urlscan.io logo urlscan.io
SecurityTrails logo

www.bmoreferral.com Open in urlscan Pro
52.228.42.76  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bmoreferral.com/en-ca/rewards/0.38915889067509135
Effective URL: https://www.bmoreferral.com/en-ca
Submission: On July 20 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 21 domains to perform 53 HTTP transactions. The main IP is 52.228.42.76, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.bmoreferral.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on April 14th 2024. Valid for: 6 months.
This is the only time www.bmoreferral.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of Montreal (Banking)

Domain & IP information

IP Address AS Autonomous System
1 10 52.228.42.76 8075 (MICROSOFT...)
11 104.19.178.52 13335 (CLOUDFLAR...)
1 172.253.115.95 15169 (GOOGLE)
1 72.21.81.200 15133 (EDGECAST)
8 172.253.115.97 15169 (GOOGLE)
1 172.253.115.94 15169 (GOOGLE)
1 172.64.155.119 13335 (CLOUDFLAR...)
1 184.27.8.167 16625 (AKAMAI-AS)
3 204.79.197.237 8068 (MICROSOFT...)
2 2 68.67.160.24 29990 (ASN-APPNEX)
1 34.234.7.86 14618 (AMAZON-AES)
1 157.240.229.35 32934 (FACEBOOK)
2 4 173.194.175.149 15169 (GOOGLE)
2 142.251.111.149 15169 (GOOGLE)
1 216.239.32.181 15169 (GOOGLE)
1 173.194.66.155 15169 (GOOGLE)
1 64.233.180.94 15169 (GOOGLE)
1 151.101.1.140 54113 (FASTLY)
2 13.107.246.40 8075 (MICROSOFT...)
1 23.96.124.68 8075 (MICROSOFT...)
53 20
10    52.228.42.76 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bmoreferral.com
11    104.19.178.52 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
1    72.21.81.200 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
8    172.253.115.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f97.1e100.net
www.googletagmanager.com
1    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
fonts.gstatic.com
1    172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    184.27.8.167 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-27-8-167.deploy.static.akamaitechnologies.com
www.bmo.com
3    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    68.67.160.24 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    34.234.7.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-7-86.compute-1.amazonaws.com
pixel.mediaiqdigital.com
1    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
4    173.194.175.149 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f149.1e100.net
4227502.fls.doubleclick.net
2    142.251.111.149 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f149.1e100.net
ad.doubleclick.net
1    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    173.194.66.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f155.1e100.net
stats.g.doubleclick.net
1    64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f94.1e100.net
www.google.ca
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.clarity.ms
Apex Domain
Subdomains		 Transfer
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
153 KB
10 bmoreferral.com
www.bmoreferral.com
145 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
814 KB
7 doubleclick.net
4227502.fls.doubleclick.net — Cisco Umbrella Rank: 587100
ad.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
1 KB
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
s.clarity.ms — Cisco Umbrella Rank: 8495
27 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
16 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
2 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1969
637 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
63 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 238
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
274 B
1 mediaiqdigital.com
pixel.mediaiqdigital.com — Cisco Umbrella Rank: 22055
82 B
1 bmo.com
www.bmo.com — Cisco Umbrella Rank: 151104
583 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
306 B
1 gstatic.com
fonts.gstatic.com
30 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 5485
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
0 facebook.net Failed
connect.facebook.net Failed
0 taboola.com Failed
cdn.taboola.com Failed
0 evgnet.com Failed
cdn.evgnet.com Failed
0 google-analytics.com Failed
www.google-analytics.com Failed
53 21
Domain Requested by
11 cdn.cookielaw.org www.bmoreferral.com
cdn.cookielaw.org
10 www.bmoreferral.com 1 redirects www.bmoreferral.com
8 www.googletagmanager.com www.bmoreferral.com
www.googletagmanager.com
4 4227502.fls.doubleclick.net 2 redirects www.googletagmanager.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.bmoreferral.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 ad.doubleclick.net www.bmoreferral.com
2 secure.adnxs.com 2 redirects
1 s.clarity.ms www.clarity.ms
1 alb.reddit.com www.bmoreferral.com
1 www.google.ca www.bmoreferral.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.facebook.com www.bmoreferral.com
1 pixel.mediaiqdigital.com www.bmoreferral.com
1 www.bmo.com www.bmoreferral.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 fonts.gstatic.com fonts.googleapis.com
1 az416426.vo.msecnd.net www.bmoreferral.com
1 fonts.googleapis.com www.bmoreferral.com
0 connect.facebook.net Failed www.bmoreferral.com
0 cdn.taboola.com Failed www.googletagmanager.com
0 cdn.evgnet.com Failed www.googletagmanager.com
0 www.google-analytics.com Failed www.googletagmanager.com
53 24

This site contains links to these domains. Also see Links.

Domain
www.bmo.com
bmo.com
www.onetrust.com
Subject Issuer Validity Valid
www.bmoreferral.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-14 -
2024-10-14		 6 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
www.bmo.com
Entrust Certification Authority - L1M		 2024-04-24 -
2025-04-19		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-28 -
2024-07-27		 3 months crt.sh
*.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.ca
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.bmoreferral.com/en-ca
Frame ID: BE0652552C59FCE287A992A8E7EE8632
Requests: 51 HTTP requests in this frame

Frame: https://4227502.fls.doubleclick.net/activityi;dc_pre=CMfsweLStYcDFRAxRAgdWmEFvg;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca
Frame ID: 3BF84345542BCEE47AD91177BBD93296
Requests: 1 HTTP requests in this frame

Frame: https://4227502.fls.doubleclick.net/activityi;dc_pre=CP_-veLStYcDFZozRAgdIJQN8w;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca
Frame ID: E9B3B2A7AA214E8A640B57E1F245D184
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BMO - Refer a friend Program

Page URL History Show full URLs

  1. http://www.bmoreferral.com/en-ca/rewards/0.38915889067509135 HTTP 307
    https://www.bmoreferral.com/en-ca/rewards/0.38915889067509135 HTTP 302
    https://www.bmoreferral.com/en-ca Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

91 %
HTTPS

0 %
IPv6

21
Domains

24
Subdomains

20
IPs

3
Countries

1210 kB
Transfer

4106 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bmoreferral.com/en-ca/rewards/0.38915889067509135 HTTP 307
    https://www.bmoreferral.com/en-ca/rewards/0.38915889067509135 HTTP 302
    https://www.bmoreferral.com/en-ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://secure.adnxs.com/px?id=1268817&seg=22287165&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1268817%26uid%3D%24%7BUID%7D&t=2&gtmcb=1036695475 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1268817%26seg%3D22287165%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1268817%2526uid%253D%2524%257BUID%257D%26t%3D2%26gtmcb%3D1036695475 HTTP 302
  • https://pixel.mediaiqdigital.com/pixel?&pixel_id=1268817&uid=3590056860901420004
Request Chain 39
  • https://4227502.fls.doubleclick.net/activityi;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca HTTP 302
  • https://4227502.fls.doubleclick.net/activityi;dc_pre=CMfsweLStYcDFRAxRAgdWmEFvg;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca
Request Chain 40
  • https://4227502.fls.doubleclick.net/activityi;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca HTTP 302
  • https://4227502.fls.doubleclick.net/activityi;dc_pre=CP_-veLStYcDFZozRAgdIJQN8w;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en-ca
www.bmoreferral.com/
Redirect Chain
  • http://www.bmoreferral.com/en-ca/rewards/0.38915889067509135
  • https://www.bmoreferral.com/en-ca/rewards/0.38915889067509135
  • https://www.bmoreferral.com/en-ca
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d852b703a2590cc2f9dc4d92eece6b527696bdcd3204070e6443ca8a0761b713
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Encoding
gzip
Content-Length
3217
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Jul 2024 12:44:27 GMT
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
123
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Jul 2024 12:44:27 GMT
Location
/en-ca
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
bootstrap.min.css
www.bmoreferral.com/Content/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Content/bootstrap.min.css
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/en-ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 12:44:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
23892
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 10 Nov 2021 14:55:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0b962f43d6d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
portalcss
www.bmoreferral.com/Content/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Content/portalcss?v=0UW-g88-RYcZQ-LRZbHYyTx8mBT2EGIKthNM3j0JAUI1
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
96ba5ce70f3590c2913ffb55226e4999f265200e3ad34edafe0dccef3ae1e984
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/en-ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 12:44:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
2298
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sat, 20 Jul 2024 12:44:27 GMT
Server
Microsoft-IIS/10.0
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Expires
Sun, 20 Jul 2025 12:44:27 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PzcU3Ivp6w0l3AsetHXgNw==
age
78058
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 01:41:45 GMT
server
cloudflare
etag
0x8DCA6CAC818719C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
91efca44-001e-0048-3743-d9a117000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a630af24cc4abee-YYZ
expires
Sat, 20 Jul 2024 15:03:29 GMT
bmo-blue-on-transparent-en.svg
www.bmoreferral.com/Images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bmoreferral.com/Images/bmo-blue-on-transparent-en.svg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da3dc7a279a3f9e10d0beb1f4f0fc4f61cbe517b3bef7954bb1a9412cd242edf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/en-ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 12:44:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
1532
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 02 Aug 2023 14:28:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0e8eb9c4dc5d91:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
jquery-3.5.1.min.js
www.bmoreferral.com/Scripts/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Scripts/jquery-3.5.1.min.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/en-ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 12:44:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
30981
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 10 Nov 2021 14:55:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0b962f43d6d71:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
popper.min.js
www.bmoreferral.com/Scripts/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Scripts/umd/popper.min.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26cb7eb0f46b5b7121960589d947626d174f24e0b8e670c87dadc289989fecbc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/en-ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 12:44:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
7521
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 10 Nov 2021 14:55:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0b962f43d6d71:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
bootstrap.min.js
www.bmoreferral.com/Scripts/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Scripts/bootstrap.min.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/en-ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 12:44:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
14919
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 10 Nov 2021 14:55:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0b962f43d6d71:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;700&display=swap
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/Content/portalcss?v=0UW-g88-RYcZQ-LRZbHYyTx8mBT2EGIKthNM3j0JAUI1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
496bda632b73a0e9b0adc422db3f50f7447cd6c609823d9c4c9e44e64cb583a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jul 2024 12:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 12:44:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Jul 2024 12:44:28 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/063D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:31 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1113
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (cha/063D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b1d7bfd5-c01e-0039-319f-da3bc3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Sat, 20 Jul 2024 13:14:31 GMT
cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9.json
cdn.cookielaw.org/consent/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c811fe292b61f6800de6b1b79ea00ce843651d0384a2db18b46658cc118ddfe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
50341
content-md5
T5Qn45ZNY1w0aiGl+zcqHQ==
content-length
1722
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 19:25:29 GMT
server
cloudflare
etag
0x8DBF110F28117B0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5f693f81-b01e-0077-032d-61ec17000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a630af43f7e39f8-YYZ
expires
Sun, 21 Jul 2024 12:44:28 GMT
gtm.js
www.googletagmanager.com/ 		620 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
273a38a29306c840e1872b4ffc0ee429df890cc685e2c007283f9520348af812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148452
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 12:44:29 GMT
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bmoreferral.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 09:55:47 GMT
x-content-type-options
nosniff
age
10121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30240
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:13:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 09:55:47 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8a630af4fbd1aaee-YYZ
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202311.1.0/ 		427 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f53421fef96a525b5fc208f6a59bd72479f0d9816dba0a416f68ee81d648a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
1EE1PYD7uD6VTAMrTql67g==
age
58687
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
105094
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:10:01 GMT
server
cloudflare
etag
0x8DCA5D34632AA7A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c028eac3-501e-009c-0ebe-d7e837000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a630af53ea9abee-YYZ
en.json
cdn.cookielaw.org/consent/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9/36785973-43cb-4b20-a3a0-6eb662b1481f/ 		54 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9/36785973-43cb-4b20-a3a0-6eb662b1481f/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e54da6b10610514e9e3823d1469e262d91b8d81403420151fbc9b3b7c3484a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3840
content-md5
RLBkvs5a1icrt5XbEwPihA==
content-length
13676
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 19:25:45 GMT
server
cloudflare
etag
0x8DBF110FC2A5A41
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e32645aa-001e-0000-095c-793983000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a630af5a8ed39f8-YYZ
expires
Sun, 21 Jul 2024 12:44:28 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GIzNmS9Em9y5nN4NL57NeA==
age
73044
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:09:52 GMT
server
cloudflare
etag
0x8DCA5D340F5F432
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f69eb641-401e-0083-7663-d83327000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a630af6193a39f8-YYZ
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
I/HbyocCTj1EXVakQLy+jg==
age
10814
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12700
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:09:54 GMT
server
cloudflare
etag
0x8DCA5D3424C62E6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
db5597e8-f01e-00fc-5616-d8ad15000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a630af6193b39f8-YYZ
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
72899
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:10:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
3ce81965-d01e-00a4-593f-d8a96e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8a630af6193c39f8-YYZ
chevron.svg
www.bmo.com/dist/icons/ 		295 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bmo.com/dist/icons/chevron.svg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.27.8.167 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-27-8-167.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f9d2c5473398499dadb19c594ba2198ce209937916cc4e0cce128ebbea9c73c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ua-compatible
IE=edge
date
Sat, 20 Jul 2024 12:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bmo-correlation_request_id
BMO-AK::W4::12f683830ac30a84c83c66cfe760b2ad24cbee5e::0E@ndawcOq8AACgxOPsAAABO
last-modified
Mon, 17 Jul 2023 13:22:46 GMT
strict-transport-security
max-age=31536000 ; preload
vary
Accept-Encoding
x-ihs-timer
D=922 t=1689600679454581
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
must-revalidate, max-age=517
accept-ranges
none
content-length
217
expires
Sat, 20 Jul 2024 12:53:05 GMT
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
67848
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 19:33:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d78c495a-401e-00ee-5b8b-d99909000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8a630af67f70abee-YYZ
heebo-bold-latin.woff2
www.bmoreferral.com/dist/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/dist/fonts/heebo-bold-latin.woff2
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4afd6a93a86c909628b23c45b0ef38749123bdb05d3b15edf80adaa9b46c5fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/en-ca
Origin
https://www.bmoreferral.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 12:44:27 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 30 Nov 2023 19:03:58 GMT
Server
Microsoft-IIS/10.0
ETag
"a23e35f9bf23da1:0"
X-Powered-By
ASP.NET
Content-Type
application/font-woff2
Access-Control-Expose-Headers
Request-Context
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
Content-Length
27868
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
heebo-light-latin.woff2
www.bmoreferral.com/dist/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/dist/fonts/heebo-light-latin.woff2
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4afd6a93a86c909628b23c45b0ef38749123bdb05d3b15edf80adaa9b46c5fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/en-ca
Origin
https://www.bmoreferral.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Jul 2024 12:44:27 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 30 Nov 2023 19:03:58 GMT
Server
Microsoft-IIS/10.0
ETag
"32734f9bf23da1:0"
X-Powered-By
ASP.NET
Content-Type
application/font-woff2
Access-Control-Expose-Headers
Request-Context
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
Content-Length
27868
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
69492
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 19:33:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0728440d-f01e-009a-7800-da1f4f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8a630af689aa39f8-YYZ
bmo-logo.jpg
cdn.cookielaw.org/logos/98762095-86bb-4991-8a83-439cf2d8a682/a731883e-adcd-41fb-99ac-b7af835eaa34/7cc685da-9977-4bda-a285-3f3817b3f753/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/98762095-86bb-4991-8a83-439cf2d8a682/a731883e-adcd-41fb-99ac-b7af835eaa34/7cc685da-9977-4bda-a285-3f3817b3f753/bmo-logo.jpg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd42152dcc9de081c35366cb139f2d5aa5f22322d9fe4dbfc4102624ed268d6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8OzP42JRGu1t1S/qDNIZiA==
age
4796
content-length
4113
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Tue, 18 Jul 2023 06:52:07 GMT
server
cloudflare
etag
0x8DB875B80D63210
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
cbe85f6c-b01e-0093-2cee-9ae289000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a630af6afa4abee-YYZ
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jul 2024 12:44:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
78202
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 01:41:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
2e36fa88-001e-0043-6945-d9b963000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8a630af6afa5abee-YYZ
gtm.js
www.googletagmanager.com/ 		310 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQMKGMM&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8b0a845911a406372c0c01447c85f2c02f5e8cfddad64692769ea1e980f487f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86216
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 12:44:29 GMT
gtm.js
www.googletagmanager.com/ 		225 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6TSMJF&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
36e0da1e4d3ee2e0c21d0547bab1dd6a2b2fcdcb76f721260c7a8752cde9d886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78821
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 12:44:29 GMT
gtm.js
www.googletagmanager.com/ 		422 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56597M9&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d575c01ecd7f02cc51d735cdbc1fa1515cfbdc8a394319923e679351f6d35a21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121127
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 12:44:29 GMT
gtm.js
www.googletagmanager.com/ 		418 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5DQLHF&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
93b03a1a661adfe2d742b66b1968a8c444ae21277629bb18b632fd9ec245d474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121341
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 12:44:29 GMT
gtm.js
www.googletagmanager.com/ 		318 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSS22TJ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
0919f426a608949ab98ec6080fe9625675c74c6e3fbdb7cbebe4281eaf726b78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90832
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 12:44:29 GMT
js
www.googletagmanager.com/gtag/ 		322 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TTVDG2R792&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
cf1466099db29d1d6c228664cec0b02ef6c5b4891a0fcb9769313c4c04655ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106765
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Jul 2024 12:44:29 GMT
analytics.js
www.google-analytics.com/ 		0
0
destination
www.googletagmanager.com/gtag/ 		212 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-4227502&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1e180afcbb82ee2d3c4a74ddb3440ea745109ad8fe1978a029ebec39978bf6b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78168
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 12:44:29 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 20 Jul 2024 12:44:29 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A0A6599680D42F2B81FE210697BF3F3 Ref B: YTO01EDGE0815 Ref C: 2024-07-20T12:44:29Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
evergage.min.js
cdn.evgnet.com/beacon/bankofmontreal/bmodotcom_pbb/scripts/ 		0
0
pixel
pixel.mediaiqdigital.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1268817&seg=22287165&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1268817%26uid%3D%24%7BUID%7D&t=2&gtmcb=1036695475
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1268817%26seg%3D22287165%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1268817%2526uid%253D%2524%257BUID%257D%2...
  • https://pixel.mediaiqdigital.com/pixel?&pixel_id=1268817&uid=3590056860901420004
2 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1268817&uid=3590056860901420004
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Server
34.234.7.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-7-86.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:30 GMT
content-length
2
content-type
application/json; charset=utf-8

Redirect headers

pragma
no-cache
date
Sat, 20 Jul 2024 12:44:30 GMT
an-x-request-uuid
2f8db210-0c5c-463e-ba3e-e0a1b5ab35bd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1268817&uid=3590056860901420004
x-proxy-origin
149.88.16.239; 149.88.16.239; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tr
www.facebook.com/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=540710859736843&ev=PageView&noscript=1&gtmcb=1440592800
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1316, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 20 Jul 2024 12:44:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
tfa.js
cdn.taboola.com/libtrc/unip/1458108/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		0
0
activityi;dc_pre=CMfsweLStYcDFRAxRAgdWmEFvg;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
4227502.fls.doubleclick.net/ Frame 3BF8
Redirect Chain
  • https://4227502.fls.doubleclick.net/activityi;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;ua...
  • https://4227502.fls.doubleclick.net/activityi;dc_pre=CMfsweLStYcDFRAxRAgdWmEFvg;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=6785542...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4227502.fls.doubleclick.net/activityi;dc_pre=CMfsweLStYcDFRAxRAgdWmEFvg;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4227502&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
349
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 12:44:30 GMT
expires
Sat, 20 Jul 2024 12:44:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 12:44:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4227502.fls.doubleclick.net/activityi;dc_pre=CMfsweLStYcDFRAxRAgdWmEFvg;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CP_-veLStYcDFZozRAgdIJQN8w;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
4227502.fls.doubleclick.net/ Frame E9B3
Redirect Chain
  • https://4227502.fls.doubleclick.net/activityi;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;ua...
  • https://4227502.fls.doubleclick.net/activityi;dc_pre=CP_-veLStYcDFZozRAgdIJQN8w;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=3327621...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4227502.fls.doubleclick.net/activityi;dc_pre=CP_-veLStYcDFZozRAgdIJQN8w;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4227502&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 12:44:30 GMT
expires
Sat, 20 Jul 2024 12:44:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 12:44:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4227502.fls.doubleclick.net/activityi;dc_pre=CP_-veLStYcDFZozRAgdIJQN8w;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=4227502;type=ga3600;cat=ga3600;ord=5402201238257;npa=0;auiddc=86652101.1721479469;u28=undefined;ps=1;pcor=678554202;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca?
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.149 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f149.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jul 2024 12:44:29 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"10902626155404251318"}],"aggregatable_trigger_data":[{"filters":[{"14":["8516006"]}],"key_piece":"0xd1771268f50d6abf","source_keys":["12","13","14","15","16","17","18","19","20","21","15693324","15693325","15693326","15693327","18245228","18245229","18245230","18245231","628506812","628506813","628506814","628506815","628624736","628624737","628624738","628624739","628765356","628765357","628765358","628765359","628769836","628769837","628769838","628769839","628887800","628887801","628887802","628887803"]},{"key_piece":"0xd9eda52c72f73bfa","not_filters":{"14":["8516006"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15693324","15693325","15693326","15693327","18245228","18245229","18245230","18245231","628506812","628506813","628506814","628506815","628624736","628624737","628624738","628624739","628765356","628765357","628765358","628765359","628769836","628769837","628769838","628769839","628887800","628887801","628887802","628887803"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15693324":36,"15693325":36,"15693326":36,"15693327":3530,"16":65,"17":65,"18":6356,"18245228":65,"18245229":65,"18245230":65,"18245231":6356,"19":65,"20":65,"21":6356,"628506812":32,"628506813":32,"628506814":32,"628506815":3177,"628624736":32,"628624737":32,"628624738":32,"628624739":3177,"628765356":32,"628765357":32,"628765358":32,"628765359":3177,"628769836":32,"628769837":32,"628769838":32,"628769839":3177,"628887800":32,"628887801":32,"628887802":32,"628887803":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5654767599608321009","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10902626155404251318","filters":[{"14":["8516006"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10902626155404251318","filters":[{"14":["8516006"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10902626155404251318","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10902626155404251318","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4227502"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity;register_conversion=1;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=4227502;type=darid;cat=bmoco000;ord=3290786742434;npa=0;auiddc=86652101.1721479469;u9=undefined;ps=1;pcor=332762149;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca?
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.149 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f149.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jul 2024 12:44:30 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"191154837789207883"}],"aggregatable_trigger_data":[{"filters":[{"14":["10504507"]}],"key_piece":"0xa30f5de2504cf973","source_keys":["12","13","14","15","16","17","18","19","20","21","15693324","15693325","15693326","15693327","18245228","18245229","18245230","18245231","628506812","628506813","628506814","628506815","628624736","628624737","628624738","628624739","628765356","628765357","628765358","628765359","628769836","628769837","628769838","628769839","628887800","628887801","628887802","628887803"]},{"key_piece":"0x3c79c2ae329861a8","not_filters":{"14":["10504507"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15693324","15693325","15693326","15693327","18245228","18245229","18245230","18245231","628506812","628506813","628506814","628506815","628624736","628624737","628624738","628624739","628765356","628765357","628765358","628765359","628769836","628769837","628769838","628769839","628887800","628887801","628887802","628887803"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15693324":36,"15693325":36,"15693326":36,"15693327":3530,"16":65,"17":65,"18":6356,"18245228":65,"18245229":65,"18245230":65,"18245231":6356,"19":65,"20":65,"21":6356,"628506812":32,"628506813":32,"628506814":32,"628506815":3177,"628624736":32,"628624737":32,"628624738":32,"628624739":3177,"628765356":32,"628765357":32,"628765358":32,"628765359":3177,"628769836":32,"628769837":32,"628769838":32,"628769839":3177,"628887800":32,"628887801":32,"628887802":32,"628887803":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"10490315865258192884","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"191154837789207883","filters":[{"14":["10504507"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"191154837789207883","filters":[{"14":["10504507"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"191154837789207883","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"191154837789207883","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4227502"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TTVDG2R792&gtm=45je47h0v875843688z879035940za200zb79035940&_p=1721479468103&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=446221835.1721479470&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721479469&sct=1&seg=0&dl=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca&dt=BMO%20-%20Refer%20a%20friend%20Program&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto&up.DB_Company_ID=(Non-Company%20Visitor)&up.DB_Company_Name=(Non-Company%20Visitor)&up.DB_Website=(Non-Company%20Visitor)&up.DB_Employee_Band=(Non-Company%20Visitor)&up.DB_Revenue_Band=(Non-Company%20Visitor)&up.DB_Industry=(Non-Company%20Visitor)&up.DB_Sub_Industry=(Non-Company%20Visitor)&up.DB_Audience=(Non-Company%20Visitor)&up.DB_Audience_Segment=(Non-Company%20Visitor)&up.DB_City=(Non-Company%20Visitor)&up.DB_State=(Non-Company%20Visitor)&up.DB_Country_Name=(Non-Company%20Visitor)&tfd=2443&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTVDG2R792&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jul 2024 12:44:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TTVDG2R792&cid=446221835.1721479470&gtm=45je47h0v875843688z879035940za200zb79035940&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTVDG2R792&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jul 2024 12:44:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TTVDG2R792&cid=446221835.1721479470&gtm=45je47h0v875843688z879035940za200zb79035940&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=143187735
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jul 2024 12:44:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?id=t2_sfk42czx&event=null&integration=noscript&gtmcb=625162094
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:30 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
5550271.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5550271.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b681fd78c3b8b79af708f0414b368372abd3565a219fe42a74bd0f55a8793f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Sat, 20 Jul 2024 12:44:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 26943168C3904AA5BA8A809DF6C8371C Ref B: YTO01EDGE0815 Ref C: 2024-07-20T12:44:29Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
5550271
www.clarity.ms/tag/uet/ 		838 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5550271?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5550271.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
33963acd51e30910a223efea06af54ae89e2fcdc99978db0b4f3bebfeb115cf5

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Sat, 20 Jul 2024 12:44:30 GMT
x-azure-ref
20240720T124430Z-16b7b6c7db7khzvcczt2fvvmr40000000eqg000000006kxp
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
838
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
0
bat.bing.com/action/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5550271&tm=gtm002&Ver=2&mid=49cd0357-edcf-43be-832c-fb821de931ac&sid=ce8333c0469511efa3725da183c3ac24&vid=ce836f20469511ef98c947e103cf6fb7&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=BMO%20-%20Refer%20a%20friend%20Program&p=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca&r=&lt=714&evt=pageLoad&sv=1&cdb=AQET&rn=685170
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/en-ca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 20 Jul 2024 12:44:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C941ABFFC9E14DE3AC386DB1E685EE21 Ref B: YTO01EDGE0815 Ref C: 2024-07-20T12:44:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5550271?insights=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:44:30 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240720T124430Z-16b7b6c7db7khzvcczt2fvvmr40000000eqg000000006kxq
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
19a40f54-801e-0015-1438-d83968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
s.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bmoreferral.com
Date
Sat, 20 Jul 2024 12:44:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
cdn.evgnet.com
URL
https://cdn.evgnet.com/beacon/bankofmontreal/bmodotcom_pbb/scripts/evergage.min.js
Domain
cdn.taboola.com
URL
https://cdn.taboola.com/libtrc/unip/1458108/tfa.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of Montreal (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| appInsights function| OptanonWrapper object| dataLayer function| $ function| jQuery function| Popper object| bootstrap string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| setCookie function| getParam function| onYouTubeIframeAPIReady object| __tfa_pixel_init object| _tfa function| fbq function| _fbq object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_265d04aa20 object| uetq function| clarity object| clarityuetq object| AI object| Microsoft function| __extends function| _endsWith

23 Cookies

Domain/Path Name / Value
www.bmoreferral.com/ Name: ASP.NET_SessionId
Value: zzzraobuejfjjn12zxijntvb
.www.bmoreferral.com/ Name: ARRAffinity
Value: 896806cac4e5d5e12b304ef679b47b94d6b54029d019793c639b60e7d38471c6
.www.bmoreferral.com/ Name: ARRAffinitySameSite
Value: 896806cac4e5d5e12b304ef679b47b94d6b54029d019793c639b60e7d38471c6
www.bmoreferral.com/ Name: __RequestVerificationToken
Value: gyVrNX8sbBwCsSR06OAiJ9HWUgQTJ_YaImqbbxX0-90i8LBv7cP0VmuF716NouTKgZK_-EyFDgjHFTzT4WWOt3PQWIY1
.bmoreferral.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sat+Jul+20+2024+05%3A44%3A28+GMT-0700+(Pacific+Daylight+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=62ea20c7-c2b6-4d00-921b-a693e7962329&interactionCount=0&landingPath=https%3A%2F%2Fwww.bmoreferral.com%2Fen-ca&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.bmoreferral.com/ Name: _gcl_au
Value: 1.1.86652101.1721479469
.bmoreferral.com/ Name: _ga
Value: GA1.1.446221835.1721479470
.bmoreferral.com/ Name: _ga_TTVDG2R792
Value: GS1.1.1721479469.1.0.1721479469.60.0.0
.doubleclick.net/ Name: ar_debug
Value: 1
.bmoreferral.com/ Name: _uetsid
Value: ce8333c0469511efa3725da183c3ac24
.bmoreferral.com/ Name: _uetvid
Value: ce836f20469511ef98c947e103cf6fb7
.bing.com/ Name: MUID
Value: 23B665F7B36B6F590E467135B2416E63
.bat.bing.com/ Name: MR
Value: 0
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk9lbn2nQPLhKiO3QRPSQQkj-kNtX10GeG-phN9YqVtk5L4HDmELyJb55dlwPQ
www.clarity.ms/ Name: CLID
Value: 75838ee9922543e484557f90e1c9c4fb.20240720.20250720
.adnxs.com/ Name: XANDR_PANID
Value: NqMDbs9RAMSLe-51AXZJD6LatkqwiVOxg-zAq0Ko6lWBtdFYBVMF8XuQstVkm6k3O8l--SD7EeDsPFOW1viueCr2VtVX2rqf6ALL-tL1ceQ.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 3590056860901420004
.bmoreferral.com/ Name: _clck
Value: 1bfm3u0%7C2%7Cfnm%7C0%7C1662
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E?dfTI4J!]tbP6j2F-XstGt!@E.)%)^Hn
.bmoreferral.com/ Name: _clsk
Value: 17p1sn5%7C1721479471225%7C1%7C0%7Cs.clarity.ms%2Fcollect
www.bmoreferral.com/ Name: ai_user
Value: /MdZM|2024-07-20T12:44:31.510Z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4227502.fls.doubleclick.net
ad.doubleclick.net
alb.reddit.com
analytics.google.com
az416426.vo.msecnd.net
bat.bing.com
cdn.cookielaw.org
cdn.evgnet.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
pixel.mediaiqdigital.com
s.clarity.ms
secure.adnxs.com
stats.g.doubleclick.net
www.bmo.com
www.bmoreferral.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.googletagmanager.com
cdn.evgnet.com
cdn.taboola.com
connect.facebook.net
www.google-analytics.com
104.19.178.52
13.107.246.40
142.251.111.149
151.101.1.140
157.240.229.35
172.253.115.94
172.253.115.95
172.253.115.97
172.64.155.119
173.194.175.149
173.194.66.155
184.27.8.167
204.79.197.237
216.239.32.181
23.96.124.68
34.234.7.86
52.228.42.76
64.233.180.94
68.67.160.24
72.21.81.200
0919f426a608949ab98ec6080fe9625675c74c6e3fbdb7cbebe4281eaf726b78
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0b681fd78c3b8b79af708f0414b368372abd3565a219fe42a74bd0f55a8793f7
1e180afcbb82ee2d3c4a74ddb3440ea745109ad8fe1978a029ebec39978bf6b2
26cb7eb0f46b5b7121960589d947626d174f24e0b8e670c87dadc289989fecbc
273a38a29306c840e1872b4ffc0ee429df890cc685e2c007283f9520348af812
33963acd51e30910a223efea06af54ae89e2fcdc99978db0b4f3bebfeb115cf5
36e0da1e4d3ee2e0c21d0547bab1dd6a2b2fcdcb76f721260c7a8752cde9d886
3f9d2c5473398499dadb19c594ba2198ce209937916cc4e0cce128ebbea9c73c
43f53421fef96a525b5fc208f6a59bd72479f0d9816dba0a416f68ee81d648a6
496bda632b73a0e9b0adc422db3f50f7447cd6c609823d9c4c9e44e64cb583a9
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
8b0a845911a406372c0c01447c85f2c02f5e8cfddad64692769ea1e980f487f2
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
93b03a1a661adfe2d742b66b1968a8c444ae21277629bb18b632fd9ec245d474
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
96ba5ce70f3590c2913ffb55226e4999f265200e3ad34edafe0dccef3ae1e984
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
9e54da6b10610514e9e3823d1469e262d91b8d81403420151fbc9b3b7c3484a3
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae
bd42152dcc9de081c35366cb139f2d5aa5f22322d9fe4dbfc4102624ed268d6c
c811fe292b61f6800de6b1b79ea00ce843651d0384a2db18b46658cc118ddfe0
cf1466099db29d1d6c228664cec0b02ef6c5b4891a0fcb9769313c4c04655ef8
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d575c01ecd7f02cc51d735cdbc1fa1515cfbdc8a394319923e679351f6d35a21
d852b703a2590cc2f9dc4d92eece6b527696bdcd3204070e6443ca8a0761b713
da3dc7a279a3f9e10d0beb1f4f0fc4f61cbe517b3bef7954bb1a9412cd242edf
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4afd6a93a86c909628b23c45b0ef38749123bdb05d3b15edf80adaa9b46c5fe
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b