urlscan.io logo urlscan.io
SecurityTrails logo

www.bmoreferral.com Open in urlscan Pro
52.228.42.76  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bmoreferral.com/0.8609393903099949
Effective URL: https://www.bmoreferral.com/0.8609393903099949
Submission: On August 01 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 21 domains to perform 78 HTTP transactions. The main IP is 52.228.42.76, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.bmoreferral.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on April 14th 2024. Valid for: 6 months.
This is the only time www.bmoreferral.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of Montreal (Banking)

Domain & IP information

IP Address AS Autonomous System
9 52.228.42.76 8075 (MICROSOFT...)
11 104.18.87.42 13335 (CLOUDFLAR...)
1 172.253.115.95 15169 (GOOGLE)
1 72.21.81.200 15133 (EDGECAST)
8 172.217.197.97 15169 (GOOGLE)
1 142.251.174.94 15169 (GOOGLE)
1 104.18.28.127 13335 (CLOUDFLAR...)
4 142.251.174.102 15169 (GOOGLE)
3 13.107.21.237 8068 (MICROSOFT...)
2 2 68.67.160.26 29990 (ASN-APPNEX)
1 35.153.224.185 14618 (AMAZON-AES)
5 157.240.229.35 32934 (FACEBOOK)
6 151.101.1.44 54113 (FASTLY)
3 157.240.229.1 32934 (FACEBOOK)
1 23.47.29.117 16625 (AKAMAI-AS)
2 4 209.85.144.149 15169 (GOOGLE)
2 173.194.207.149 15169 (GOOGLE)
2 173.194.204.100 15169 (GOOGLE)
1 142.251.179.156 15169 (GOOGLE)
1 173.194.204.94 15169 (GOOGLE)
2 13.107.246.38 8075 (MICROSOFT...)
1 20.114.189.70 8075 (MICROSOFT...)
1 151.101.65.44 54113 (FASTLY)
8 141.226.124.48 200478 (TABOOLA-AS)
1 141.226.224.32 200478 (TABOOLA-AS)
78 25
9    52.228.42.76 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bmoreferral.com
11    104.18.87.42 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
1    72.21.81.200 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
8    172.217.197.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f97.1e100.net
www.googletagmanager.com
1    142.251.174.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f94.1e100.net
fonts.gstatic.com
1    104.18.28.127 (None, )

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    142.251.174.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f102.1e100.net
www.google-analytics.com
3    13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    68.67.160.26 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    35.153.224.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-224-185.compute-1.amazonaws.com
pixel.mediaiqdigital.com
5    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
6    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
pips.taboola.com
3    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    23.47.29.117 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-29-117.deploy.static.akamaitechnologies.com
www.bmo.com
4    209.85.144.149 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f149.1e100.net
4227502.fls.doubleclick.net
2    173.194.207.149 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f149.1e100.net
ad.doubleclick.net
2    173.194.204.100 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f100.1e100.net
analytics.google.com
1    142.251.179.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f156.1e100.net
stats.g.doubleclick.net
1    173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net
www.google.ca
2    13.107.246.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
1    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
8    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
Apex Domain
Subdomains		 Transfer
16 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1198
psb.taboola.com — Cisco Umbrella Rank: 9372
trc.taboola.com — Cisco Umbrella Rank: 1123
pips.taboola.com — Cisco Umbrella Rank: 2305
trc-events.taboola.com — Cisco Umbrella Rank: 3272
cds.taboola.com — Cisco Umbrella Rank: 2605
38 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
153 KB
9 bmoreferral.com
www.bmoreferral.com
146 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
815 KB
7 doubleclick.net
4227502.fls.doubleclick.net — Cisco Umbrella Rank: 587100
ad.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
1 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
t.clarity.ms — Cisco Umbrella Rank: 8415
27 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
81 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
16 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
2 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
63 B
1 bmo.com
www.bmo.com — Cisco Umbrella Rank: 151104
583 B
1 mediaiqdigital.com
pixel.mediaiqdigital.com — Cisco Umbrella Rank: 22055
82 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
306 B
1 gstatic.com
fonts.gstatic.com
30 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 5485
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
0 liadm.com Failed
i6.liadm.com Failed
0 evgnet.com Failed
cdn.evgnet.com Failed
78 21
Domain Requested by
11 cdn.cookielaw.org www.bmoreferral.com
cdn.cookielaw.org
9 www.bmoreferral.com www.bmoreferral.com
8 trc-events.taboola.com az416426.vo.msecnd.net
8 www.googletagmanager.com www.bmoreferral.com
www.googletagmanager.com
5 www.facebook.com www.bmoreferral.com
4 4227502.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
3 connect.facebook.net www.bmoreferral.com
connect.facebook.net
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.bmoreferral.com
2 trc.taboola.com cdn.taboola.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 analytics.google.com www.googletagmanager.com
2 ad.doubleclick.net www.bmoreferral.com
2 secure.adnxs.com 2 redirects
1 cds.taboola.com az416426.vo.msecnd.net
1 pips.taboola.com az416426.vo.msecnd.net
1 psb.taboola.com cdn.taboola.com
1 t.clarity.ms az416426.vo.msecnd.net
1 www.google.ca www.bmoreferral.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.bmo.com www.bmoreferral.com
1 pixel.mediaiqdigital.com www.bmoreferral.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 fonts.gstatic.com fonts.googleapis.com
1 az416426.vo.msecnd.net www.bmoreferral.com
1 fonts.googleapis.com www.bmoreferral.com
0 i6.liadm.com Failed www.bmoreferral.com
0 cdn.evgnet.com Failed www.googletagmanager.com
78 29

This site contains links to these domains. Also see Links.

Domain
www.bmo.com
bmo.com
www.onetrust.com
Subject Issuer Validity Valid
www.bmoreferral.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-14 -
2024-10-14		 6 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-10 -
2024-08-08		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
www.bmo.com
Entrust Certification Authority - L1M		 2024-04-24 -
2025-04-19		 a year crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.bmoreferral.com/0.8609393903099949
Frame ID: 35BEC924D3552837FCC6398741D5D6C3
Requests: 72 HTTP requests in this frame

Frame: https://4227502.fls.doubleclick.net/activityi;dc_pre=CIWe6fS804cDFfkzRAgdcxMfJw;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949
Frame ID: EB11C24096350E3CCED4C3AE700DCF0B
Requests: 1 HTTP requests in this frame

Frame: https://4227502.fls.doubleclick.net/activityi;dc_pre=CIr_5fS804cDFW-H7gEdSfkkNw;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949
Frame ID: 9616FF14970FDC7931628141A34450CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BMO - Refer a friend Program

Page URL History Show full URLs

  1. http://www.bmoreferral.com/0.8609393903099949 HTTP 307
    https://www.bmoreferral.com/0.8609393903099949 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

96 %
HTTPS

0 %
IPv6

21
Domains

29
Subdomains

25
IPs

3
Countries

1358 kB
Transfer

4591 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bmoreferral.com/0.8609393903099949 HTTP 307
    https://www.bmoreferral.com/0.8609393903099949 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://secure.adnxs.com/px?id=1268817&seg=22287165&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1268817%26uid%3D%24%7BUID%7D&t=2&gtmcb=1742156617 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1268817%26seg%3D22287165%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1268817%2526uid%253D%2524%257BUID%257D%26t%3D2%26gtmcb%3D1742156617 HTTP 302
  • https://pixel.mediaiqdigital.com/pixel?&pixel_id=1268817&uid=1362811513546740487
Request Chain 39
  • https://4227502.fls.doubleclick.net/activityi;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949 HTTP 302
  • https://4227502.fls.doubleclick.net/activityi;dc_pre=CIWe6fS804cDFfkzRAgdcxMfJw;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949
Request Chain 40
  • https://4227502.fls.doubleclick.net/activityi;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949 HTTP 302
  • https://4227502.fls.doubleclick.net/activityi;dc_pre=CIr_5fS804cDFW-H7gEdSfkkNw;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949
Request Chain 66
  • https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c HTTP 303
  • https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&_li_chk=true&previous_uuid=c9d385b0de0c491683350932a922278c HTTP 303
  • https://i6.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.8609393903099949
www.bmoreferral.com/
Redirect Chain
  • http://www.bmoreferral.com/0.8609393903099949
  • https://www.bmoreferral.com/0.8609393903099949
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
63ce7b0cf6aa7414ea265f31cdd9b7365f53bfde7779e18d17334623aef35489
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
5852
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Aug 2024 09:26:30 GMT
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://www.bmoreferral.com/0.8609393903099949
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
www.bmoreferral.com/Content/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Content/bootstrap.min.css
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/0.8609393903099949
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 09:26:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
23892
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 10 Nov 2021 14:55:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0b962f43d6d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
portalcss
www.bmoreferral.com/Content/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Content/portalcss?v=0UW-g88-RYcZQ-LRZbHYyTx8mBT2EGIKthNM3j0JAUI1
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
96ba5ce70f3590c2913ffb55226e4999f265200e3ad34edafe0dccef3ae1e984
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/0.8609393903099949
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 09:26:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
2298
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 01 Aug 2024 09:26:30 GMT
Server
Microsoft-IIS/10.0
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Expires
Fri, 01 Aug 2025 09:26:30 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Wbr2pAeg61Hfi+2FuD0cYA==
age
66169
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Tue, 30 Jul 2024 06:13:33 GMT
server
cloudflare
etag
0x8DCB05EBD67BCB8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2759b695-301e-00c8-3eb1-e202bd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac4c97b0ac639e7-YYZ
expires
Thu, 01 Aug 2024 15:03:41 GMT
bmo-blue-on-transparent-en.svg
www.bmoreferral.com/Images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bmoreferral.com/Images/bmo-blue-on-transparent-en.svg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da3dc7a279a3f9e10d0beb1f4f0fc4f61cbe517b3bef7954bb1a9412cd242edf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/0.8609393903099949
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 09:26:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
1532
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 02 Aug 2023 14:28:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0e8eb9c4dc5d91:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
jquery-3.5.1.min.js
www.bmoreferral.com/Scripts/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Scripts/jquery-3.5.1.min.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/0.8609393903099949
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 09:26:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
30981
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 10 Nov 2021 14:55:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0b962f43d6d71:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
popper.min.js
www.bmoreferral.com/Scripts/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Scripts/umd/popper.min.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26cb7eb0f46b5b7121960589d947626d174f24e0b8e670c87dadc289989fecbc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/0.8609393903099949
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 09:26:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
7521
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 10 Nov 2021 14:55:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0b962f43d6d71:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
bootstrap.min.js
www.bmoreferral.com/Scripts/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/Scripts/bootstrap.min.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/0.8609393903099949
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 09:26:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Powered-By
ASP.NET
Content-Length
14919
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 10 Nov 2021 14:55:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0b962f43d6d71:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=86400,public
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;700&display=swap
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/Content/portalcss?v=0UW-g88-RYcZQ-LRZbHYyTx8mBT2EGIKthNM3j0JAUI1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
496bda632b73a0e9b0adc422db3f50f7447cd6c609823d9c4c9e44e64cb583a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Aug 2024 09:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 09:26:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Aug 2024 09:26:31 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/063D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:31 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
26
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (cha/063D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1e9eb4b1-701e-001b-54f4-e3acca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Thu, 01 Aug 2024 09:56:31 GMT
cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9.json
cdn.cookielaw.org/consent/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c811fe292b61f6800de6b1b79ea00ce843651d0384a2db18b46658cc118ddfe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
33964
content-md5
T5Qn45ZNY1w0aiGl+zcqHQ==
content-length
1722
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 19:25:29 GMT
server
cloudflare
etag
0x8DBF110F28117B0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5f693f81-b01e-0077-032d-61ec17000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac4c97d7e5da1ff-YYZ
expires
Fri, 02 Aug 2024 09:26:31 GMT
gtm.js
www.googletagmanager.com/ 		622 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f43e90bebb7622e5d8e54c77a28e1375a3fd9caa2a5e71743306c5c62d69a3b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148603
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 09:26:31 GMT
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f94.1e100.net
Software
sffe /
Resource Hash
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bmoreferral.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 12:08:21 GMT
x-content-type-options
nosniff
age
76690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30240
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:13:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Jul 2025 12:08:21 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8ac4c980fa1836c7-YYZ
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202311.1.0/ 		427 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f53421fef96a525b5fc208f6a59bd72479f0d9816dba0a416f68ee81d648a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
1EE1PYD7uD6VTAMrTql67g==
age
46798
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
105094
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:10:01 GMT
server
cloudflare
etag
0x8DCA5D34632AA7A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c028eac3-501e-009c-0ebe-d7e837000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac4c9818e1739e7-YYZ
gtm.js
www.googletagmanager.com/ 		310 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQMKGMM&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
93b2a7a900a8489d3112204598af6c4d68015ed5e862fe0670779bfa6745250d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86314
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 09:26:32 GMT
gtm.js
www.googletagmanager.com/ 		226 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6TSMJF&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b4c311ba9667ebf0a4d6ef80dcd8cdfa0c36a5f7bc8f19012758f2a001f91b9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79087
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 09:26:32 GMT
gtm.js
www.googletagmanager.com/ 		423 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56597M9&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
47021342b9fa681c40b30ad033c58ead6799b3c31b55ee725b3eaa02c8b406f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121384
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 09:26:32 GMT
gtm.js
www.googletagmanager.com/ 		420 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5DQLHF&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
db166e0122b98efa973558a904f9c5b4a9b372ac4c6d2e6c5b12dbf2e7fcf231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122000
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 09:26:32 GMT
gtm.js
www.googletagmanager.com/ 		319 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSS22TJ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6ba8863c1ca01ac0522649f8caf1fd6565e0fd71beb1cb2c2e8ebbdc91f6fb43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91028
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 09:26:32 GMT
en.json
cdn.cookielaw.org/consent/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9/36785973-43cb-4b20-a3a0-6eb662b1481f/ 		54 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/cedaa3ae-7b6d-43bc-8f8a-4ca6478763e9/36785973-43cb-4b20-a3a0-6eb662b1481f/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e54da6b10610514e9e3823d1469e262d91b8d81403420151fbc9b3b7c3484a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
52681
content-md5
RLBkvs5a1icrt5XbEwPihA==
content-length
13676
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 19:25:45 GMT
server
cloudflare
etag
0x8DBF110FC2A5A41
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e32645aa-001e-0000-095c-793983000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac4c982cfc8a1ff-YYZ
expires
Fri, 02 Aug 2024 09:26:32 GMT
js
www.googletagmanager.com/gtag/ 		323 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TTVDG2R792&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1c005a238ec67cce498d29aaac4ec75a3602539081981d2b8869dcbc45f5b489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106990
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Aug 2024 09:26:32 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Aug 2024 09:05:37 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1255
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 01 Aug 2024 11:05:37 GMT
destination
www.googletagmanager.com/gtag/ 		214 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-4227502&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e5bd9b86270fb71eacf8e92b96e1bdf77ed38b72fb5cc9005d8167535cea8691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78408
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 09:26:32 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRS4NDK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 01 Aug 2024 09:26:32 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CCADB93767AF48BE92E3920D77C063EE Ref B: YTO01EDGE0712 Ref C: 2024-08-01T09:26:32Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
evergage.min.js
cdn.evgnet.com/beacon/bankofmontreal/bmodotcom_pbb/scripts/ 		0
0
otFlat.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GIzNmS9Em9y5nN4NL57NeA==
age
57640
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:09:52 GMT
server
cloudflare
etag
0x8DCA5D340F5F432
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f69eb641-401e-0083-7663-d83327000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac4c9840814a1ff-YYZ
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
I/HbyocCTj1EXVakQLy+jg==
age
73116
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12700
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:09:54 GMT
server
cloudflare
etag
0x8DCA5D3424C62E6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
db5597e8-f01e-00fc-5616-d8ad15000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac4c9840815a1ff-YYZ
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
57640
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:10:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
3ce81965-d01e-00a4-593f-d8a96e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8ac4c9841819a1ff-YYZ
pixel
pixel.mediaiqdigital.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1268817&seg=22287165&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1268817%26uid%3D%24%7BUID%7D&t=2&gtmcb=1742156617
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1268817%26seg%3D22287165%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1268817%2526uid%253D%2524%257BUID%257D%2...
  • https://pixel.mediaiqdigital.com/pixel?&pixel_id=1268817&uid=1362811513546740487
2 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1268817&uid=1362811513546740487
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Server
35.153.224.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-224-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:36 GMT
content-length
2
content-type
application/json; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:33 GMT
an-x-request-uuid
d99d1a2f-cca2-4eab-a8f3-1019bd23be40
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1268817&uid=1362811513546740487
x-proxy-origin
149.88.16.231; 149.88.16.231; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tr
www.facebook.com/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=540710859736843&ev=PageView&noscript=1&gtmcb=1887856040
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1316, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Aug 2024 09:26:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
tfa.js
cdn.taboola.com/libtrc/unip/1458108/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1458108/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5DQLHF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eefb9ca48f2632dec8edaac12663b527197f7dabd43f28a86992a0bd729abd0e

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
DP7FArPOQYo.xtzorotM1x20UHzLNnPN
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Aug 2024 09:26:36 GMT
x-amz-request-id
ERPF5RR4YA1ADFMD
age
61
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21953
x-amz-id-2
GmMsRm7jwWa3TCEc8KGP7YGdAe1peCwAGk1nl9p5Ldm/UNDRCHsuF8tYLyLFS4toDpDu8259J8U=
x-served-by
cache-yyz4574-YYZ
last-modified
Sun, 28 Jul 2024 12:41:30 GMT
server
AmazonS3
x-timer
S1722504397.757125,VS0,VE1
etag
"7c45a77fe1e0a46e0c991150eb4ae3a9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Aug 2024 09:26:34 GMT
document-policy
force-load-at-top
x-fb-server-load
38
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1316, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
mRhPkhO62vWqfkrhVGecHCsL1H/zjlJGxAK/bo561FfJ9dXGs39xiIqnCJTvpCgrO83LNEq0+6LcqZFqLH9o0A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
chevron.svg
www.bmo.com/dist/icons/ 		295 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bmo.com/dist/icons/chevron.svg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.29.117 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-29-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f9d2c5473398499dadb19c594ba2198ce209937916cc4e0cce128ebbea9c73c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Thu, 01 Aug 2024 09:27:56 GMT
date
Thu, 01 Aug 2024 09:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bmo-correlation_request_id
BMO-AK::W4::12f683830ac30a84c83c66cfe760b2ad24cbee5e::0E@ndawcOq8AACgxOPsAAABO
last-modified
Mon, 17 Jul 2023 13:22:46 GMT
strict-transport-security
max-age=31536000 ; preload
vary
Accept-Encoding
x-ihs-timer
D=922 t=1689600679454581
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
must-revalidate, max-age=82
accept-ranges
none
content-length
217
x-ua-compatible
IE=edge
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
55961
x-ms-lease-status
unlocked
last-modified
Wed, 31 Jul 2024 06:32:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
33bccd68-101e-0018-3a4e-e3be1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8ac4c988885739e7-YYZ
heebo-bold-latin.woff2
www.bmoreferral.com/dist/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/dist/fonts/heebo-bold-latin.woff2
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4afd6a93a86c909628b23c45b0ef38749123bdb05d3b15edf80adaa9b46c5fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/0.8609393903099949
Origin
https://www.bmoreferral.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 09:26:33 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 30 Nov 2023 19:03:58 GMT
Server
Microsoft-IIS/10.0
ETag
"a23e35f9bf23da1:0"
X-Powered-By
ASP.NET
Content-Type
application/font-woff2
Access-Control-Expose-Headers
Request-Context
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
Content-Length
27868
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
heebo-light-latin.woff2
www.bmoreferral.com/dist/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bmoreferral.com/dist/fonts/heebo-light-latin.woff2
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4afd6a93a86c909628b23c45b0ef38749123bdb05d3b15edf80adaa9b46c5fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bmoreferral.com/0.8609393903099949
Origin
https://www.bmoreferral.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 09:26:33 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 30 Nov 2023 19:03:58 GMT
Server
Microsoft-IIS/10.0
ETag
"32734f9bf23da1:0"
X-Powered-By
ASP.NET
Content-Type
application/font-woff2
Access-Control-Expose-Headers
Request-Context
Permissions-Policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges
bytes
Content-Length
27868
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:467f4c7d-6d0b-4e87-9a13-39c9410c46c7
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
517 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
52682
x-ms-lease-status
unlocked
last-modified
Wed, 31 Jul 2024 06:32:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b980cc84-e01e-0049-227a-e3a0ea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8ac4c9890987a1ff-YYZ
bmo-logo.jpg
cdn.cookielaw.org/logos/98762095-86bb-4991-8a83-439cf2d8a682/a731883e-adcd-41fb-99ac-b7af835eaa34/7cc685da-9977-4bda-a285-3f3817b3f753/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/98762095-86bb-4991-8a83-439cf2d8a682/a731883e-adcd-41fb-99ac-b7af835eaa34/7cc685da-9977-4bda-a285-3f3817b3f753/bmo-logo.jpg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd42152dcc9de081c35366cb139f2d5aa5f22322d9fe4dbfc4102624ed268d6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8OzP42JRGu1t1S/qDNIZiA==
age
79305
content-length
4113
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Tue, 18 Jul 2023 06:52:07 GMT
server
cloudflare
etag
0x8DB875B80D63210
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
cbe85f6c-b01e-0093-2cee-9ae289000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac4c98a390639e7-YYZ
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 09:26:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
66315
x-ms-lease-status
unlocked
last-modified
Tue, 30 Jul 2024 06:13:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b01fb8d7-301e-000f-4cb3-e27e7c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8ac4c98a390c39e7-YYZ
activityi;dc_pre=CIWe6fS804cDFfkzRAgdcxMfJw;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=;u...
4227502.fls.doubleclick.net/ Frame EB11
Redirect Chain
  • https://4227502.fls.doubleclick.net/activityi;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=...
  • https://4227502.fls.doubleclick.net/activityi;dc_pre=CIWe6fS804cDFfkzRAgdcxMfJw;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=10968...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4227502.fls.doubleclick.net/activityi;dc_pre=CIWe6fS804cDFfkzRAgdcxMfJw;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4227502&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 09:26:35 GMT
expires
Thu, 01 Aug 2024 09:26:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 09:26:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4227502.fls.doubleclick.net/activityi;dc_pre=CIWe6fS804cDFfkzRAgdcxMfJw;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CIr_5fS804cDFW-H7gEdSfkkNw;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
4227502.fls.doubleclick.net/ Frame 9616
Redirect Chain
  • https://4227502.fls.doubleclick.net/activityi;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;u...
  • https://4227502.fls.doubleclick.net/activityi;dc_pre=CIr_5fS804cDFW-H7gEdSfkkNw;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4227502.fls.doubleclick.net/activityi;dc_pre=CIr_5fS804cDFW-H7gEdSfkkNw;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4227502&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 09:26:35 GMT
expires
Thu, 01 Aug 2024 09:26:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 09:26:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4227502.fls.doubleclick.net/activityi;dc_pre=CIr_5fS804cDFW-H7gEdSfkkNw;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=4227502;type=ga3600;cat=ga3600;ord=5332943065504;npa=0;auiddc=1850993186.1722504392;u28=undefined;ps=1;pcor=1096867747;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949?
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f149.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:33 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"4539548344729845670"}],"aggregatable_trigger_data":[{"filters":[{"14":["8516006"]}],"key_piece":"0x29f6de0479e88bfc","source_keys":["12","13","14","15","16","17","18","19","20","21","15693324","15693325","15693326","15693327","18245228","18245229","18245230","18245231","628506812","628506813","628506814","628506815","628624736","628624737","628624738","628624739","628765356","628765357","628765358","628765359","628769836","628769837","628769838","628769839","628887800","628887801","628887802","628887803"]},{"key_piece":"0xffc280d6fbe67ce2","not_filters":{"14":["8516006"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15693324","15693325","15693326","15693327","18245228","18245229","18245230","18245231","628506812","628506813","628506814","628506815","628624736","628624737","628624738","628624739","628765356","628765357","628765358","628765359","628769836","628769837","628769838","628769839","628887800","628887801","628887802","628887803"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15693324":36,"15693325":36,"15693326":36,"15693327":3530,"16":65,"17":65,"18":6356,"18245228":65,"18245229":65,"18245230":65,"18245231":6356,"19":65,"20":65,"21":6356,"628506812":32,"628506813":32,"628506814":32,"628506815":3177,"628624736":32,"628624737":32,"628624738":32,"628624739":3177,"628765356":32,"628765357":32,"628765358":32,"628765359":3177,"628769836":32,"628769837":32,"628769838":32,"628769839":3177,"628887800":32,"628887801":32,"628887802":32,"628887803":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2557138639083167062","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4539548344729845670","filters":[{"14":["8516006"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"4539548344729845670","filters":[{"14":["8516006"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"4539548344729845670","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"4539548344729845670","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4227502"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity;register_conversion=1;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=4227502;type=darid;cat=bmoco000;ord=2329716876616;npa=0;auiddc=1850993186.1722504392;u9=undefined;ps=1;pcor=87465905;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9181619919z879035940za201zb79035940;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949?
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f149.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:33 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"8493310163924345"}],"aggregatable_trigger_data":[{"filters":[{"14":["10504507"]}],"key_piece":"0x2e57aabe121fc362","source_keys":["12","13","14","15","16","17","18","19","20","21","15693324","15693325","15693326","15693327","18245228","18245229","18245230","18245231","628506812","628506813","628506814","628506815","628624736","628624737","628624738","628624739","628765356","628765357","628765358","628765359","628769836","628769837","628769838","628769839","628887800","628887801","628887802","628887803"]},{"key_piece":"0xc376e45242688dcc","not_filters":{"14":["10504507"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15693324","15693325","15693326","15693327","18245228","18245229","18245230","18245231","628506812","628506813","628506814","628506815","628624736","628624737","628624738","628624739","628765356","628765357","628765358","628765359","628769836","628769837","628769838","628769839","628887800","628887801","628887802","628887803"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15693324":36,"15693325":36,"15693326":36,"15693327":3530,"16":65,"17":65,"18":6356,"18245228":65,"18245229":65,"18245230":65,"18245231":6356,"19":65,"20":65,"21":6356,"628506812":32,"628506813":32,"628506814":32,"628506815":3177,"628624736":32,"628624737":32,"628624738":32,"628624739":3177,"628765356":32,"628765357":32,"628765358":32,"628765359":3177,"628769836":32,"628769837":32,"628769838":32,"628769839":3177,"628887800":32,"628887801":32,"628887802":32,"628887803":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5614420331525277713","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8493310163924345","filters":[{"14":["10504507"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"8493310163924345","filters":[{"14":["10504507"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"8493310163924345","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"8493310163924345","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4227502"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TTVDG2R792&gtm=45je47v0v875843688z879035940za200zb79035940&_p=1722504391164&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1247900796.1722504393&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722504393&sct=1&seg=0&dl=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&dt=BMO%20-%20Refer%20a%20friend%20Program&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto&tfd=3886
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTVDG2R792&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.204.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TTVDG2R792&cid=1247900796.1722504393&gtm=45je47v0v875843688z879035940za200zb79035940&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTVDG2R792&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TTVDG2R792&cid=1247900796.1722504393&gtm=45je47v0v875843688z879035940za200zb79035940&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=467978410
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=952516761&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&ul=en-ca&de=UTF-8&dt=BMO%20-%20Refer%20a%20friend%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACgFK~&jid=2109397076&gjid=2056010623&cid=1247900796.1722504393&tid=UA-117960984-1&_gid=1870642933.1722504393&_r=1&_slc=1&gtm=45He47v0n81MRS4NDKv79035940za200&cd37=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&cd1=1247900796.1722504393&z=1540970158
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=952516761&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&ul=en-ca&de=UTF-8&dt=BMO%20-%20Refer%20a%20friend%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACgFK~&jid=2109397076&gjid=2056010623&cid=1247900796.1722504393&tid=UA-117960984-3&_gid=1870642933.1722504393&_r=1&_slc=1&gtm=45He47v0n81MRS4NDKv79035940za200&cd37=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&cd1=1247900796.1722504393&z=1540970158
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=952516761&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&ul=en-ca&de=UTF-8&dt=BMO%20-%20Refer%20a%20friend%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pages&ea=www.bmoreferral.com&el=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&_u=YCDACEABBAAAACgFKAC~&jid=1462457611&gjid=1392365935&cid=1247900796.1722504393&tid=UA-117960984-3&_gid=1870642933.1722504393&_r=1&_slc=1&gtm=45He47v0n8156597M9v812856349za200zb79035940&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&cd1=1247900796.1722504393&cd8=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&z=1778111365
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
5550271.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5550271.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b681fd78c3b8b79af708f0414b368372abd3565a219fe42a74bd0f55a8793f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 01 Aug 2024 09:26:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2A77FF303C9746B38889318B6A2EBECC Ref B: YTO01EDGE0712 Ref C: 2024-08-01T09:26:33Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
5550271
www.clarity.ms/tag/uet/ 		838 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5550271?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5550271.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2aa0e4201e1f7f53f4d3a55128258583676c00a1a65d333bd4d5bc20e37d9673

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date
Thu, 01 Aug 2024 09:26:34 GMT
x-azure-ref
20240801T092634Z-17fd6bb7c96hs798h27p06cxxw00000009tg000000000ct0
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
838
expires
-1
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5550271&tm=gtm002&Ver=2&mid=3eedcf6a-512f-4006-8397-1448e4da8f21&sid=249544f04fe811efb24d6b29ea806f9a&vid=2495c7504fe811ef8bf81d1332f5f4fa&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=BMO%20-%20Refer%20a%20friend%20Program&p=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&r=&lt=1720&evt=pageLoad&sv=1&cdb=AQET&rn=420519
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Aug 2024 09:26:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B1712CD095E744CAA005D2EC353FA21A Ref B: YTO01EDGE0712 Ref C: 2024-08-01T09:26:33Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5550271?insights=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 09:26:34 GMT
content-encoding
br
last-modified
Fri, 26 Jul 2024 23:49:00 GMT
etag
W/"0x8DCADCD85F8E42A"
vary
Accept-Encoding
x-azure-ref
20240801T092634Z-17fd6bb7c96hs798h27p06cxxw00000009tg000000000ct4
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8f3f2af4-601e-0050-7a2c-e0ec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
1557311084407543
connect.facebook.net/signals/config/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1557311084407543?v=2.9.162&r=stable&domain=www.bmoreferral.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
38ab950a9aea7e520ebd11f80ab6628b33a1bc935ba09b1c3162f8a0b573ec77
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Aug 2024 09:26:34 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16978
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=47, rtx=0, c=64, mss=1316, tbw=64231, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
wz7ovbCVr3Tu4rvyoh7GC9Bmv1IVdyRWQj7G/qX6SYQ7qs3bAN9jr3IY1/6ufgEwnvuM4WNz2M6o5X6IQ76rfA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
t.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bmoreferral.com
Date
Thu, 01 Aug 2024 09:26:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
533995127074294
connect.facebook.net/signals/config/ 		24 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/533995127074294?v=2.9.162&r=stable&domain=www.bmoreferral.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C155%2C185%2C187%2C116%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C139%2C164%2C151%2C112%2C223%2C157%2C113%2C129%2C117%2C146%2C141
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
29356767f7b8367ded8213f67cd5571c6e2677f1fd33d7992d225cc6267a8e58
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Aug 2024 09:26:35 GMT
document-policy
force-load-at-top
x-fb-server-load
22
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4199
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=76, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
ad41uMqSAAvKkjAL/Zlv/1UBoW7ZeYkkvg/0zSwVzTaBrEo/7s43F/CAakNaA4Hm/i00DorQn2llbtzW11Gurg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1557311084407543&ev=PageView&dl=https%3A%2F%2Fwww.bmoreferral.com&rl=&if=false&ts=1722504395033&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1722504395009.2697247299480531&pm=1&hrl=58e028&ler=empty&cdl=API_unavailable&it=1722504394718&coo=false&cs_cc=1&cas=25261823280100394%2C6609723992472338%2C5854830941261661%2C7456892887732651%2C5223769277728022%2C5455142214562599%2C7280950211970070%2C7762512900471093%2C7356374654476261%2C2522910501168420%2C1845846478818312&rqm=GET
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1316, tbw=3186, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Aug 2024 09:26:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1557311084407543&ev=PageView&dl=https%3A%2F%2Fwww.bmoreferral.com&rl=&if=false&ts=1722504395033&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1722504395009.2697247299480531&pm=1&hrl=58e028&ler=empty&cdl=API_unavailable&it=1722504394718&coo=false&cs_cc=1&cas=25261823280100394%2C6609723992472338%2C5854830941261661%2C7456892887732651%2C5223769277728022%2C5455142214562599%2C7280950211970070%2C7762512900471093%2C7356374654476261%2C2522910501168420%2C1845846478818312&rqm=FGET
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x693607305f28f383","source_keys":["1","2"]},{"key_piece":"0x8edacd63c47ae0c7","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:7405484759471263","24:3469884099701182","24:3119395611457872","7830:7405484759471263","7830:3469884099701182","7830:3119395611457872","10853:7405484759471263","10853:3469884099701182","10853:3119395611457872","41:7405484759471263","41:3469884099701182","41:3119395611457872","8046:7405484759471263","8046:3469884099701182","8046:3119395611457872"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 01 Aug 2024 09:26:35 GMT
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398100044787110693", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1316, tbw=3356, tp=-1, tpl=-1, uplat=146, ullat=0
pragma
no-cache
x-fb-debug
5ZlXHZA32buK+zM1CGKBKhngXLbhrK3bHaRuW806W0s4bb2M8NYkvGIOhrGlevlme8ri8Ukur1CX0WOhfX1Eyw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398100044787110693"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=533995127074294&ev=PageView&dl=https%3A%2F%2Fwww.bmoreferral.com&rl=&if=false&ts=1722504395161&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1722504395009.2697247299480531&pm=1&hrl=6fc357&ler=empty&cdl=API_unavailable&it=1722504394718&coo=false&cs_cc=1&cas=7456892887732651%2C7280950211970070%2C7188048337972837%2C5293131224147941&rqm=GET
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4328, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Aug 2024 09:26:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=533995127074294&ev=PageView&dl=https%3A%2F%2Fwww.bmoreferral.com&rl=&if=false&ts=1722504395161&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1722504395009.2697247299480531&pm=1&hrl=6fc357&ler=empty&cdl=API_unavailable&it=1722504394718&coo=false&cs_cc=1&cas=7456892887732651%2C7280950211970070%2C7188048337972837%2C5293131224147941&rqm=FGET
Requested by
Host: www.bmoreferral.com
URL: https://www.bmoreferral.com/0.8609393903099949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdb9327aa159b0c0f","source_keys":["1","2"]},{"key_piece":"0x7efb77221ef60db1","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:6354021644649849","24:5576797275694198","24:3921701284562309","24:3428169073979551","7830:6354021644649849","7830:5576797275694198","7830:3921701284562309","7830:3428169073979551","10853:6354021644649849","10853:5576797275694198","10853:3921701284562309","10853:3428169073979551","41:6354021644649849","41:5576797275694198","41:3921701284562309","41:3428169073979551","8046:6354021644649849","8046:5576797275694198","8046:3921701284562309","8046:3428169073979551"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 01 Aug 2024 09:26:35 GMT
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398100045091603854", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4648, tp=11, tpl=0, uplat=16, ullat=0
pragma
no-cache
x-fb-debug
npnl3s3YLBnPJadxXK5aQwV7PM7TGjtOJgIlKaVD4+/M7JBuo2/2sCd2gCh21C9rHPrNIQiSbAQaf3wDsUYhhg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398100045091603854"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
topics_api
psb.taboola.com/ 		65 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1458108/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 01 Aug 2024 09:26:37 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1722504398.995905,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-served-by
cache-yyz4521-YYZ
json
trc.taboola.com/1458108/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1458108/trc/3/json?tim=1722504396898&data=%7B%22id%22%3A958%2C%22ii%22%3A%22%2F0.8609393903099949%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1722504396873%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Duniversalmccanncanada-bmo-mtg-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0001%2CC0003%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1722504396892%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1458108/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3799073a66f60c6e28dd78a00aa8ea26e35ca46e447c3bcf0155432ee05ec3b8

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
31
date
Thu, 01 Aug 2024 09:26:36 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.0945
x-fastly-to-nlb-rtt
16421
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4574-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1722504397.915743,VS0,VE31
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1458108/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Aug 2024 09:26:36 GMT
x-amz-request-id
6DRRFTMTCRFMRQWQ
age
927
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
RO0CSifk5C1XN3YsmMJ5y7+Rs6aZZaT1YyLZTPXmJN8xM/KIPySbAz91Iw5VoKWgFQoVWhdPTwY=
x-served-by
cache-yyz4574-YYZ
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1722504397.979669,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
19
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
376
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1458108/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Aug 2024 09:26:36 GMT
x-amz-request-id
3C3X7EZMARR95TEE
age
22027
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
EBMD3N3RKm7oNCMfK29sS89SVgP2wcDGNtlLJEwMte2xTNwI6+3H9o+Zdlo2cC3awkBtZcyFwFI=
x-served-by
cache-yyz4574-YYZ
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-timer
S1722504397.979644,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
47
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
9639
json
trc.taboola.com/1458107/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1458107/trc/3/json?tim=1722504396968&data=%7B%22id%22%3A103%2C%22ii%22%3A%22%2F0.8609393903099949%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c%22%2C%22vi%22%3A1722504396873%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Duniversalmccanncanada-bmo-mtg-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0001%2CC0003%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1722504396903%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949%22%2C%22tos%22%3A14%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1458108/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98251a17907886aa256ccc8b98400b23c11129c92bbb87cf33244641de29ba8f

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
35
date
Thu, 01 Aug 2024 09:26:37 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
18679
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4574-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1722504397.981340,VS0,VE35
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
pips.taboola.com/ 		4 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 01 Aug 2024 09:26:40 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-served-by
cache-yyz4527-YYZ
66627
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c
  • https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&_li_chk=true&previous_uuid=c9d385b0de0c491683350932a922278c
  • https://i6.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c
0
0
unip
trc-events.taboola.com/1458107/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1458107/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=0&ssd=1&est=1722504396880&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722504398443&vi=1722504396873&ri=93bb7c9fc1fc42ed646fa13e5a20401d&sd=v2_9748d88d99bc3481a4cb68ba1a751b10_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQu_9YGMmAjeqQMiABKAMwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE&ui=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CC0002%2CC0004%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.bmoreferral.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.bmoreferral.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 01 Aug 2024 09:26:39 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1458107/log/3/ 		0
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1458107/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=0&ssd=1&est=1722504396880&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722504398443&vi=1722504396873&ri=93bb7c9fc1fc42ed646fa13e5a20401d&sd=v2_9748d88d99bc3481a4cb68ba1a751b10_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQu_9YGMmAjeqQMiABKAMwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE&ui=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CC0002%2CC0004%2C&it=JS_PIXEL
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.bmoreferral.com
pragma
no-cache
date
Thu, 01 Aug 2024 09:26:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1458108/log/3/ 		0
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1458108/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1722504396880&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722504398445&vi=1722504396873&ri=d567ceeeaf14b1fd81ecf0185ae82f9b&sd=v2_19bb75a9712c7e0d7a176b6a716781f8_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQvP9YGMmAjeqQMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE&ui=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CC0002%2CC0004%2C&it=JS_PIXEL
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.bmoreferral.com
pragma
no-cache
date
Thu, 01 Aug 2024 09:26:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1458108/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1458108/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1722504396880&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722504398445&vi=1722504396873&ri=d567ceeeaf14b1fd81ecf0185ae82f9b&sd=v2_19bb75a9712c7e0d7a176b6a716781f8_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQvP9YGMmAjeqQMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE&ui=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CC0002%2CC0004%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.bmoreferral.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.bmoreferral.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 01 Aug 2024 09:26:39 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TTVDG2R792&gtm=45je47v0v875843688za200zb79035940&_p=1722504391164&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1247900796.1722504393&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722504393&sct=1&seg=0&dl=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&dt=BMO%20-%20Refer%20a%20friend%20Program&en=scroll&ep.allowLinker=true&ep.cookieDomain=auto&epn.percent_scrolled=90&_et=65&tfd=8965
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TTVDG2R792&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.204.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 09:26:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bmoreferral.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&mbl=ZmFsc2U=
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 01 Aug 2024 09:26:40 GMT
cache-control
no-store
server
nginx
unip
trc-events.taboola.com/1458107/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1458107/log/3/unip?en=pre_d_eng_tb&tos=4558&scd=0&ssd=1&est=1722504396880&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722504401447&vi=1722504396873&ri=93bb7c9fc1fc42ed646fa13e5a20401d&sd=v2_9748d88d99bc3481a4cb68ba1a751b10_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQu_9YGMmAjeqQMiABKAMwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE&ui=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CC0002%2CC0004%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.bmoreferral.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.bmoreferral.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 01 Aug 2024 09:26:41 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1458107/log/3/ 		0
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1458107/log/3/unip?en=pre_d_eng_tb&tos=4558&scd=0&ssd=1&est=1722504396880&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722504401447&vi=1722504396873&ri=93bb7c9fc1fc42ed646fa13e5a20401d&sd=v2_9748d88d99bc3481a4cb68ba1a751b10_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQu_9YGMmAjeqQMiABKAMwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE&ui=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CC0002%2CC0004%2C&it=JS_PIXEL
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.bmoreferral.com
pragma
no-cache
date
Thu, 01 Aug 2024 09:26:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1458108/log/3/ 		0
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1458108/log/3/unip?en=pre_d_eng_tb&tos=4559&scd=0&ssd=1&est=1722504396880&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722504401448&vi=1722504396873&ri=d567ceeeaf14b1fd81ecf0185ae82f9b&sd=v2_19bb75a9712c7e0d7a176b6a716781f8_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQvP9YGMmAjeqQMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE&ui=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CC0002%2CC0004%2C&it=JS_PIXEL
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bmoreferral.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.bmoreferral.com
pragma
no-cache
date
Thu, 01 Aug 2024 09:26:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1458108/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1458108/log/3/unip?en=pre_d_eng_tb&tos=4559&scd=0&ssd=1&est=1722504396880&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722504401448&vi=1722504396873&ri=d567ceeeaf14b1fd81ecf0185ae82f9b&sd=v2_19bb75a9712c7e0d7a176b6a716781f8_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQvP9YGMmAjeqQMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE&ui=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CC0002%2CC0004%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.bmoreferral.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.bmoreferral.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 01 Aug 2024 09:26:41 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.evgnet.com
URL
https://cdn.evgnet.com/beacon/bankofmontreal/bmodotcom_pbb/scripts/evergage.min.js
Domain
i6.liadm.com
URL
https://i6.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of Montreal (Banking)

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| appInsights function| OptanonWrapper object| dataLayer function| $ function| jQuery function| Popper object| bootstrap string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady object| Optanon object| OneTrust string| GoogleAnalyticsObject function| ga function| setCookie function| getParam object| __tfa_pixel_init object| _tfa function| fbq function| _fbq object| gaGlobal object| gaplugins object| gaData function| _ga_originalSendHitTask function| UET function| UET_init function| UET_push object| ueto_16493bb7c7 object| uetq function| clarity object| clarityuetq function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray

33 Cookies

Domain/Path Name / Value
.taboola.com/universalmccanncanada-bmo-mtg-sc/ Name: taboola_session_id
Value: v2_19bb75a9712c7e0d7a176b6a716781f8_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQvP9YGMmAjeqQMiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE
.taboola.com/universalmccanncanada-bmo-edb-sc/ Name: taboola_session_id
Value: v2_9748d88d99bc3481a4cb68ba1a751b10_b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c_1722504396_1722504396_CNawjgYQu_9YGMmAjeqQMiABKAMwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABokKfTisD8_NRPcAE
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxDOGA
.www.bmoreferral.com/ Name: ARRAffinity
Value: 896806cac4e5d5e12b304ef679b47b94d6b54029d019793c639b60e7d38471c6
.www.bmoreferral.com/ Name: ARRAffinitySameSite
Value: 896806cac4e5d5e12b304ef679b47b94d6b54029d019793c639b60e7d38471c6
www.bmoreferral.com/ Name: ai_user
Value: ueTHR|2024-08-01T09:26:31.945Z
.bmoreferral.com/ Name: _gcl_au
Value: 1.1.1850993186.1722504392
.adnxs.com/ Name: XANDR_PANID
Value: X0x6KpIAiAsWd8cFOy4tF9stUz1fi0gwwanvY3qvHvBzs6bz7tVJH9lsfgvWs7_9IOFPGqs9aHmwapbWecSO-sIW_-IkrQ44BtcDpLv7z9o.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1362811513546740487
.bmoreferral.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Aug+01+2024+02%3A26%3A33+GMT-0700+(Pacific+Daylight+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=748dfdfe-f037-4f55-b1a9-c3a8baae8869&interactionCount=0&landingPath=https%3A%2F%2Fwww.bmoreferral.com%2F0.8609393903099949&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2C'!sz^yY!]tbP6j2F-XstGt!@DlF$t[iH
.bmoreferral.com/ Name: _ga
Value: GA1.2.1247900796.1722504393
.bmoreferral.com/ Name: _gid
Value: GA1.2.1870642933.1722504393
.bmoreferral.com/ Name: _gat_UA-117960984-1
Value: 1
.bmoreferral.com/ Name: _gat_UA-117960984-3
Value: 1
.bmoreferral.com/ Name: _ga_TTVDG2R792
Value: GS1.1.1722504393.1.0.1722504393.60.0.0
.doubleclick.net/ Name: ar_debug
Value: 1
www.bmoreferral.com/ Name: ai_session
Value: il5It|1722504393630.6|1722504393630.6
.bmoreferral.com/ Name: _uetsid
Value: 249544f04fe811efb24d6b29ea806f9a
.bmoreferral.com/ Name: _uetvid
Value: 2495c7504fe811ef8bf81d1332f5f4fa
.bing.com/ Name: MUID
Value: 1F43780E73006D15193C6CC072AA6CE5
.bat.bing.com/ Name: MR
Value: 0
www.clarity.ms/ Name: CLID
Value: c0c94dd4382043f2a528546f0b8bdd9d.20240801.20250801
.bmoreferral.com/ Name: _clck
Value: zzjwcu%7C2%7Cfny%7C0%7C1674
.bmoreferral.com/ Name: _fbp
Value: fb.1.1722504395009.2697247299480531
.bmoreferral.com/ Name: _clsk
Value: re4yyj%7C1722504395106%7C1%7C0%7Ct.clarity.ms%2Fcollect
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmPgc_OVRuwKMtcbmodceplfolnmfUW5IkWWh-E2WN4X7eN_u1BVHmVjUyr8Xg
.taboola.com/ Name: t_gid
Value: b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c
.taboola.com/ Name: t_pt_gid
Value: b47ff577-fdb8-486e-b2fe-afb65830172a-tuctda4da4c
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.liadm.com/ Name: lidid
Value: c9d385b0-de0c-4916-8335-0932a922278c

1 Console Messages

Source Level URL
Text
network error URL: https://www.bmoreferral.com/0.8609393903099949
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4227502.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
az416426.vo.msecnd.net
bat.bing.com
cdn.cookielaw.org
cdn.evgnet.com
cdn.taboola.com
cds.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
i6.liadm.com
pips.taboola.com
pixel.mediaiqdigital.com
psb.taboola.com
secure.adnxs.com
stats.g.doubleclick.net
t.clarity.ms
trc-events.taboola.com
trc.taboola.com
www.bmo.com
www.bmoreferral.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.googletagmanager.com
cdn.evgnet.com
i6.liadm.com
104.18.28.127
104.18.87.42
13.107.21.237
13.107.246.38
141.226.124.48
141.226.224.32
142.251.174.102
142.251.174.94
142.251.179.156
151.101.1.44
151.101.65.44
157.240.229.1
157.240.229.35
172.217.197.97
172.253.115.95
173.194.204.100
173.194.204.94
173.194.207.149
20.114.189.70
209.85.144.149
23.47.29.117
35.153.224.185
52.228.42.76
68.67.160.26
72.21.81.200
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0b681fd78c3b8b79af708f0414b368372abd3565a219fe42a74bd0f55a8793f7
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
1c005a238ec67cce498d29aaac4ec75a3602539081981d2b8869dcbc45f5b489
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
26cb7eb0f46b5b7121960589d947626d174f24e0b8e670c87dadc289989fecbc
29356767f7b8367ded8213f67cd5571c6e2677f1fd33d7992d225cc6267a8e58
2aa0e4201e1f7f53f4d3a55128258583676c00a1a65d333bd4d5bc20e37d9673
3799073a66f60c6e28dd78a00aa8ea26e35ca46e447c3bcf0155432ee05ec3b8
38ab950a9aea7e520ebd11f80ab6628b33a1bc935ba09b1c3162f8a0b573ec77
3f9d2c5473398499dadb19c594ba2198ce209937916cc4e0cce128ebbea9c73c
43f53421fef96a525b5fc208f6a59bd72479f0d9816dba0a416f68ee81d648a6
47021342b9fa681c40b30ad033c58ead6799b3c31b55ee725b3eaa02c8b406f5
496bda632b73a0e9b0adc422db3f50f7447cd6c609823d9c4c9e44e64cb583a9
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
63ce7b0cf6aa7414ea265f31cdd9b7365f53bfde7779e18d17334623aef35489
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ba8863c1ca01ac0522649f8caf1fd6565e0fd71beb1cb2c2e8ebbdc91f6fb43
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
93b2a7a900a8489d3112204598af6c4d68015ed5e862fe0670779bfa6745250d
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
96ba5ce70f3590c2913ffb55226e4999f265200e3ad34edafe0dccef3ae1e984
98251a17907886aa256ccc8b98400b23c11129c92bbb87cf33244641de29ba8f
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
9e54da6b10610514e9e3823d1469e262d91b8d81403420151fbc9b3b7c3484a3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b4c311ba9667ebf0a4d6ef80dcd8cdfa0c36a5f7bc8f19012758f2a001f91b9a
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd42152dcc9de081c35366cb139f2d5aa5f22322d9fe4dbfc4102624ed268d6c
c811fe292b61f6800de6b1b79ea00ce843651d0384a2db18b46658cc118ddfe0
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
da3dc7a279a3f9e10d0beb1f4f0fc4f61cbe517b3bef7954bb1a9412cd242edf
db166e0122b98efa973558a904f9c5b4a9b372ac4c6d2e6c5b12dbf2e7fcf231
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4afd6a93a86c909628b23c45b0ef38749123bdb05d3b15edf80adaa9b46c5fe
e5bd9b86270fb71eacf8e92b96e1bdf77ed38b72fb5cc9005d8167535cea8691
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eefb9ca48f2632dec8edaac12663b527197f7dabd43f28a86992a0bd729abd0e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f43e90bebb7622e5d8e54c77a28e1375a3fd9caa2a5e71743306c5c62d69a3b0
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921