/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-content/themes/avatar-tcm/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/wp-content/themes/avatar-tcm/assets/css/vendors.min.css?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
Apache/2.4.58 (Amazon) PHP/7.1.33 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.avantages.ca/wp-content/themes/avatar-tcm/assets/css/vendors.min.css?ver=1.0.2
Origin
https://www.avantages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 13:20:23 GMT
content-encoding
gzip
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Wed, 07 Feb 2024 21:03:04 GMT
server
Apache/2.4.58 (Amazon) PHP/7.1.33
x-amz-cf-pop
EWR53-C2
age
34209
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
x-TDzbu-yX3M5OjC2DPnOKWjUnnvptFwN8P3MXF-_m8CwcuWpenqqg==
expires
Wed, 18 Sep 2024 13:20:23 GMT
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avantages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:08:35 GMT
x-content-type-options
nosniff
age
409317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27120
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 05:08:35 GMT
buE1poGnedXvwj1AW3Fu0C8.woff2
fonts.gstatic.com/s/tinos/v24/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v24/buE1poGnedXvwj1AW3Fu0C8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e2e32d71d3d13fb4b2a5ece0a5415a91b093ead0234ce54487390ca5d4275cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avantages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 04:35:39 GMT
x-content-type-options
nosniff
age
324893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25136
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:03:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Aug 2025 04:35:39 GMT
buE4poGnedXvwjX7fmQ.woff2
fonts.gstatic.com/s/tinos/v24/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v24/buE4poGnedXvwjX7fmQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avantages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 15:50:34 GMT
x-content-type-options
nosniff
age
284398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28080
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Aug 2025 15:50:34 GMT
sdk.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/ 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/sdk.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/d0913bd2-e061-464f-be6d-294a4397bca0/loader.js?target_type=notice&target=MMYgRMJj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fbda2d121e3398d8904455c695d75de1a36cbd569fbe8cfebc8cf94b7edbc80

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 12:06:13 GMT
content-encoding
br
via
1.1 57a5349e40888d521545fc9b83f270a4.cloudfront.net (CloudFront)
last-modified
Mon, 19 Aug 2024 12:06:06 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
38660
etag
W/"845eeeec876910dc513e6de4b25c1f9f-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LltPdkKQHhdJJ9hQR9K2hYvtYiwSMj9Ab0YP2s_DEI40VcWZKhKLuA==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 		531 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
Origin
https://www.avantages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214556
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 04:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Aug 2025 22:10:09 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408150101/ 		477 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
c8783c15855fdad3b79a8878f5cc9a1c048c5b55cfc65cc9de266b915e5ab81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:36:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
867
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152053
x-xss-protection
0
server
cafe
etag
6480962962318068084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 19 Aug 2025 22:36:05 GMT
js
www.googletagmanager.com/gtag/ 		294 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WGTRYHRX4B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFMQX3J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de1ff439c5cc5493deb160f80e3b01b8d07d14675da6188d49ba72c406a3cd13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 22:50:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101730
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Aug 2024 22:50:32 GMT
ui-gdpr-en-web.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/ 		268 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/ui-gdpr-en-web.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/9fa0f7caba0135420f3f75b242d5e300a68f5970/modern/sdk.9fa0f7caba0135420f3f75b242d5e300a68f5970.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.164.96.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-127.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4de59953adad032d6d95014a8b8c74088a8c01c71949e66a48e2781df7a1cee

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 12:06:19 GMT
content-encoding
br
via
1.1 1abf103face183cd8172f37e6ac30038.cloudfront.net (CloudFront)
last-modified
Mon, 19 Aug 2024 12:06:09 GMT
server
AmazonS3
age
38654
x-amz-cf-pop
JFK50-P5
etag
W/"a3a406062d43ddbf6cfbb774578eadf3-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
2sDUSGIMTbWgeJB2ZZ5GxOn1wsLZvq7qOVJJgn0uK_QQNpl_c-DizA==
jsonp
sync.springserve.com/usersync/ 		61 B
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.springserve.com/usersync/jsonp?callback=callback
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.222.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-222-161.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2d4216c38ee5c04572d513e38afe67d86e3a558ea8fc84378dd5f633f82a1051

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.avantages.ca
date
Mon, 19 Aug 2024 22:50:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
61
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WGTRYHRX4B&gtm=45je48e0v9112934064z89105435240za200zb9105435240&_p=1724107832067&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1528319233.1724107833&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724107833&sct=1&seg=0&dl=https%3A%2F%2Fwww.avantages.ca%2F&dt=Accueil%20%7C%20Avantages&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3416
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WGTRYHRX4B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 22:50:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.avantages.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WGTRYHRX4B&cid=1528319233.1724107833&gtm=45je48e0v9112934064z89105435240za200zb9105435240&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WGTRYHRX4B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 22:50:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.avantages.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WGTRYHRX4B&cid=1528319233.1724107833&gtm=45je48e0v9112934064z89105435240za200zb9105435240&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1937824757
Requested by
Host: www.avantages.ca
URL: https://www.avantages.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 22:50:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ssusersync
tv.springserve.com/ 		0
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tv.springserve.com/ssusersync?gdpr=1&gdpr_consent=CQDmW4AQDmW4AAHABBENBCFgAAAAAELAAAAAAAALzgBAEWAXmAAA.YAAACFgAAAAA&us_privacy=
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.189.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-189-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.avantages.ca
date
Mon, 19 Aug 2024 22:50:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
cropped-avantage-ico-32x32.png
www.avantages.ca/wp-content/uploads/sites/6/2018/05/ 		773 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.avantages.ca/wp-content/uploads/sites/6/2018/05/cropped-avantage-ico-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-49.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bdc50ba5c4999303033564e20fbd0286dab9b1f05b7d9e7f46986766eb463a9

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 19 Aug 2024 22:50:33 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Nov 2018 22:55:21 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
36190
etag
"52056ea4d70f5eb79b6cbfa2438da87b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
u6t-Np97yzUpGGnYVQx4z0dNIrVdbRInftuyI8mL-D_1mzRKaYBKJQ==
excluded_by_insertion
mia-placement-server.rubiconproject.com/tracking/66130/728/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/tracking/66130/728/excluded_by_insertion
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.86.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-86-253.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Aug 2024 22:50:34 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
standard.js
s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/passbacks/ Frame E15F 		315 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/passbacks/standard.js
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.92.210.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
26d958df6f23a7a04a5e980ea05f297277a67d0ad59e3e0ffb6753d478b2333a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 22:50:35 GMT
Last-Modified
Tue, 06 Aug 2024 15:08:40 GMT
Server
AmazonS3
x-amz-request-id
Z6QTQKRWJYZ222H5
ETag
"c0ce363f8654ceec032c66725103e1b3"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
315
x-amz-id-2
wXoJgv2vp4QbREiGPFc5yosyo+8Z8pF/diy04qrC7RpJOGoCu3PRMWqaWTpRyh6VaMs4SSRNLdE=
freeskreen.min.js
static.freeskreen.com/publisher/3872/ 		0
0
passback_called
mia-placement-server.rubiconproject.com/tracking/66130/728/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/tracking/66130/728/passback_called
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.86.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-86-253.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.avantages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Aug 2024 22:50:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.freeskreen.com
URL
https://static.freeskreen.com/publisher/3872/freeskreen.min.js

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| gdprAppliesGlobally function| __tcfapi object| googletag object| _m32_pbjs object| owpbjs object| pbjs object| madops object| m32shr object| _PREFIX_MAP object| m32pixel string| M32VERSION object| __m32consent object| __tcfapiBuffer function| $ function| jQuery object| dataLayer function| miaLib object| _MiaAds function| initMIA number| CurrentYear object| OFSYS_Tracker2 function| OFSYS_Tracking2_PluginLoadEvent object| DI object| translated_string function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension object| jQuery112401899471254555838 object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| avatar_theme_url object| ias function| Konami number| speed object| easter_egg object| m32_context object| wp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| webpackChunkDidomi object| Didomi object| didomiOnReady object| didomiEventListeners object| miaConfig object| DidomiSanitizing object| didomiState object| google_reactive_ads_global_state object| recaptcha function| onYouTubeIframeAPIReady object| gaGlobal string| springserveUserId

6 Cookies

Domain/Path Name / Value
www.avantages.ca/ Name: OFSYS_Consent_AAQAAGxhWkhJcHscAABORDBkbngVCAAA
Value: true
.avantages.ca/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTkxNmNkNWItZGM3ZS02YjBiLWFjYzEtNWQ0MTc0Yzg1ZTQ3IiwiY3JlYXRlZCI6IjIwMjQtMDgtMTlUMjI6NTA6MzIuNzc1WiIsInVwZGF0ZWQiOiIyMDI0LTA4LTE5VDIyOjUwOjMyLjc3NloiLCJ2ZXJzaW9uIjpudWxsfQ==
.springserve.com/ Name: ssid
Value: 1fc1ffb0-c517-43d6-9794-2c32537f036d
.springserve.com/ Name: sst
Value: 1724107833009
.avantages.ca/ Name: _ga
Value: GA1.1.1528319233.1724107833
.avantages.ca/ Name: _ga_WGTRYHRX4B
Value: GS1.1.1724107833.1.0.1724107833.60.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://static.freeskreen.com/publisher/3872/freeskreen.min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fonts.googleapis.com
fonts.gstatic.com
mia-placement-server.rubiconproject.com
rdc.m32.media
s3.us-west-2.amazonaws.com
sdk.privacy-center.org
securepubads.g.doubleclick.net
static.freeskreen.com
stats.g.doubleclick.net
sync.springserve.com
t.ofsys.com
tv.springserve.com
www.avantages.ca
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
static.freeskreen.com
13.226.34.49
142.250.176.195
142.250.65.164
142.251.32.98
151.101.194.132
18.164.96.127
2001:4860:4802:34::181
208.91.248.5
2600:9000:2510:a00:5:b7cc:d3c0:93a1
2607:f8b0:4004:c06::9b
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:824::2008
44.210.222.161
44.213.189.213
52.201.86.253
52.92.210.144
07ff015d1a1147e70fdc0f24cbc4077a8094d902309544eddc6722e462b6e853
14466f041b4b990865284bd6eb409aed61ebf2fa42ae0dbc3b467ab95146d71c
22de6e4042c182513a5612e20d9c7f41c6ef8b7829912a4eab0895dd3dea05a6
25cc5732ffb20dc6b9aedc6fc301cb771211ff7fd57938b7391a4213b4d64433
26d958df6f23a7a04a5e980ea05f297277a67d0ad59e3e0ffb6753d478b2333a
28e4f45d7d62c58ba90d63e49ec48a2296b20de59c856195e20627f21473c587
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d4216c38ee5c04572d513e38afe67d86e3a558ea8fc84378dd5f633f82a1051
3273996622afec9de3fde1cdde7686ad7e8a0c67b0073df16e84c8e099d6d898
3510081aa1974e469430461b0027e8f1414d46010d9bc66778d200a86647a342
41c7722e2158c4f5d45451f1e2b932338a7aaf1ac65b4714e8b9ddbd15e8e276
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bdc50ba5c4999303033564e20fbd0286dab9b1f05b7d9e7f46986766eb463a9
4e2e32d71d3d13fb4b2a5ece0a5415a91b093ead0234ce54487390ca5d4275cb
4f947e56fdb175eada527ae294993f8333159f1cf03a9eac4722dd7047f7544a
59dad5a09fa6be9c1a998f2a899ef182de3e1d204d5b2e5dd72c41b6317d1995
5b03418f642887d336a97dd04d9b615379e95528698b9143d4c2dc212fc83671
5b6cdf23c46bfab912551fae15dc37a3b8a7cf00c413856d10a3475f33450992
5b86619602a928278fd3626bbe554eae0ee3fef1ea71a4a6169d292e3843841d
5e2d31c4405de635093bfba0133a01ce8e1f0bc284d944290f8e334ebfd3c688
6179df96d14a7d4945c4ced9cda689b950e7ef36936034650a80f1f9bda3d9b6
69c774000f3b9687d908e404cf722daa8d85568a5bd842e45c6b044a1e63e08c
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d9be758f1c74ee4abb3d11a05479b1075d437f9b6866fe1d35999ee294cd74d
6deb19abece4b403c88125df5876c397a39a0f6fed9852761e65274b42def50d
6fbda2d121e3398d8904455c695d75de1a36cbd569fbe8cfebc8cf94b7edbc80
70925c4bda48e2ae325950aab67fe70a75dc2984b9e4f5844f4858c5adf6ef2b
764a2a854a30881a7ccc3e4a0e3fb0b24262e4771e196e5569c1694266b5349a
778cab4ab276563c8ff1588fa7cd9171b79d4035b3ffa5e1cda1b4f15bedf571
7804486d6e0c08700310dc1fdd2a732de75e7a1cb11fb05d650cb77428f239ce
7cf60845b78ad8ae403d6e2ba267543c33778aa11de90515345a7b91eb900183
8581831a1d8daefaac521fc8ef155877a4dfb6e9f7c4c74eb2b139deea97bef6
8837eb879ba8120e321430d41a786eb24a37b717ceddddf2c413163c7ae04d03
88d6a0c187b938417cde43806ff2468c2b85a00633f2f03dccbe96c4fd05b6c8
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e7c825125796f9dc12b044f40fa98fb671a08a9f7874d148ba0aa90cf82e47b
8f42cfa3c8ef87f84cbf220cab248f0c451f3ac31411e0240f1f3cf4bd2e85c7
93d1697ee9f1a843a40e09ef85127252bbd95ff577a44eb06990949cb6ad365b
93df24806614fab027c094f3c77a7630279f179a649eb98842e68775e756372f
94bbd1820c2842f6ae38d7b6d29c6741b90b93fced601d8dcdf2b5d73dc2fad1
9815ce712113c5278031f59788c3a3dfcafeaf51975e695f4130d056331c8af8
9dfb5eab19729d2d8ddacd314984422dda18fcbc53d6a0a370d04f491ec68645
ab647ce01f31f5cd2149376aae4357022c02eb607ff1b32b26b29457abcd4e2f
b7378940c8407db403845dcf0c8bdff2feecdc8aa6d3bb6f918fd276c7de7efa
bb31372db14820f8fbfd2880acd0c62c6f435dd9c456c1b138541e9bbf4cd55a
c1569785b55e12258b6efd4515e69c87a7f94d3528a1e88c90256c510dbe3006
c43aa0ae011b5504153bb9af8579218f27f6ecd70aeffe8587797e3a60bae65a
c4de59953adad032d6d95014a8b8c74088a8c01c71949e66a48e2781df7a1cee
c8783c15855fdad3b79a8878f5cc9a1c048c5b55cfc65cc9de266b915e5ab81c
c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454
cf60363909feb0ff7f80c65a239e6821f232f6e57e9aeb02ab9c462855823bbb
d60c409faf2c1bc1d4cdef5a0a719a8c8f23ae103b092c8c650bb4a9458b2f61
d6e8726ef10ffe8379f7ea273bd7d18a0718edb56fb188c268e0eb9d9942c80f
d81696553fc9f2e1a727c16c41a95a57a94e53aa03657b185c57c3d4926def21
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da09b0fd2505543cab0e1e8cc01f87ad4f87540a45b68eca331672825f6e0d4e
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
de1ff439c5cc5493deb160f80e3b01b8d07d14675da6188d49ba72c406a3cd13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896
ee30dfefc3b21776329dcdcc03bd10c08b79afadcae7dfbd2df9bad0319767fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2beeea8d6626aaaec6f6e1db21236fea3438472442dcdc588092e238c98f425
f3bafeec8fcfc573f5d00aabea95008696875dd6e87f34048b14eb2cba853d72
fad6921438493bdaccf27caa773ed5a79e7a1498b4c8d1a23ccb620e6d8c4dbf
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fccc3184f99513a7dcb9773de97a860681430f2e913fa8b55197bee40388a530