www.avantagemaximum.ca Open in urlscan Pro
158.85.93.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.avantagemaximum.ca/
Effective URL:
https://www.avantagemaximum.ca/
Submission: On November 23 via manual (November 23rd 2021, 4:46:05 pm UTC) from CA — Scanned from CA

Summary HTTP 54 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 54 HTTP transactions. The main IP is 158.85.93.203, located in Markham, Canada and belongs to SOFTLAYER, US. The main domain is www.avantagemaximum.ca.
TLS certificate: Issued by R3 on October 14th 2021. Valid for: 3 months.

This is the only time www.avantagemaximum.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	158.85.93.203 158.85.93.203	36351 (SOFTLAYER) (SOFTLAYER)
3	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
1	13.225.63.3 13.225.63.3	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
6	13.225.66.82 13.225.66.82	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21da:9400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	54.161.247.27 54.161.247.27	14618 (AMAZON-AES) (AMAZON-AES)
1	104.26.10.16 104.26.10.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
3	184.84.67.154 184.84.67.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9a	15169 (GOOGLE) (GOOGLE)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
4	34.228.105.212 34.228.105.212	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.200.255.88 52.200.255.88	14618 (AMAZON-AES) (AMAZON-AES)
1	52.3.138.212 52.3.138.212	14618 (AMAZON-AES) (AMAZON-AES)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	54.85.224.115 54.85.224.115	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	104.18.102.194 104.18.102.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
54	19

19 158.85.93.203 (Markham, Canada) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: cb.5d.559e.ip4.static.sl-reverse.com

www.avantagemaximum.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-3.ewr53.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.66.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-66-82.ewr53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:9400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.247.27 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-247-27.compute-1.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.10.16 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.84.67.154 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-84-67-154.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.228.105.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-105-212.compute-1.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.255.88 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-255-88.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.138.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-138-212.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.224.115 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-224-115.compute-1.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.102.194 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	avantagemaximum.ca 1 redirects www.avantagemaximum.ca	451 KB
11	sharethis.com 1 redirects platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com t.sharethis.com sync.sharethis.com	59 KB
6	cloudfront.net d10lpsik1i8c69.cloudfront.net	100 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	197 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	adsymptotic.com 2 redirects p.adsymptotic.com	569 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	489 B
2	ml314.com 1 redirects ml314.com	884 B
2	adsrvr.org 2 redirects match.adsrvr.org	922 B
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	1 KB
2	exelator.com 2 redirects loadus.exelator.com	2 KB
2	google.com www.google.com	1 KB
2	googletagmanager.com www.googletagmanager.com	97 KB
1	google.ca www.google.ca	501 B
1	eyeota.net ps.eyeota.net	344 B
1	doubleclick.net stats.g.doubleclick.net	447 B
1	luckyorange.net settings.luckyorange.net	2 KB
54	18

	Domain	Requested by
19	www.avantagemaximum.ca	1 redirects www.avantagemaximum.ca
6	d10lpsik1i8c69.cloudfront.net	www.avantagemaximum.ca d10lpsik1i8c69.cloudfront.net
4	sync.sharethis.com
3	t.sharethis.com	platform-api.sharethis.com t.sharethis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	www.avantagemaximum.ca
2	p.adsymptotic.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	ml314.com	1 redirects
2	match.adsrvr.org	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	loadus.exelator.com	2 redirects
2	l.sharethis.com	1 redirects www.avantagemaximum.ca
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	www.avantagemaximum.ca
2	www.googletagmanager.com	www.avantagemaximum.ca www.googletagmanager.com
1	www.google.ca
1	ps.eyeota.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.gstatic.com	www.google.com
1	platform-api.sharethis.com	www.avantagemaximum.ca
54	23

This site contains links to these domains. Also see Links.

Domain
www.my-benefits.ca
www.maximumbenefit.ca
johnstongroup.ca

Subject Issuer	Validity	Valid
maximumbenefit.ca R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
cert1.a1.atm.aqfer.net R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.avantagemaximum.ca/
Frame ID: EF2B7EFE51C8384E73E261B679B3BEA7
Requests: 43 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=6ea758b
Frame ID: F8462A894918C58B4B6A4026F92012DD
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.735.22334&cid=c010&cls=B
Frame ID: B4339DF68773612FC27F5BD450578CC9
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.735.22334/a/CA/t_.js?cid=c010&cls=B
Frame ID: 0B29A2FCE87F0B3707EBD6CFA874889F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Avantage Maximum

Page URL History Show full URLs

http://www.avantagemaximum.ca/ HTTP 301
https://www.avantagemaximum.ca/ Page URL

Page Statistics

54
Requests

85 %
HTTPS

39 %
IPv6

18
Domains

23
Subdomains

19
IPs

3
Countries

927 kB
Transfer

2066 kB
Size

26
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.my-benefits.ca/#/fr
Title: Connexion

Search URL Search Domain Scan URL

URL: https://www.maximumbenefit.ca/
Title: en

Search URL Search Domain Scan URL

URL: https://johnstongroup.ca/
Title: Fièrement administré par

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.avantagemaximum.ca/ HTTP 301
https://www.avantagemaximum.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://l.sharethis.com/pview?event=pview&hostname=www.avantagemaximum.ca&location=%2F&product=sop&url=https%3A%2F%2Fwww.avantagemaximum.ca%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Avantage%20Maximum&cms=unknown&publisher=5ff7eabdea07e80018406785&sop=true&version=st_sop.js&lang=en&description=La%20conception%20d%E2%80%99un%20r%C3%A9gime%20d%E2%80%99avantages%20sociaux%20peut%20repr%C3%A9senter%20un%20d%C3%A9fi.%20Si%20vous%20voulez%20offrir%20des%20avantages%20concurrentiels%20pour%20attirer%20les%20meilleurs%20candidats%20et%20conserver%20les%20employ%C3%A9s%20les%20plus%20talentueux%2C%20profiter%20de%20co%C3%BBts%20g%C3%A9rables%20et%20coh%C3%A9rents%20et%20avoir%20davantage%20de%20contr%C3%B4le%2C%20nous%20pouvons%20vous%20aider. HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=www.avantagemaximum.ca&location=%2F&product=sop&url=https%3A%2F%2Fwww.avantagemaximum.ca%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Avantage%20Maximum&cms=unknown&publisher=5ff7eabdea07e80018406785&sop=true&version=st_sop.js&lang=en&description=La%20conception%20d%E2%80%99un%20r%C3%A9gime%20d%E2%80%99avantages%20sociaux%20peut%20repr%C3%A9senter%20un%20d%C3%A9fi.%20Si%20vous%20voulez%20offrir%20des%20avantages%20concurrentiels%20pour%20attirer%20les%20meilleurs%20candidats%20et%20conserver%20les%20employ%C3%A9s%20les%20plus%20talentueux%2C%20profiter%20de%20co%C3%BBts%20g%C3%A9rables%20et%20coh%C3%A9rents%20et%20avoir%20davantage%20de%20contr%C3%B4le%2C%20nous%20pouvons%20vous%20aider.&samesite=None

Request Chain 42

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=fe5b7ba050d74f2869f96f323967199e

Request Chain 43

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHoADWGdGscAAAALBdFEAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHoADWGdGscAAAALBdFEAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/int/lotame?uid=c1e2ea11e20dc5b7a868260f634f2a23&gdpr=0&gdpr_consent=

Request Chain 45

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=f3ceef5f-8c21-44f5-8192-c72f4cc06ade&gdpr=0&gdpr_consent=

Request Chain 46

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHoADWGdGscAAAALBdFEAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3623212817966956545 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyMzIxMjgxNzk2Njk1NjU0NRAAGg0IyLX0jAYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=54fd93c19895606b1b9719c7b51497584ab3686630ceaf79b2716026fadfb957f4cb09cee1a4f8eb&person_id=3623212817966956545&eid=50082

Request Chain 47

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHoADWGdGscAAAALBdFEAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1637685959950 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHoADWGdGscAAAALBdFEAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1637685959950&_expected_cookie=db72057a0662b2770eda0e03256f1be2 HTTP 302
https://sync.sharethis.com/drawbridge?uid=db72057a0662b2770eda0e03256f1be2

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.avantagemaximum.ca/
Redirect Chain

http://www.avantagemaximum.ca/
https://www.avantagemaximum.ca/

36 KB
10 KB

756ms
713ms

Document
text/html

158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

c2463e874a11bee20598953dc4e00b75cb524ed9b0cb99c047490dacbd64abed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

server: nginx
date: Tue, 23 Nov 2021 16:45:59 GMT
content-type: text/html; charset=utf-8
content-length: 9618
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=0
expires: Tue, 23 Nov 2021 16:45:58 GMT
content-security-policy: frame-ancestors 'none';

Redirect headers

Server: nginx
Date: Tue, 23 Nov 2021 16:45:58 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 239
Connection: keep-alive
Location: https://www.avantagemaximum.ca/
Cache-Control: max-age=0
Expires: Tue, 23 Nov 2021 16:45:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 99ms
38ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Podkova:500|Work+Sans:500,600,700

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b56eec9b97291f634e2b59854d56cc5284fcc8ae21db3343f38c0150cff7f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 16:45:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 16:45:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css
www.avantagemaximum.ca/css/packed/ 82 KB
19 KB 34ms
34ms Stylesheet
text/css 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

9d85410ea24345ff3a535604d5ea7ff64669f034c55e6eb7f1d4cc7ed4bb4438

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 21:20:43 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=315569260
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 19346
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 101ms
49ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62900320-1

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26ce05e94092c966bc532c176c5cb0cb1c01e03beccacae64960f5d76f39ab7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37046
x-xss-protection: 0
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
993 B 91ms
38ms Script
text/javascript 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=fr

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb0df91a7350cbac1afa2987eb8f4b603aa2e99015c9d2b198bc985a4b7b0117

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 banner_img_41.t1561650071.jpg
www.avantagemaximum.ca/uploads/banner/ 179 KB
180 KB 102ms
100ms Image
image/jpeg 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/uploads/banner/banner_img_41.t1561650071.jpg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

91da452b882072627d1eecc8de12f95f685c20fc6571aa9b21100332fcd5539b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: private
date: Tue, 23 Nov 2021 16:45:59 GMT
last-modified: Thu, 27 Jun 2019 15:41:11 GMT
server: nginx
vary: User-Agent
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: max-age=315569260
content-transfer-encoding: binary
content-security-policy: frame-ancestors 'none';
content-type: image/jpeg
content-length: 183795
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H2 200 logo-max.svg
www.avantagemaximum.ca/img/mxb/ 2 KB
1023 B 25ms
23ms Image
image/svg+xml 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/logo-max.svg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

ee76296d3876b2972785feb517fb158e1be32fc0dfe3692f44b451eb97ddb77d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 22:07:38 GMT
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: max-age=0
content-security-policy: frame-ancestors 'none';
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 logo-max-sas.svg
www.avantagemaximum.ca/img/mxb/ 3 KB
1 KB 26ms
24ms Image
image/svg+xml 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/logo-max-sas.svg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

4918154c820fefb88d8ec53131f89e38754e8f0fade5fb29721dc20812cb2b21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 22:07:38 GMT
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: max-age=0
content-security-policy: frame-ancestors 'none';
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 logo-johnston-group-white.svg
www.avantagemaximum.ca/img/mxb/ 8 KB
3 KB 26ms
25ms Image
image/svg+xml 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/logo-johnston-group-white.svg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

6d17e2e0723b33582629f79df34bdb314f88021e4869481dc7f2c3c186efd004

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Wed, 05 Jun 2019 16:27:37 GMT
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: max-age=0
content-security-policy: frame-ancestors 'none';
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 jquery_jquerymagnific-popup_svgxusemin_jqueryfitvids_prefixfreemin_mxb-translations-fr_mxb-default_https_wwwavantagemaximumca_1611785190.t1611785190.js Show response
www.avantagemaximum.ca/js/packed/ 122 KB
43 KB 40ms
39ms Script
application/javascript 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avantagemaximum.ca/js/packed/jquery_jquerymagnific-popup_svgxusemin_jqueryfitvids_prefixfreemin_mxb-translations-fr_mxb-default_https_wwwavantagemaximumca_1611785190.t1611785190.js

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

9645d13ca2496453199dbcae6961f5a39a1dac80d39bd54af5244f27451f527f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 22:06:30 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315569260
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 43339
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 74ms
22ms Script
text/javascript 13.225.63.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.63.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-63-3.ewr53.r.cloudfront.net

Software

Resource Hash

444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:42:23 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 216
etag: W/"2df1b-sQ5Sn/JpfKxrQLYebTQ3d0yXV0s"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: EWR53-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: tuvnvHlqFMuFdhgd_bcDyfNhbkhW9txvfDMnjmKpv5kgiDXUOtlA4w==

GET
H2 200 print_https_wwwavantagemaximumca_1561651692.t1561651692.css
www.avantagemaximum.ca/css/packed/ 2 KB
1 KB 26ms
25ms Stylesheet
text/css 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avantagemaximum.ca/css/packed/print_https_wwwavantagemaximumca_1561651692.t1561651692.css

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

c399398902df08f2f270e1ef83b60d9f1ae5e470a82107b886b9a9b0aee21cc0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2019 16:08:12 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=315569260
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 986
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H2 200 logo-fr.t1561065302.svg
www.avantagemaximum.ca/img/mxb/ 5 KB
2 KB 25ms
24ms Image
image/svg+xml 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/logo-fr.t1561065302.svg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cb65f34acdf5e7ead5d4680a99ca889266d7eddda56d89b9dff38ee199fefd75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Thu, 20 Jun 2019 21:15:02 GMT
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: max-age=0
content-security-policy: frame-ancestors 'none';
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 icon-star-o50.t1559752057.svg
www.avantagemaximum.ca/img/mxb/ 266 B
484 B 27ms
26ms Image
image/svg+xml 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/icon-star-o50.t1559752057.svg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

4955ee194e4174cbaf4e99f71e97e2a0ae09189dd92968c38235c6ad4ebf33ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
last-modified: Wed, 05 Jun 2019 16:27:37 GMT
server: nginx
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=0
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 266
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 abstract-bg-1.t1559752056.jpg
www.avantagemaximum.ca/img/mxb/ 133 KB
133 KB 27ms
26ms Image
image/jpeg 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/abstract-bg-1.t1559752056.jpg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

08007c45e60fff2072e7bb4cd41b246b563b3aebee47aece11aaa1f7ab7acb6a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
last-modified: Wed, 05 Jun 2019 16:27:36 GMT
server: nginx
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315569260
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 136295
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H2 200 decor-waves.t1559934459.svg
www.avantagemaximum.ca/img/mxb/ 7 KB
1 KB 25ms
25ms Image
image/svg+xml 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/decor-waves.t1559934459.svg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

f1e9398261918f5442d9a6f85c34609cb529c73d52d3ce16d818c53616507a3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2019 19:07:39 GMT
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: max-age=0
content-security-policy: frame-ancestors 'none';
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 decor-dots.t1559934459.svg
www.avantagemaximum.ca/img/mxb/ 48 KB
13 KB 40ms
40ms Image
image/svg+xml 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/decor-dots.t1559934459.svg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

a3c24b07bcdbc274e8c65e199a58e8de1d176e06a5581d4eb24fa72402261503

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2019 19:07:39 GMT
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: max-age=0
content-security-policy: frame-ancestors 'none';
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 decor-hands.t1559770873.svg
www.avantagemaximum.ca/img/mxb/ 2 KB
1 KB 40ms
40ms Image
image/svg+xml 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avantagemaximum.ca/img/mxb/decor-hands.t1559770873.svg

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

503000805e5eae19ee2196e05fb7b92cda21c613ac489265835603ab8a992e55

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Wed, 05 Jun 2019 21:41:13 GMT
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: max-age=0
content-security-policy: frame-ancestors 'none';
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ 47 KB
47 KB 81ms
27ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Podkova:500|Work+Sans:500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avantagemaximum.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 13:58:43 GMT
x-content-type-options: nosniff
age: 269236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 20 Nov 2022 13:58:43 GMT

GET
H2 200 K2FufZ1EmftJSV9VQpXb1lo9vC3nZWt3zfU_GIs.woff2
fonts.gstatic.com/s/podkova/v20/ 13 KB
13 KB 73ms
20ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/podkova/v20/K2FufZ1EmftJSV9VQpXb1lo9vC3nZWt3zfU_GIs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Podkova:500|Work+Sans:500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb79ff1961fa0c5efee70c75fefb63ae504a5e4f3a687f65125b5dc01437abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avantagemaximum.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 10:43:27 GMT
x-content-type-options: nosniff
age: 108152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12884
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:17:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 10:43:27 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 82ms
25ms Script
application/javascript 13.225.66.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cf27e0e31db874d77562c910f5a0eca1f37b32fde3dd4c2c5503a560ce40921

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:32:21 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
age: 819
etag: W/"7ad74b945ef7019a5ff78b8e45bc1a20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bd729a625f24d9635dc350a79fc561b4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: 0YaBhsZu1iF6ivtXxBg-f1c7pOEWj9n7jUYO2hLz36GgAgrzt1ZnYQ==

GET
H3 200 css Show response
fonts.googleapis.com/ 5 KB
627 B 65ms
37ms XHR
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Podkova:500|Work+Sans:500,600,700

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/js/packed/jquery_jquerymagnific-popup_svgxusemin_jqueryfitvids_prefixfreemin_mxb-translations-fr_mxb-default_https_wwwavantagemaximumca_1611785190.t1611785190.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b56eec9b97291f634e2b59854d56cc5284fcc8ae21db3343f38c0150cff7f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 16:45:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 16:45:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css Show response
www.avantagemaximum.ca/css/packed/ 82 KB
19 KB 36ms
32ms XHR
text/css 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

9d85410ea24345ff3a535604d5ea7ff64669f034c55e6eb7f1d4cc7ed4bb4438

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 21:20:43 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=315569260
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 19346
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H2 200 print_https_wwwavantagemaximumca_1561651692.t1561651692.css Show response
www.avantagemaximum.ca/css/packed/ 2 KB
1 KB 34ms
30ms XHR
text/css 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avantagemaximum.ca/css/packed/print_https_wwwavantagemaximumca_1561651692.t1561651692.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

c399398902df08f2f270e1ef83b60d9f1ae5e470a82107b886b9a9b0aee21cc0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2019 16:08:12 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=315569260
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 986
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H3 200 css Show response
fonts.googleapis.com/ 5 KB
627 B 42ms
41ms XHR
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Podkova:500|Work+Sans:500,600,700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b56eec9b97291f634e2b59854d56cc5284fcc8ae21db3343f38c0150cff7f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 16:45:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 16:45:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 16:45:59 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avantagemaximum.ca/css/packed/mxb-base_magnific-popup_mxb-layout_mxb-style_mxb-responsive_https_wwwavantagemaximumca_1625001643.t1625001643.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

9d85410ea24345ff3a535604d5ea7ff64669f034c55e6eb7f1d4cc7ed4bb4438

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 21:20:43 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=315569260
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 19346
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H2 200 print_https_wwwavantagemaximumca_1561651692.t1561651692.css Show response
www.avantagemaximum.ca/css/packed/ 2 KB
1 KB 30ms
29ms XHR
text/css 158.85.93.203
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avantagemaximum.ca/css/packed/print_https_wwwavantagemaximumca_1561651692.t1561651692.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.85.93.203 Markham, Canada, ASN36351 (SOFTLAYER, US),

Reverse DNS

cb.5d.559e.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

c399398902df08f2f270e1ef83b60d9f1ae5e470a82107b886b9a9b0aee21cc0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2019 16:08:12 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=315569260
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 986
expires: Mon, 24 Nov 2031 02:53:39 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 82ms
22ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb44d5f9862198a35a251f0c9308bb282bb5afd11bef8016aa8863f4d5ba2593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avantagemaximum.ca/
Origin: https://www.avantagemaximum.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138515
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sun, 20 Nov 2022 01:53:01 GMT

GET
H2 200 5ff7eabdea07e80018406785.js Show response
buttons-config.sharethis.com/js/ 446 B
867 B 162ms
89ms Script
text/javascript 2600:9000:21da:9400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5ff7eabdea07e80018406785.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:9400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c28a29ec4f308a17feb78060778c4ec45185865b4893b0fc51eddbcad85f9b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 23 Nov 2021 16:46:00 GMT
via: 1.1 978e367a2ce2a1259e8f24bc2370ca51.cloudfront.net (CloudFront)
last-modified: Fri, 08 Jan 2021 05:29:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
etag: "bdff60db68eed9f327481da62a063d2c"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 446
x-amz-cf-id: 2BF9Y8InCmoJVHvV8MbMm3YccsEIMtV9RqGgynrMdEZB1L8yFpg9fQ==

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=www.avantagemaximum.ca&location=%2F&product=sop&url=https%3A%2F%2Fwww.avantagemaximum.ca%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmen...
https://l.sharethis.com/sc?event=pview&hostname=www.avantagemaximum.ca&location=%2F&product=sop&url=https%3A%2F%2Fwww.avantagemaximum.ca%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio...

160 B
688 B

27ms
27ms

XHR
text/plain

54.161.247.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&hostname=www.avantagemaximum.ca&location=%2F&product=sop&url=https%3A%2F%2Fwww.avantagemaximum.ca%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Avantage%20Maximum&cms=unknown&publisher=5ff7eabdea07e80018406785&sop=true&version=st_sop.js&lang=en&description=La%20conception%20d%E2%80%99un%20r%C3%A9gime%20d%E2%80%99avantages%20sociaux%20peut%20repr%C3%A9senter%20un%20d%C3%A9fi.%20Si%20vous%20voulez%20offrir%20des%20avantages%20concurrentiels%20pour%20attirer%20les%20meilleurs%20candidats%20et%20conserver%20les%20employ%C3%A9s%20les%20plus%20talentueux%2C%20profiter%20de%20co%C3%BBts%20g%C3%A9rables%20et%20coh%C3%A9rents%20et%20avoir%20davantage%20de%20contr%C3%B4le%2C%20nous%20pouvons%20vous%20aider.&samesite=None

Requested by

Host: www.avantagemaximum.ca
URL: https://www.avantagemaximum.ca/

Protocol

HTTP/1.1

Server

54.161.247.27 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-247-27.compute-1.amazonaws.com

Software

Resource Hash

c5f76f240d28aef8e419f9ffb8537b1b9d53acca10c4028cc38bbf8b674d2db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:45:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.avantagemaximum.ca
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 160
Stid: ZHoADWGdGscAAAALBdFEAw==

Redirect headers

Date: Tue, 23 Nov 2021 16:45:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.avantagemaximum.ca
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?event=pview&hostname=www.avantagemaximum.ca&location=%2F&product=sop&url=https%3A%2F%2Fwww.avantagemaximum.ca%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Avantage%20Maximum&cms=unknown&publisher=5ff7eabdea07e80018406785&sop=true&version=st_sop.js&lang=en&description=La%20conception%20d%E2%80%99un%20r%C3%A9gime%20d%E2%80%99avantages%20sociaux%20peut%20repr%C3%A9senter%20un%20d%C3%A9fi.%20Si%20vous%20voulez%20offrir%20des%20avantages%20concurrentiels%20pour%20attirer%20les%20meilleurs%20candidats%20et%20conserver%20les%20employ%C3%A9s%20les%20plus%20talentueux%2C%20profiter%20de%20co%C3%BBts%20g%C3%A9rables%20et%20coh%C3%A9rents%20et%20avoir%20davantage%20de%20contr%C3%B4le%2C%20nous%20pouvons%20vous%20aider.&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 862
Stid: ZHoADWGdGscAAAALBdFEAw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 72ms
42ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZCRW9B0KR7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62900320-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45da675437fa70e2d22dc0e7fdd29ec31fed6169fe81a1b81dc95d970eea2bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61787
x-xss-protection: 0
expires: Tue, 23 Nov 2021 16:45:59 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
2 KB 103ms
65ms Fetch
application/json 104.26.10.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.avantagemaximum.ca%2F&s=161874

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dee1d969f851c5fb97cf344c506274c7c046aecb47e3fd397165a739f9982a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:45:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.avantagemaximum.ca
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX0PdgomRUWoupTK4cQIWhvZcMrV8z4ou8UrNB%2FjX3bAhqqciXz%2BFFjs0n0eLz7Sx6aKaLnRWrPoYnoVXXBskk%2FgyBCyBrzuNsqtUHbtLB6edmmFhq6M%2Bp0uq5JN8n5oivJyzwV7CahCtg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6b2bdeff7b6cca4b-YUL
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

POST
H2 204 collect
www.google-analytics.com/g/ 0
176 B 86ms
36ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZCRW9B0KR7&gtm=2oeba1&_p=597886587&sr=1600x1200&ul=en-us&cid=866872064.1637685960&_s=1&dl=https%3A%2F%2Fwww.avantagemaximum.ca%2F&dt=Avantage%20Maximum&sid=1637685959&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZCRW9B0KR7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avantagemaximum.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:45:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avantagemaximum.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
22ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62900320-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1444
date: Tue, 23 Nov 2021 16:21:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Nov 2021 18:21:55 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 124ms
30ms Script
application/javascript 184.84.67.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=www.avantagemaximum.ca&rnd=1637685959667

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.84.67.154 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-84-67-154.deploy.static.akamaitechnologies.com

Software

Resource Hash

ea9bdeb739169e5327dfef83eca93363e33c5171f1a6937c5ea49a7903612e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:45:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 23 Nov 2021 17:45:59 GMT

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame F846 287 KB
92 KB 116ms
76ms Script
application/javascript 13.225.66.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=6ea758b
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 655f9cbe75c1c5210189d35ebbedda6cfc19f5834ec742aeb8e666339ed4eca2

Request headers

Referer
Origin: https://www.avantagemaximum.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:46:00 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
etag: W/"49c52a71719229156fdc34187d349e14"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
x-amz-cf-id: FF69144h15SFEpHH3nnVuUMZKyjv_Ci3Hb9VIFnAqufQSdKGFrunwQ==
via: 1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 63ms
36ms XHR
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=597886587&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avantagemaximum.ca%2F&ul=en-us&de=UTF-8&dt=Avantage%20Maximum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=371406880&gjid=1031512349&cid=866872064.1637685960&tid=UA-62900320-1&_gid=697322438.1637685960&_r=1&gtm=2ouba1&z=1473596149

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avantagemaximum.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:45:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avantagemaximum.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame B433 2 KB
1 KB 32ms
31ms Document
text/html 184.84.67.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.sharethis.com/a/t_.htm?ver=1.735.22334&cid=c010&cls=B
Requested by: Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=www.avantagemaximum.ca&rnd=1637685959667
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.67.154 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-67-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e4f9d7fde5787c92980915087552b3e30136c1789a075a5ed53f803cb68148d9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/

Response headers

Content-Length: 1143
Cache-Control: max-age=604800
Expires: Tue, 30 Nov 2021 16:45:59 GMT
Date: Tue, 23 Nov 2021 16:45:59 GMT
Connection: keep-alive
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 134ms
53ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62900320-1&cid=866872064.1637685960&jid=371406880&gjid=1031512349&_gid=697322438.1637685960&_u=YADAAUAAAAAAAC~&z=1976124092

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avantagemaximum.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Nov 2021 16:45:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.avantagemaximum.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.735.22334/a/CA/ Frame 0B29 23 KB
10 KB 39ms
34ms Script
text/javascript 184.84.67.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.sharethis.com/1.735.22334/a/CA/t_.js?cid=c010&cls=B
Requested by: Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.735.22334&cid=c010&cls=B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.67.154 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-67-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 61afd211d4db15e14dcacf1096b6cb29bc56144ca6f8bfd92dafaa4aac6ab177

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.735.22334&cid=c010&cls=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:45:59 GMT
Content-Encoding: gzip
X-Robots-Tag: noindex, nofollow
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: max-age=604800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 9516
Expires: Tue, 30 Nov 2021 16:45:59 GMT

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 21ms
20ms Image
image/png 13.225.66.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:32:45 GMT
via: 1.1 bd729a625f24d9635dc350a79fc561b4.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 14:06:54 GMT
server: AmazonS3
age: 29595
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C1
accept-ranges: bytes
content-length: 1283
x-amz-cf-id: A9LwV9POCBPAZHptpd9T7q8dbOGNprBDXJiTmC7WCBCycwmqLXW56Q==

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 21ms
21ms Image
image/png 13.225.66.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:32:45 GMT
via: 1.1 bd729a625f24d9635dc350a79fc561b4.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
age: 29595
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C1
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: hs8ek1mQcaRaYwjha5SwGzqYeWv-y3SqcXETpqXyZKKGqitQJemTBA==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
617 B 21ms
21ms Image
image/png 13.225.66.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:32:45 GMT
via: 1.1 bd729a625f24d9635dc350a79fc561b4.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
age: 29595
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C1
accept-ranges: bytes
content-length: 277
x-amz-cf-id: a4dcsAYujY2zp6y28BlP7V852YFsL-o2aAx3GsnYZbTn2KG2kPKWKQ==

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 0B29
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=fe5b7ba050d74f2869f96f323967199e

42 B
297 B

103ms
27ms

Image
image/gif

34.228.105.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=fe5b7ba050d74f2869f96f323967199e

Protocol

HTTP/1.1

Server

34.228.105.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-228-105-212.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 23 Nov 2021 16:46:00 GMT
Content-Length: 42
Stid: ZHoADWGdGscAAAALBdFEAw==
Content-Type: image/gif

Redirect headers

date: Tue, 23 Nov 2021 16:46:00 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=fe5b7ba050d74f2869f96f323967199e
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

lotame
sync.sharethis.com/int/ Frame 0B29
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHoADWGdGscAAAALBdFEAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHoADWGdGscAAAALBdFEAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
https://sync.sharethis.com/int/lotame?uid=c1e2ea11e20dc5b7a868260f634f2a23&gdpr=0&gdpr_consent=

42 B
297 B

95ms
27ms

Image
image/gif

34.228.105.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/int/lotame?uid=c1e2ea11e20dc5b7a868260f634f2a23&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.228.105.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-228-105-212.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 23 Nov 2021 16:46:00 GMT
Content-Length: 42
Stid: ZHoADWGdGscAAAALBdFEAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:46:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.sharethis.com/int/lotame?uid=c1e2ea11e20dc5b7a868260f634f2a23&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.40.47.165
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame 0B29 0
344 B 243ms
154ms Image
text/plain 52.3.138.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-138-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:46:00 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 0B29
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=f3ceef5f-8c21-44f5-8192-c72f4cc06ade&gdpr=0&gdpr_consent=

42 B
297 B

103ms
26ms

Image
image/gif

34.228.105.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=f3ceef5f-8c21-44f5-8192-c72f4cc06ade&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.228.105.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-228-105-212.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 23 Nov 2021 16:46:00 GMT
Content-Length: 42
Stid: ZHoADWGdGscAAAALBdFEAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:46:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=f3ceef5f-8c21-44f5-8192-c72f4cc06ade&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 0B29
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHoADWGdGscAAAALBdFEAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3623212817966956545
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyMzIxMjgxNzk2Njk1NjU0NRAAGg0IyLX0jAYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=54fd93c19895606b1b9719c7b51497584ab3686630ceaf79b2716026fadfb957f4cb09cee1a4f8eb&person_id=3623212817966956545&eid=50082

43 B
312 B

24ms
24ms

Image
image/gif

54.85.224.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=54fd93c19895606b1b9719c7b51497584ab3686630ceaf79b2716026fadfb957f4cb09cee1a4f8eb&person_id=3623212817966956545&eid=50082
Protocol: HTTP/1.1
Server: 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-224-115.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:45:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 24 Nov 2021 11:46:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 16:46:00 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=54fd93c19895606b1b9719c7b51497584ab3686630ceaf79b2716026fadfb957f4cb09cee1a4f8eb&person_id=3623212817966956545&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

drawbridge
sync.sharethis.com/ Frame 0B29
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHoADWGdGscAAAALBdFEAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHoADWGdGscAAAALBdFEAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://sync.sharethis.com/drawbridge?uid=db72057a0662b2770eda0e03256f1be2

42 B
297 B

98ms
26ms

Image
image/gif

34.228.105.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/drawbridge?uid=db72057a0662b2770eda0e03256f1be2

Protocol

HTTP/1.1

Server

34.228.105.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-228-105-212.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 23 Nov 2021 16:46:00 GMT
Content-Length: 42
Stid: ZHoADWGdGscAAAALBdFEAw==
Content-Type: image/gif

Redirect headers

date: Tue, 23 Nov 2021 16:46:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://sync.sharethis.com/drawbridge?uid=db72057a0662b2770eda0e03256f1be2
cf-ray: 6b2bdf024aba7148-YUL
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 80ms
39ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62900320-1&cid=866872064.1637685960&jid=371406880&_u=YADAAUAAAAAAAC~&z=1373594162

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 87ms
37ms Image
image/gif 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62900320-1&cid=866872064.1637685960&jid=371406880&_u=YADAAUAAAAAAAC~&z=1373594162

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 21ms
21ms Stylesheet
text/css 13.225.66.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=6ea758b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.avantagemaximum.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:32:45 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
age: 29596
etag: W/"7144eaceff0b31347712515a6116074e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bd729a625f24d9635dc350a79fc561b4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: YSznA2iSeAGme_VA7T8ttol3FJVFOSxUqvZxG7mM4mPaCO9boQ83vA==

GET
BLOB 200
OK b31923d6-23e3-494d-9426-62f6fb144022
https://www.avantagemaximum.ca/ Frame F846 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avantagemaximum.ca/b31923d6-23e3-494d-9426-62f6fb144022
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK 20f944c7-9512-4ce1-8bb9-b4600d78603c
https://www.avantagemaximum.ca/ Frame F846 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avantagemaximum.ca/20f944c7-9512-4ce1-8bb9-b4600d78603c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 31224

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.avantagemaximum.ca/	1970-01-19 23:30:45	Name: CAKEPHP Value: n75lpqpg1kptjadkoa1rd24e66
.sharethis.com/	1970-01-20 07:40:21	Name: __stid Value: ZHoADWGdGscAAAALBdFEAw==
.sharethis.com/	1970-01-20 07:40:21	Name: __stidv Value: 2
.avantagemaximum.ca/	1970-01-20 16:25:57	Name: _ga_ZCRW9B0KR7 Value: GS1.1.1637685959.1.0.1637685959.0
.avantagemaximum.ca/	1970-01-20 07:40:21	Name: fpestid Value: Mjy3eU2o_m7QiQ7djmZvRXCrsBkJyYHsYwnkvLVF_D6xqCfzf9QR_a4DB3ryDpnrwyGF_Q
.avantagemaximum.ca/	1970-01-20 16:25:57	Name: _ga Value: GA1.2.866872064.1637685960
.avantagemaximum.ca/	1970-01-19 22:56:12	Name: _gid Value: GA1.2.697322438.1637685960
.avantagemaximum.ca/	1970-01-19 22:54:46	Name: _gat_gtag_UA_62900320_1 Value: 1
.avantagemaximum.ca/	1970-01-20 16:25:57	Name: _lo_uid Value: 161874-1637685959637-d163ac0406c1b7eb
.avantagemaximum.ca/	1970-01-19 22:54:46	Name: _lorid Value: 161874-1637685959637-7a9b555a8b637fee
.avantagemaximum.ca/	1970-01-20 07:40:21	Name: _lo_v Value: 1
.avantagemaximum.ca/	1970-01-20 03:13:57	Name: __lotl Value: https%3A%2F%2Fwww.avantagemaximum.ca%2F
.t.sharethis.com/	1970-01-19 23:37:57	Name: pxcelPage_default_c010_B Value: 0_6_1637685959950
.adsrvr.org/	1970-01-20 07:40:21	Name: TDID Value: f3ceef5f-8c21-44f5-8192-c72f4cc06ade
.exelator.com/	1970-01-20 01:47:33	Name: EE Value: "fe5b7ba050d74f2869f96f323967199e"
.adsymptotic.com/	1970-01-20 01:04:21	Name: U Value: db72057a0662b2770eda0e03256f1be2
.adsrvr.org/	1970-01-20 07:40:21	Name: TDCPM Value: CAEYBSABKAIyCwiii43d7qqXOhAFOAE.
.exelator.com/	1970-01-20 01:47:33	Name: ud Value: "eJxrXxzq6XKLQSEt1TTJPCnRwNQgxdwkzcjCzDLN0izN2MjY0szc0NIydXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiZ8fFRSlpDItKik8F71t2AwBwaypi"
.ml314.com/	1970-01-20 07:40:21	Name: pi Value: 3623212817966956545
.crwdcntrl.net/	1970-01-20 05:23:31	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 05:23:31	Name: _cc_id Value: c1e2ea11e20dc5b7a868260f634f2a23
.crwdcntrl.net/	1970-01-20 05:23:33	Name: _cc_cc Value: "ACZ4XmNQSDZMNUpNNASSBinJpknmiRZmFkZmBmlmxiZpRolGxgxAkDhX6gSIhgIAWiIKsA%3D%3D"
.crwdcntrl.net/	1970-01-20 05:23:33	Name: _cc_aud Value: "ABR4XmNgYGBInCt1AkhBAQAXKQHh"
.rlcdn.com/	1970-01-20 07:40:21	Name: rlas3 Value: W/7UfxU55wdQwu216e37E359vTka3pSNDPcRxvaWlAg=
.eyeota.net/	1970-01-19 22:54:46	Name: SERVERID Value: 19778~DM
.rlcdn.com/	1970-01-20 00:21:09	Name: pxrc Value: CMi19IwGEgUI6AcQABIFCNtOEAA=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
buttons-config.sharethis.com
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
l.sharethis.com
loadus.exelator.com
match.adsrvr.org
ml314.com
p.adsymptotic.com
platform-api.sharethis.com
ps.eyeota.net
settings.luckyorange.net
stats.g.doubleclick.net
sync.sharethis.com
t.sharethis.com
www.avantagemaximum.ca
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
104.18.102.194
104.26.10.16
13.225.63.3
13.225.66.82
15.197.193.217
158.85.93.203
184.84.67.154
2600:9000:21da:9400:c:abe:f440:93a1
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::2003
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81e::2004
2607:f8b0:4006:823::2003
2607:f8b0:4023:1404::9a
34.228.105.212
35.190.60.146
52.0.156.250
52.200.255.88
52.3.138.212
54.161.247.27
54.85.224.115
08007c45e60fff2072e7bb4cd41b246b563b3aebee47aece11aaa1f7ab7acb6a
26ce05e94092c966bc532c176c5cb0cb1c01e03beccacae64960f5d76f39ab7a
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784
45da675437fa70e2d22dc0e7fdd29ec31fed6169fe81a1b81dc95d970eea2bd3
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
4918154c820fefb88d8ec53131f89e38754e8f0fade5fb29721dc20812cb2b21
4955ee194e4174cbaf4e99f71e97e2a0ae09189dd92968c38235c6ad4ebf33ee
503000805e5eae19ee2196e05fb7b92cda21c613ac489265835603ab8a992e55
5bb79ff1961fa0c5efee70c75fefb63ae504a5e4f3a687f65125b5dc01437abc
5cf27e0e31db874d77562c910f5a0eca1f37b32fde3dd4c2c5503a560ce40921
61afd211d4db15e14dcacf1096b6cb29bc56144ca6f8bfd92dafaa4aac6ab177
655f9cbe75c1c5210189d35ebbedda6cfc19f5834ec742aeb8e666339ed4eca2
6d17e2e0723b33582629f79df34bdb314f88021e4869481dc7f2c3c186efd004
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
91da452b882072627d1eecc8de12f95f685c20fc6571aa9b21100332fcd5539b
9645d13ca2496453199dbcae6961f5a39a1dac80d39bd54af5244f27451f527f
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
9b56eec9b97291f634e2b59854d56cc5284fcc8ae21db3343f38c0150cff7f85
9d85410ea24345ff3a535604d5ea7ff64669f034c55e6eb7f1d4cc7ed4bb4438
9dee1d969f851c5fb97cf344c506274c7c046aecb47e3fd397165a739f9982a8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c24b07bcdbc274e8c65e199a58e8de1d176e06a5581d4eb24fa72402261503
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2463e874a11bee20598953dc4e00b75cb524ed9b0cb99c047490dacbd64abed
c28a29ec4f308a17feb78060778c4ec45185865b4893b0fc51eddbcad85f9b24
c399398902df08f2f270e1ef83b60d9f1ae5e470a82107b886b9a9b0aee21cc0
c5f76f240d28aef8e419f9ffb8537b1b9d53acca10c4028cc38bbf8b674d2db6
cb44d5f9862198a35a251f0c9308bb282bb5afd11bef8016aa8863f4d5ba2593
cb65f34acdf5e7ead5d4680a99ca889266d7eddda56d89b9dff38ee199fefd75
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f9d7fde5787c92980915087552b3e30136c1789a075a5ed53f803cb68148d9
ea9bdeb739169e5327dfef83eca93363e33c5171f1a6937c5ea49a7903612e14
ee76296d3876b2972785feb517fb158e1be32fc0dfe3692f44b451eb97ddb77d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e9398261918f5442d9a6f85c34609cb529c73d52d3ce16d818c53616507a3f
fb0df91a7350cbac1afa2987eb8f4b603aa2e99015c9d2b198bc985a4b7b0117
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

www.avantagemaximum.ca Open in urlscan Pro 158.85.93.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

54 Requests

85 %HTTPS

39 %IPv6

18 Domains

23 Subdomains

19 IPs

3 Countries

927 kBTransfer

2066 kBSize

26 Cookies

3 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avantagemaximum.ca Open in urlscan Pro
158.85.93.203 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

85 %
HTTPS

39 %
IPv6

18
Domains

23
Subdomains

19
IPs

3
Countries

927 kB
Transfer

2066 kB
Size

26
Cookies

54 HTTP transactions
0 data transactions