www.bloomfin.ca Open in urlscan Pro
3.233.126.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bloomreversemortgage.co/
Effective URL:
https://www.bloomfin.ca/
Submission: On November 14 via api (November 14th 2024, 1:54:16 am UTC) from BE — Scanned from US

Summary HTTP 64 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 29 IPs in 2 countries across 22 domains to perform 64 HTTP transactions. The main IP is 3.233.126.24, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.bloomfin.ca.
TLS certificate: Issued by R10 on October 12th 2024. Valid for: 3 months.

This is the only time www.bloomfin.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
1 1	99.83.190.102 99.83.190.102	16509 (AMAZON-02) (AMAZON-02)
1	3.233.126.24 3.233.126.24	14618 (AMAZON-AES) (AMAZON-AES)
21	104.18.160.117 104.18.160.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1	18.173.219.102 18.173.219.102	() ()
1	13.33.251.68 13.33.251.68	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c07::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::88	15169 (GOOGLE) (GOOGLE)
1	23.59.145.71 23.59.145.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
1	18.173.219.114 18.173.219.114	16509 (AMAZON-02) (AMAZON-02)
1	142.251.163.103 142.251.163.103	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::71	15169 (GOOGLE) (GOOGLE)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:c98	() ()
2	2606:4700:440... 2606:4700:4400::ac40:9251	() ()
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
2	2600:1901:1:7... 2600:1901:1:7c5::	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:d98	() ()
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.241.35 157.240.241.35	32934 (FACEBOOK) (FACEBOOK)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
64	29

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

bloomreversemortgage.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.190.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

bloomfin.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.126.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-126-24.compute-1.amazonaws.com

www.bloomfin.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.18.160.117 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.102 (United States)

ASN- ()
PTR: server-18-173-219-102.jfk52.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.251.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-251-68.jfk50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::88 (Washington, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.59.145.71 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-59-145-71.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-114.jfk52.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c98 (United States)

ASN- ()

io.clickguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9251 (United States)

ASN- ()

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:7c5:: (United States)

ASN15169 (GOOGLE, US)

pixels.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d98 (United States)

ASN- ()

pulse.clickguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

go.bloomfin.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 7512	2 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 722 t.clarity.ms — Cisco Umbrella Rank: 9352 c.clarity.ms — Cisco Umbrella Rank: 1468	30 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 397 c.bing.com — Cisco Umbrella Rank: 214	17 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	370 KB
3	clickguard.com io.clickguard.com — Cisco Umbrella Rank: 95842 pulse.clickguard.com — Cisco Umbrella Rank: 61347	4 KB
3	google.com www.google.com — Cisco Umbrella Rank: 4 analytics.google.com — Cisco Umbrella Rank: 170
3	bloomfin.ca 1 redirects bloomfin.ca www.bloomfin.ca go.bloomfin.ca	12 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 7384	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	213 B
2	spotify.com pixels.spotify.com — Cisco Umbrella Rank: 3617	271 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 171 td.doubleclick.net — Cisco Umbrella Rank: 231	554 B
2	calendly.com assets.calendly.com — Cisco Umbrella Rank: 16308	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	76 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	22 KB
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5918	8 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 478 fonts.googleapis.com — Cisco Umbrella Rank: 55	8 KB
1	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 8102	22 KB
1	gstatic.com fonts.gstatic.com	37 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 4317
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 90
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	32 KB
1	bloomreversemortgage.co 1 redirects bloomreversemortgage.co	296 B
64	22

	Domain	Requested by
21	cdn.prod.website-files.com	www.bloomfin.ca cdn.prod.website-files.com
4	www.googletagmanager.com	www.bloomfin.ca www.googletagmanager.com
3	bat.bing.com	www.bloomfin.ca bat.bing.com
2	c.clarity.ms	1 redirects
2	pi.pardot.com	www.bloomfin.ca pi.pardot.com
2	t.clarity.ms	www.clarity.ms
2	www.facebook.com	www.bloomfin.ca
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	pulse.clickguard.com	io.clickguard.com
2	pixels.spotify.com	pixel.byspotify.com
2	analytics.google.com	www.googletagmanager.com
2	assets.calendly.com	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	widget.trustpilot.com	www.bloomfin.ca widget.trustpilot.com
1	go.bloomfin.ca	pi.pardot.com
1	c.bing.com	1 redirects
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	pixel.byspotify.com	www.bloomfin.ca
1	io.clickguard.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	players.brightcove.net	www.bloomfin.ca
1	www.youtube.com	www.bloomfin.ca
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.bloomfin.ca
1	ajax.googleapis.com	www.bloomfin.ca
1	www.bloomfin.ca
1	bloomfin.ca	1 redirects
1	bloomreversemortgage.co	1 redirects
64	31

This site contains links to these domains. Also see Links.

Domain
bx3b65c7kzm1.bloomfin.ca
welcome.bloomfin.ca
uk.trustpilot.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
www.bloomfin.ca R10	`2024-10-12` - `2025-01-10`	3 months	crt.sh
prod.website-files.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-19` - `2025-04-18`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-23` - `2024-11-21`	3 months	crt.sh
clickguard.com WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
calendly.com WE1	`2024-10-25` - `2025-01-23`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
pixel.byspotify.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.spotify.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-02-04`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
go.bloomfin.ca R11	`2024-09-20` - `2024-12-19`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.bloomfin.ca/
Frame ID: 7CB302575B36FD5A66AEBF9EE32BDDDC
Requests: 57 HTTP requests in this frame

Frame: https://www.youtube.com/embed/b4oT9ny9YSk?rel=0&controls=1&autoplay=0&mute=0&start=0
Frame ID: D66591F562C1D8212C12C5D2AAD22E8A
Requests: 1 HTTP requests in this frame

Frame: https://players.brightcove.net/2226196965001/xj6FdmiBa_default/index.html?videoId=6362060542112
Frame ID: F4BFA61E510D7F9D473078426C0F03A9
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=61027823712445001dfa0e7c
Frame ID: BE259F95EA185715D6B3DE4D3A2735CF
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.bloomfin.ca
Frame ID: 1DCF6324CE6A097986CBE50955019A94
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-B2DC9W4YJZ&gacid=801526446.1731549242&gtm=45je4bc0v883580038z8850351985za200zb850351985&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102077855&z=569358566
Frame ID: 0141BD255DC3CFFEFF65563AED1E7CA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bloom Finance | Reverse Mortgages & Retirement Solutions in Canada

Page URL History Show full URLs

https://bloomreversemortgage.co/ HTTP 301
https://bloomfin.ca/ HTTP 301
https://www.bloomfin.ca/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

47 %
IPv6

22
Domains

31
Subdomains

29
IPs

2
Countries

3120 kB
Transfer

4839 kB
Size

34
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://bx3b65c7kzm1.bloomfin.ca/customer-calculator?skipStart=true
Title: Get started

Search URL Search Domain Scan URL

URL: https://welcome.bloomfin.ca/bloom-card-qualify-me/?_gl=1*15xspvt*_ga*ODE4NjgzMDUyLjE3MDc0OTg1NDU.*_ga_B2DC9W4YJZ*MTcwOTkxNzU0MS4yMy4xLjE3MDk5MTc3NzUuNjAuMC4w
Title: Learn more

Search URL Search Domain Scan URL

URL: https://uk.trustpilot.com/review/bloomfin.ca
Title: Read all Trustpilot reviews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bloomfin.ca/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bloomfinancecompany/?originalSubdomain=ca

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bloomfin.ca/?hl=en-gb

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@bloomfinancecompany

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bloomreversemortgage.co/ HTTP 301
https://bloomfin.ca/ HTTP 301
https://www.bloomfin.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DFDEE283C4FD447DB2555F5D3B0A251A&RedC=c.clarity.ms&MXFR=141447B2CC94642B27345285C8946AEA HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFDEE283C4FD447DB2555F5D3B0A251A&MUID=02B230AA3D0C6FCB03E7259D3C106E1A

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bloomfin.ca/
Redirect Chain

https://bloomreversemortgage.co/
https://bloomfin.ca/
https://www.bloomfin.ca/

35 KB
11 KB

382ms
113ms

Document
text/html

3.233.126.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomfin.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.126.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-126-24.compute-1.amazonaws.com

Software

Resource Hash

bacab678d7310f65209a40b33c0b17f3d229863cdc07556317ad517c31998981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 210950
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 8e235f036dbf0579-IAD
content-encoding: gzip
content-type: text/html
date: Thu, 14 Nov 2024 01:54:00 GMT
last-modified: Mon, 11 Nov 2024 15:18:10 GMT
strict-transport-security: max-age=31536000
surrogate-control: max-age=2147483647
surrogate-key: www.bloomfin.ca 64ecf9b57bce0f7d4787b159 pageId:65c61c1084e2c62876cc8222
vary: Accept-Encoding
x-cluster-name: us-east-1-prod-hosting-red
x-lambda-id: 85aa96a4-b30e-4c27-843b-6f13c5430488

Redirect headers

content-length: 166
content-type: text/html
date: Thu, 14 Nov 2024 01:54:00 GMT
location: https://www.bloomfin.ca/
strict-transport-security: max-age=31536000

GET
H3 200 my-stellar-site-85d6e8.webflow.a946b0602.css
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/css/ 246 KB
37 KB 233ms
93ms Stylesheet
text/css 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/css/my-stellar-site-85d6e8.webflow.a946b0602.css
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b3b86c6264f47dcbd0369a2ced2170ecc91dc349daceb2c93aff34a0306d7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "5753da69833cec3b0b9c7e87e664764e"
x-amz-version-id: xuu1mZBS9uN8xEdmrL..6s0mbm7IJYJS
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: text/css
last-modified: Tue, 01 Oct 2024 23:08:20 GMT
vary: Accept-Encoding
x-amz-id-2: FnPNHRRsf8RPZCAKXnXhOdCd8jZspNGAxnXqljcSZ9LTMTV+ErBG0+ykRtZk+pi1cYIOHQERBwFZPg2RCChqWHTb2/Ymih8diJdJ6RoM3Zs=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: 34E8JWTW9G1GW672
cf-ray: 8e235f04ffb07421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37614
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 201ms
58ms Script
text/javascript 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: gzip
age: 126675
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 14:42:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 14:42:46 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5437
x-xss-protection: 0
server: sffe

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 23 KB
8 KB 214ms
64ms Script
application/x-javascript 18.173.219.102

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.219.102 , United States, ASN (),

Reverse DNS

server-18-173-219-102.jfk52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: gzip
etag: "7d4644d89e45fe92623bdd628e60e8dd"
age: 52302
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: kR9Qsdp3W8uhmc6oPhUvINi5cU9S5Gd4CUJh_iXJRqHqs2R4aX8Gjg==
date: Wed, 13 Nov 2024 11:22:20 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security: max-age=31536000
cache-control: max-age=86400
via: 1.1 19573252c5c774150e1e56391f71cc12.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7350
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
32 KB 211ms
69ms Script
application/javascript 13.33.251.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64ecf9b57bce0f7d4787b159
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.251.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-251-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bloomfin.ca
Referer: https://www.bloomfin.ca/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 8792
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 9-4LwMUOxxYdKH5BIwayxPwRaIEDtpuTdTRnMewmgjjFvNvyPncRaA==
date: Wed, 13 Nov 2024 23:27:30 GMT
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
vary: accept-encoding
cache-control: max-age=84600, must-revalidate
via: 1.1 7d77965d78b3f4565239009cf6e62356.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P10
server: AmazonS3

GET
H3 200 webflow.d6a7620fc.js Show response
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/js/ 312 KB
73 KB 335ms
197ms Script
text/javascript 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/js/webflow.d6a7620fc.js
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6db956a07db08ea20e19755cddaba0402a0972035c97f2adf0ffcac47afea79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "686a7445e87a11c3272f4f87053b97e1"
x-amz-version-id: RPf3vIgJceu2631RybrNbDIoKqXmqNG.
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: text/javascript
last-modified: Tue, 01 Oct 2024 23:08:20 GMT
vary: Accept-Encoding
x-amz-id-2: peowOByobtFLieok3PSK1wN213+VsjvUGE+umn8bEyrcMv89616eLmqoeSwr1yQAJX4VvYBnHzk=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: 34E5R3BP1KXG9GEX
cf-ray: 8e235f04ffb67421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 73932
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 197ms
72ms Stylesheet
text/css 2607:f8b0:4004:c1f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:regular,500,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d25dd2084bcebdb1397e8b593037df9b15a823389e4c0959e69ab60388158ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 01:54:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 01:54:01 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
116 KB 202ms
80ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4

Requested by

Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7dccde77800122145dc0a52d34ba168ccd2a3d532f6c4004e24a8a81fd9dc141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 14 Nov 2024 01:54:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 117795
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 b4oT9ny9YSk
www.youtube.com/embed/ Frame D665 0
0 236ms
121ms Document
text/html 2607:f8b0:4004:c09::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/b4oT9ny9YSk?rel=0&controls=1&autoplay=0&mute=0&start=0

Requested by

Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bloomfin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-JqQ5OOEA-3YDt4MXMMeP3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 01:54:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html
players.brightcove.net/2226196965001/xj6FdmiBa_default/ Frame F4BF 0
0 318ms
83ms Document
text/html 23.59.145.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/2226196965001/xj6FdmiBa_default/index.html?videoId=6362060542112
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.145.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-145-71.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.bloomfin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: public, max-age=112
content-encoding: gzip
content-length: 315945
content-type: text/html; charset=utf-8
date: Thu, 14 Nov 2024 01:54:01 GMT
etag: "5bad1ca40602b50d1a912030c1bff14c"
last-modified: Mon, 29 Jul 2024 18:15:28 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-id-2: cQnPKMiXmPozvm8z86vA+u13NallKUxLDiKAj/Ejv4jNGGcw7j3F+o6pJ86yfGdPLFTxCzu23hw=
x-amz-replication-status: COMPLETED
x-amz-request-id: C66E3QA05Y7D99JH
x-amz-server-side-encryption: AES256
x-amz-version-id: 9VqGjWnKUAF51AMbz2kAKGb3BQ9i5g2b
x-bcov-response-mode: 1
x-cache-hits: 0
x-served-by: cache-chi-klot8100148-CHI
x-timer: S1724679987.372684,VS0,VE99

GET
H3 200 64faccc878a92d721c9397f6_Mask%20Group%2013.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 1 MB
1 MB 97ms
96ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/64faccc878a92d721c9397f6_Mask%20Group%2013.png
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/css/my-stellar-site-85d6e8.webflow.a946b0602.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a2098c596891a4d347db63c1177c70cb4527ffa74b536e88006afa91c034f78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/css/my-stellar-site-85d6e8.webflow.a946b0602.css

Response headers

cf-cache-status: HIT
etag: "ae105ad8cf56c571c27ab42b7443769e"
x-amz-version-id: 3g9TfAXtivjRqQdY1OuNx8SYROwfd4ox
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 08 Sep 2023 07:27:07 GMT
vary: Accept-Encoding
x-amz-id-2: mdMlnyLgnheIyhlKzYdxwy0IyC5C6xtZS18yJfmedGAJ9mo3tsKd/zgZ/65B7OrvdmDV3qgA4oKHWNTX0bhQoNmWBB4Kj9P0f9pmDBWkgss=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTQTASVCDGHRV5J
cf-ray: 8e235f06399c7421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1385630
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64f9859ece29b62dc6bbe9b1_Group%207.svg
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 2 KB
1 KB 104ms
102ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/64f9859ece29b62dc6bbe9b1_Group%207.svg
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 365beece7ca879db44c515fc5d6cced3af7b0ab60e90a35999b1d6e99afa16d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"b4d775145d195604ff3bda7b004b0be8"
x-amz-version-id: UUqCWx6SgMEg0sxIhkXvNqm5FlXeDvzS
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Sep 2023 08:11:12 GMT
vary: Accept-Encoding
x-amz-id-2: MCN6ajfzfmJEShPTjku1lUyMcGpv8hqtBV/BuPrkpikmpo2LU3jeHkL+RQv6sc8cKUYCBwk3rcwCNC+QLev5q+LxhCEXmryRJkbIG9OuoK8=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: TBQVJRTTZ37V1RP8
cf-ray: 8e235f0679df7421-MIA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64facd711f9a1d9a5db98e2e_Mask%20Group%207-p-500.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 115 KB
116 KB 103ms
100ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/64facd711f9a1d9a5db98e2e_Mask%20Group%207-p-500.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2681dbb4ab316ef7a9ba8f3be91b283eacf1f12aca432b0634456d84be1141a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "92e6cdaec5d5c422c20eb6ce46c91216"
x-amz-version-id: Isx_96dUvze_6SOWkEBMtGilm9PgdB8h
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 08 Sep 2023 07:29:58 GMT
vary: Accept-Encoding
x-amz-id-2: IYoxrhVuC9PPaQVCPd4S2UY5AfROIWCj5bLWTybVe93H7+PdsH23gRTOWqNEEQ+zN5MbXSzUt0RzoGqNGYFjuK3RSLtFG0uZdiXW6bP04vc=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTG5225JS8SZGKE
cf-ray: 8e235f0679e27421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 117920
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6513b9e17a8d45c43f1fda38_Pay%20off%20mortgage%20and%20other%20debt.svg
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 1 KB
918 B 98ms
94ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/6513b9e17a8d45c43f1fda38_Pay%20off%20mortgage%20and%20other%20debt.svg
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ae26a5c6ccbe62e971901a539368657ee902fed5ccc4b8f9911329ffdc4a3da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"1c33b1bb65e1c4234c591f1dba1fabf5"
x-amz-version-id: 1k1PHCQaHTyxHpXRKO5gzCxoykMVfu9f
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Sep 2023 05:13:07 GMT
vary: Accept-Encoding
x-amz-id-2: bWWdcG4vz+ZYevpD5SeAaM9C4Kidb8hlaZQR0WXgL6C15NPd2gQWnAaoYGsQEd6i8j5wcewOcYY=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTQGPXJ1DK2TNYV
cf-ray: 8e235f0679e47421-MIA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6513b9e096934fd96a955c30_Cover%20unexpected%20costs%20like%20healthcare.svg
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 746 B
774 B 109ms
106ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/6513b9e096934fd96a955c30_Cover%20unexpected%20costs%20like%20healthcare.svg
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64f9986a5140577c674be53c14c6a86c1e53ef18b7b0907aae684a0a8123f03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2c69913abc992c3f73006c6f21232bdd"
x-amz-version-id: GCrZ4tt2Ay_OfZr5NmAwXAb4OVZsRbXp
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Sep 2023 05:13:07 GMT
vary: Accept-Encoding
x-amz-id-2: voSAKbKzPIjI4ilJlVKs3JcYLqyfsAGh69seu+PKOyRHKmNzc+57dEk4NsBeKJBbgOze114fNLjWjgFjBCMOifZ05dY/sWOEn5GpHJJj92U=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTWETRF0A0QBFGE
cf-ray: 8e235f0679e67421-MIA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6513b9e030e5c0f1f78004cb_Gift%20a%20down%20payment%20to%20a%20loved%20one.svg
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 808 B
827 B 98ms
94ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/6513b9e030e5c0f1f78004cb_Gift%20a%20down%20payment%20to%20a%20loved%20one.svg
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ad1ef51724393a21fc56bb2aaba09844e7c650cbbfe028212afd9a8c91f973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"0547833204eaae3c6762d88738f33c1e"
x-amz-version-id: BI1F57FQ.b97vN72fVw68eNTKJlzAvLB
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Sep 2023 05:13:07 GMT
vary: Accept-Encoding
x-amz-id-2: puPc2bw/y5tPtMuxGNkmdaCUGD3hEtygAZdZGprjzH6P2Mpi2VFucKK0xqnX++WBQt2eQLbq3lk=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTWAYBT69S6WWCE
cf-ray: 8e235f0679e87421-MIA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6513b9e19ce90eda6bfd314c_Manage%20the%20rise%20of%20cost%20of%20living.svg
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 2 KB
1 KB 109ms
104ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/6513b9e19ce90eda6bfd314c_Manage%20the%20rise%20of%20cost%20of%20living.svg
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25ef9e9573c0a0dbde747900deaa6e13fc0c0a858b7d28e5a085e9e30ec07fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"dfefd0ae2a371e3578a716d51c54d153"
x-amz-version-id: sShyrjb0elCXyBW1upBjN9I31nrSyN60
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Sep 2023 05:13:07 GMT
vary: Accept-Encoding
x-amz-id-2: T71BvKDzX4cgb9ZhfXWjp+9X2qg9/6QadQyIA5HJLvKsJ81K2EAHJXQGfqLzn7Kxh0O7EmTIFdo=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTM0THPNW114BDA
cf-ray: 8e235f0679ea7421-MIA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 65a6a4e83ec5cdb22f6c3a2c_ISO%2027001-2013-p-500.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 56 KB
56 KB 248ms
243ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/65a6a4e83ec5cdb22f6c3a2c_ISO%2027001-2013-p-500.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15dea8cafee66c3c28cb4301124d254915679c763b6d46672f17dd7ac3ea3466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "a2f25f614efa78bc2310cb385a86bf1e"
x-amz-version-id: S484zPzd3z0b1uLJerswH8KeFvPZFmU8
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Tue, 16 Jan 2024 15:46:51 GMT
vary: Accept-Encoding
x-amz-id-2: XoY/um/yAJzithdsJrhBTqw1cAm2j9gU+VZnd+rWpksUgDYq/jLVhLM2C4OAvtRmutARdUG0MLkgRx2Aa0AzuX+ubhKsFUoJ21t2Kie73Ik=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTRV89W0952FSHJ
cf-ray: 8e235f0679ed7421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56875
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 65a6a55f7bf4fd58c76aac8d_21972-312_SOC_NonCPA_Blk.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 28 KB
28 KB 109ms
105ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/65a6a55f7bf4fd58c76aac8d_21972-312_SOC_NonCPA_Blk.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db072feaad879d5926c33d223a3bbecb1186ab39ef99c2c08590b08599e81c6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "5ddc1ad40babedf4d972cab6273e9f5b"
x-amz-version-id: qlKBeuF5BbAP3POLgEtPMhnIZKSqKnXC
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Tue, 16 Jan 2024 15:48:48 GMT
vary: Accept-Encoding
x-amz-id-2: /sokO6GjVnzyt8U6nNO5Zd0skQNMRLl4saPShJk1jvJzME7nkWrXEvx/TA14gMc5R1laUANbDh8=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTRW4Y1SSPAJCKJ
cf-ray: 8e235f0679ef7421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28686
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64fad0f8b37f6f9b5afd08a8_sd.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 5 KB
5 KB 98ms
94ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/64fad0f8b37f6f9b5afd08a8_sd.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11a72e50c3ac9ff8cefa28e82bd823299ef57a88b70f3a57990d2a7bd9b8af4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "4bc2656aea34eeb2d3d447449ce2945f"
x-amz-version-id: J8ieeyzCsgWJxsOABD.EnsAT5dw16dAM
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 08 Sep 2023 07:44:58 GMT
vary: Accept-Encoding
x-amz-id-2: Qmw8/ITBoKkw750hD+B9dd/0y4+mCO1cxzROtQRTW/N8BlyKfZEl+5cBGojDCrDsIUeW9EaXAWY=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTR85C9M41NHE8D
cf-ray: 8e235f0679f47421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4717
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64fad0f8181475b3ee531f0c_vg.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 2 KB
3 KB 98ms
94ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/64fad0f8181475b3ee531f0c_vg.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a6d517464d2d9d4b82f1bbcf877b4526bbc5942e2db328c8f2f7e8a40c81aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "9615e2016eaa3c6d1c809db9b86f575a"
x-amz-version-id: 6Pdq.MIRVT4P9X_cI0qy1.wkNIPVbbLq
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 08 Sep 2023 07:44:58 GMT
vary: Accept-Encoding
x-amz-id-2: XMZLCWyx1tu6WlxScSnvO3MSDnJL6LRQq6YY+UGEOiLqltot4+WVj4YLiVDj/eijYwcp9WBRRr6QEAFcMusDjg==
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTG9GQ4B4M7QWAQ
cf-ray: 8e235f0679f67421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2464
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64fad0f8d188fecfe835b063_vf.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 5 KB
5 KB 128ms
124ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/64fad0f8d188fecfe835b063_vf.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4a8e4101c6580ce55d213dfa91408cf5818e3f96f91f919d442775655caad3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "346e9d6c371ce8ff362aa8a39cef67b2"
x-amz-version-id: l3upDLaKKY.18G9xWJspWOMlmOho52_V
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 08 Sep 2023 07:44:59 GMT
vary: Accept-Encoding
x-amz-id-2: pZYyi7nIThcl4N/vLudDpLkmwoJOabsDMwo/2x9tYc+ftWNjMTENCtwm0D7wsxL72nuxQD5VpUopI9I8csQfT3vw6+38zi5pit63MuWhpoY=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTRW3J7FWV5E5TV
cf-ray: 8e235f0679fb7421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4638
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 657c5191127bda112e0d7376_Image%208.svg
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 173 KB
127 KB 252ms
248ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/657c5191127bda112e0d7376_Image%208.svg
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9833973dca8b09a0b5ead87be39425cc9df123cd904491c77c693a2cd727392

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"9f93bf8fee7521b58a933ccee7eb2418"
x-amz-version-id: 1Xyo94TW_t42F5gNXy3fADsNvuKaQKaD
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Dec 2023 13:16:03 GMT
vary: Accept-Encoding
x-amz-id-2: QSyPNhCm8kGm9c+otmiBHHVZMNW8uN5iumlGq53QXGqWxXo8lDUnyX0yCN/03TwrgSi3OeYOnwHWvwH/4Ap7C8OxMYjEjprKZOT+oA7eJlg=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTS03DS68T7ZMVQ
cf-ray: 8e235f0679ff7421-MIA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 655ff2bece0a7b0f3a4e77b1_Image%206%402x.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 14 KB
15 KB 102ms
98ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/655ff2bece0a7b0f3a4e77b1_Image%206%402x.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fe4bd0f8db09f66685280e38109a387995d2c1262b14f1f9a90e89454c5f75c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "57986796bc65d31be3d5d37bd2f41da8"
x-amz-version-id: qV90qxetcsRLaledjllfIS7LrbHlVSGt
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 24 Nov 2023 00:48:01 GMT
vary: Accept-Encoding
x-amz-id-2: EsznzBUGhCrAa2wnXm43n3o6NBfzimjT89NT7qsWjzZH9ERxSdQ9dHU/Nw6t4j9eb/XmudYiJoc=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTMFXP6KNMVVKXQ
cf-ray: 8e235f067a057421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14554
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 655ff2cef3d4df47892a06ac_Image%207%402x.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 8 KB
8 KB 258ms
255ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/655ff2cef3d4df47892a06ac_Image%207%402x.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2941315ec8d012b9fc3a03e8668897ef2a96492293753e74a0703448c6bb81c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "07daa0fd4a612486cacb863cbac88e03"
x-amz-version-id: 2M8uB9A.WrnmmRhYmdtE2ywYhXTAzxpo
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 24 Nov 2023 00:48:16 GMT
vary: Accept-Encoding
x-amz-id-2: rIfStoW7EXQbyujDrId+CMVVZQIxlYnh/dyKcIjzqjbkAKOp2Yo0HPOMSDtB1/xZi0WmqlKvzoKr8jncN2d0Gl0e8v1NuXlG8nyLRWh7GDs=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTMNVCTG8J8M3N7
cf-ray: 8e235f067a067421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7965
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64faccc6a05c08386b359f86_Mask%20Group%208.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 543 KB
544 KB 100ms
97ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/64faccc6a05c08386b359f86_Mask%20Group%208.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce73cfe6c4e0447410d75ef195b5f3ba474e2e4083bb827943de3e2c03469715

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "ac3e2ee6fca8bd2fcdaead3b3b527eab"
x-amz-version-id: N7gyslia3nrchpKmIC7YhUyCggJuwMo6
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 08 Sep 2023 07:27:04 GMT
vary: Accept-Encoding
x-amz-id-2: 8Joxijde8cBnMpK26dxnbyftRBVyJueUd0xdOo23QZQbzLoNo/odtpGUtNHfMrZYMF/i4vBygE3vF7OF9C8+XtP34Dp5rOxY/eFJNOT+nOs=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTM91D95HQBAPER
cf-ray: 8e235f067a097421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 556216
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64f9c5550ac9cda02cfe28a3_Path%2029691.svg
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 454 B
722 B 285ms
282ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/64f9c5550ac9cda02cfe28a3_Path%2029691.svg
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c16087f94368bd67d653e0b46e0116a745fdea03be4cb91d7e3b43d0b5eb7601

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"be61b3d81f814e3634beb57a17c0b188"
x-amz-version-id: Xt9V2FB0oMEA.bYNszbP3x7iUygnR0tL
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Sep 2023 12:43:03 GMT
vary: Accept-Encoding
x-amz-id-2: EBGlvUMLqTmvnGGnYs7WFXYm+rELLs7+XNEE8DfnVnu7K+aFU9OcrXIVGyEggA7NGcpFh+5yELfcogaXm4T+rv5xqFwq6EgpqUi1whplV34=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: TBQH7Q6DFSXWQ26X
cf-ray: 8e235f067a0b7421-MIA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 657c51bf989b414774ba2ccc_Group%2090.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 97 KB
98 KB 286ms
283ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/657c51bf989b414774ba2ccc_Group%2090.png
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a8ab391d3116e1786d0de28fed67ffa95d1c36c179583fff70206f3504b463

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "01687553aebb0148bbc4100c9c9fd8b5"
x-amz-version-id: 7dukzJz3ERKAyz0BeJA6rjYRNdsu6vr9
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: image/png
last-modified: Fri, 15 Dec 2023 13:16:48 GMT
vary: Accept-Encoding
x-amz-id-2: soYRQpNhXjwrNH90Ytg0XHAtD1D6/7okd/0YmYcCf7MfEorsfpy7W6M7NwBRXPQBZzo0m8Nt+bE=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 1GTYQPCT12A7M53B
cf-ray: 8e235f067a0e7421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99631
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v35/ 37 KB
37 KB 145ms
80ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:regular,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bloomfin.ca
Referer: https://fonts.googleapis.com/

Response headers

age: 390731
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 13:21:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 13:21:50 GMT
last-modified: Wed, 31 Jan 2024 23:11:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37764
x-xss-protection: 0
server: sffe

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/ Frame BE25 0
0 192ms
60ms Document
text/html 18.173.219.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=61027823712445001dfa0e7c

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.219.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-219-114.jfk52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bloomfin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 47712
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 13 Nov 2024 12:38:50 GMT
etag: W/"18bac695db44fdf2325f007ac9a435fe"
last-modified: Thu, 31 Oct 2024 12:46:57 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
vary: accept-encoding
via: 1.1 3087aea10f3b11e0dd724415f9afc740.cloudfront.net (CloudFront)
x-amz-cf-id: Q77Fu1saICPEZe4yyiTNuEl93vDTvivwmFnEjc-TaqNxXz-r2A1qsw==
x-amz-cf-pop: JFK52-P1
x-amz-meta-cache-control: max-age=86400
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 collect
www.google.com/ccm/ 0
0 178ms
68ms Ping
text/plain 142.251.163.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.bloomfin.ca%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1770233219.1731549242&auid=1641335861.1731549242&npa=0&gtm=45He4bc0v850351985za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&tft=1731549241726&tfd=1631&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 388 KB
127 KB 84ms
83ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B2DC9W4YJZ&l=dataLayer&cx=c&gtm=45He4bc0v850351985za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c44e3eb70b49eb87f1c71935560b2151011425196e01d9b936416c254d5afba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 01:54:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129739
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 177ms
56ms Script
text/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: gzip
age: 2311
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 03:15:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:15:30 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 141ms
61ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-FiTc6ZQS' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-FiTc6ZQS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4440, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 076fsT7gQq6ttQIMF25pJY3LvQ0lFJqDP8V2JlhTo7goPFfTS1eyfnyRx8CwwNdgIQXpJIClo9oGwFyOg5ufjA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK P4ZsDgnF Show response
io.clickguard.com/s/cHJvdGVjdG9y/ 8 KB
3 KB 171ms
87ms Script
application/javascript 2606:4700:20::681a:c98

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/s/cHJvdGVjdG9y/P4ZsDgnF
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e4917f981a8f9cf700261957decb3ec3971bd72e3212bc0f789caf5455045e63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

Transfer-Encoding: chunked
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding: br
cf-cache-status: DYNAMIC
etag: W/"1eaf-PKWZSXmCWKkFL9bifTUHZvU/6m8"
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gFyZUqYZb5rSwJoBpqNgFhCnKrL%2BbEIKwJqkvHjIpFpWykLV5vubkvYcKMQTciyNL%2BaNYOiO5rIsJ%2FfCl99FH%2Flt61UN0PQ1EY5ISQ%2B9UX0x%2FKFNFcRL2X30inm1iu9%2FIwj5fQMZudTbU1TB6PDj"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
CF-RAY: 8e235f097ac4098e-MIA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=30242&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3490&recv_bytes=2282&delivery_rate=128039&cwnd=252&unsent_bytes=0&cid=07819c3ea5626fd2&ts=103&x=0"
Date: Thu, 14 Nov 2024 01:54:01 GMT
Content-Type: application/javascript; charset=utf-8
x-powered-by: Express
Server: cloudflare

GET
H2 200 widget.css
assets.calendly.com/assets/external/ 3 KB
1 KB 325ms
238ms Stylesheet
text/css 2606:4700:4400::ac40:9251

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3195b22bc399b5e8e5ec8f9f9efe01669a314d20b1016ee65d32baadf079bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=300
content-encoding: br
cf-cache-status: HIT
etag: W/"37862f74b0570347dff098154957ac17"
age: 243
x-content-type-options: nosniff
cf-ray: 8e235f097babb3bf-MIA
expires: Fri, 15 Nov 2024 01:54:02 GMT
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: text/css
last-modified: Wed, 13 Nov 2024 20:06:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 11 KB
4 KB 256ms
170ms Script
text/javascript 2606:4700:4400::ac40:9251

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=300
content-encoding: br
cf-cache-status: HIT
etag: W/"ef3bf711963c747494cae07900aacd7c"
age: 155
x-content-type-options: nosniff
cf-ray: 8e235f097baeb3bf-MIA
expires: Fri, 15 Nov 2024 01:54:01 GMT
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 21:59:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 388 KB
127 KB 97ms
96ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B2DC9W4YJZ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1fbeb84e90088df7fefba7e073b9cf4d9086275b85952a8defa0960afd5d74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 01:54:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129697
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 182ms
60ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2CD6A16E84FE417E9A423C893F449CB8 Ref B: MIAEDGE1321 Ref C: 2024-11-14T01:54:01Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Thu, 14 Nov 2024 01:54:00 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 22 KB
22 KB 153ms
33ms Script
text/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag: "4eddeec95afda969b3d1b2fb970c1eb1"
age: 2430
x-goog-stored-content-encoding: identity
expires: Thu, 14 Nov 2024 02:13:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22096
date: Thu, 14 Nov 2024 01:13:31 GMT
last-modified: Tue, 25 Jun 2024 13:55:33 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY0KMMHhlnUJwptCFl5LyErP4KhDFpjunTMrCzqoGr3BwHJLXAWMQ3Rn2kW21KgVUTOXpcg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1719323733334567
content-length: 22096
server: UploadServer

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 1DCF 0
0 168ms
59ms Document
text/html 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.bloomfin.ca

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5GMQW4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 01:54:01 GMT
expires: Fri, 14 Nov 2025 01:54:01 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 233ms
76ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B2DC9W4YJZ&gtm=45je4bc0v883580038z8850351985za200zb850351985&_p=1731549241283&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102077855&cid=801526446.1731549242&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731549241&sct=1&seg=0&dl=https%3A%2F%2Fwww.bloomfin.ca%2F&dt=Bloom%20Finance%20%7C%20Reverse%20Mortgages%20%26%20Retirement%20Solutions%20in%20Canada&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1871
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B2DC9W4YJZ&l=dataLayer&cx=c&gtm=45He4bc0v850351985za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bloomfin.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 195ms
64ms Ping
text/plain 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B2DC9W4YJZ&cid=801526446.1731549242&gtm=45je4bc0v883580038z8850351985za200zb850351985&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B2DC9W4YJZ&l=dataLayer&cx=c&gtm=45He4bc0v850351985za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bloomfin.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 0141 0
0 185ms
69ms Document
text/html 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-B2DC9W4YJZ&gacid=801526446.1731549242&gtm=45je4bc0v883580038z8850351985za200zb850351985&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102077855&z=569358566

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B2DC9W4YJZ&l=dataLayer&cx=c&gtm=45He4bc0v850351985za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bloomfin.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 01:54:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 ingest Show response
pixels.spotify.com/v1/ 52 B
271 B 92ms
90ms Fetch
application/json 2600:1901:1:7c5::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixels.spotify.com/v1/ingest

Requested by

Host: pixel.byspotify.com
URL: https://pixel.byspotify.com/ping.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:7c5:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

1196079ccf410c72ac0a4c8af9835405c83e5d6b0ee407ada3658425d9d324d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bloomfin.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
grpc-status: 0
content-encoding: gzip
x-envoy-upstream-service-time: 7
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding: gzip,x-snappy-framed
access-control-allow-origin: https://www.bloomfin.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: application/json
vary: Accept-Encoding
grpc-encoding: identity
server: envoy

OPTIONS
H2 200 ingest
pixels.spotify.com/v1/ Frame 0
0 323ms
82ms Preflight 2600:1901:1:7c5::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.spotify.com/v1/ingest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:1:7c5:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bloomfin.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: https://www.bloomfin.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 14 Nov 2024 01:54:01 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

GET
H2 200 97023789.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 57ms
55ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97023789.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a41ed35bdb3d90af3717a3a4930bf4c42fc6047ee37f703d9a07f6ae7a8bd424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 812B0BC9E3FC46AA9825D82EA94F5897 Ref B: MIAEDGE1321 Ref C: 2024-11-14T01:54:02Z
x-cache: CONFIG_NOCACHE
date: Thu, 14 Nov 2024 01:54:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 150455876965752 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 123ms
123ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/150455876965752?v=2.9.176&r=stable&domain=www.bloomfin.ca&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

d4253eebe60dff4ce6837be42ff3aee8d2133e316ed8d99530c66d5fef10ada3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-iyPVJ0IK' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-iyPVJ0IK' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=76, mss=1232, tbw=70264, tp=65, tpl=0, uplat=62, ullat=0
pragma: public
x-fb-debug: 6eu9LgPKnvhKbaxeVr9YvQ3bYn412LxpI3zS1NksR8hWEz6XXjXZJn2fpL0Quf5jB14vR3s9bR9EfzfvXmvm9w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
421 B 67ms
63ms XHR
text/plain 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1198924116&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bloomfin.ca%2F&ul=en-us&de=UTF-8&dt=Bloom%20Finance%20%7C%20Reverse%20Mortgages%20%26%20Retirement%20Solutions%20in%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAACAAI~&jid=1236014442&gjid=305172794&cid=801526446.1731549242&tid=UA-192129358-1&_gid=869935132.1731549242&_r=1&_slc=1&gtm=45He4bc0n81P5GMQW4v850351985za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&z=953472120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bloomfin.ca/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.bloomfin.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H/1.1 200
OK P4ZsDgnF Show response
pulse.clickguard.com/r/cHJvdGVjdG9y/ 0
780 B 79ms
79ms XHR
text/plain 2606:4700:20::681a:d98

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.clickguard.com/r/cHJvdGVjdG9y/P4ZsDgnF
Requested by: Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/P4ZsDgnF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d98 , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://www.bloomfin.ca/

Response headers

NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVggQxLM8c1neayObjHGy8n89RQ2zHXTu3YK0tkQXzNNy7TFA5Fn1ul1w2H7VBvR8xBY7YV%2BRlhSTX%2FbkiD0AH%2FSQyclNNVm3jGv3jWWriBZ3213dFsp5iEt3EPpL9AuKLnbekhnT3ErKMsAG2mXokrJ"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
CF-RAY: 8e235f0c3b76224b-MIA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=30441&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4894&recv_bytes=3050&delivery_rate=127716&cwnd=254&unsent_bytes=0&cid=0623463275447396&ts=177&x=0"
Content-Length: 0
Date: Thu, 14 Nov 2024 01:54:02 GMT
x-powered-by: Express
Server: cloudflare

OPTIONS
H/1.1 204
No Content P4ZsDgnF
pulse.clickguard.com/r/cHJvdGVjdG9y/ Frame 0
0 173ms
79ms Preflight 2606:4700:20::681a:d98

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.clickguard.com/r/cHJvdGVjdG9y/P4ZsDgnF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d98 , United States, ASN (),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bloomfin.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

CF-RAY: 8e235f0bbadf224b-MIA
Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Nov 2024 01:54:02 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zunuOXGvfpWDvQhKexwjPwOyYq8NTt0f82nph40%2FXEYzt90MfiX68rQqDbgjKbWbkR1iJy2R9I77PIgfZpcDDbcVt5bePXXqSOC%2FYU1%2Bm7uPSZsVIC6k4rWEZbRShnLUoPAgvUTCl9reXS%2BIkPznB2f7"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server-timing: cfL4;desc="?proto=TCP&rtt=30515&sent=5&recv=9&lost=0&retrans=0&sent_bytes=3490&recv_bytes=2340&delivery_rate=127716&cwnd=252&unsent_bytes=0&cid=0623463275447396&ts=98&x=0"
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H2 200 97023789 Show response
www.clarity.ms/tag/uet/ 867 B
1 KB 203ms
76ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/97023789
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/97023789.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5838c86dea2ef1782cf9e89a7624457c7c519658fa8ca3d5305d6faf51d3bab7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 867
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: application/x-javascript
x-azure-ref: 20241114T015402Z-17958fbc6d4bh2vkhC1MIAwfpc00000008rg00000000emne

GET
H2 204 0
bat.bing.com/action/ 0
359 B 57ms
56ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97023789&Ver=2&mid=ccf5b611-0ce9-4b98-b66b-b0201076a107&bo=1&sid=525dd380a22b11ef900c1df23d5cf0ac&vid=525e3870a22b11ef8e23b7b2fba75265&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bloom%20Finance%20%7C%20Reverse%20Mortgages%20%26%20Retirement%20Solutions%20in%20Canada&p=https%3A%2F%2Fwww.bloomfin.ca%2F&r=&lt=1301&evt=pageLoad&sv=1&cdb=AQAQ&rn=319573

Requested by

Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B8B75B4C7404C2FA97E444DF151A5D6 Ref B: MIAEDGE1321 Ref C: 2024-11-14T01:54:02Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 14 Nov 2024 01:54:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 124ms
59ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=150455876965752&ev=PageView&dl=https%3A%2F%2Fwww.bloomfin.ca&rl=&if=false&ts=1731549242216&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1731549242214.916008938951042565&pm=1&hrl=e8ba79&ler=empty&cdl=API_unavailable&it=1731549242053&coo=false&tm=1&cs_cc=1&cas=8037656049599116%2C4320558731363122&rqm=GET

Requested by

Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4485, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 223ms
159ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=150455876965752&ev=PageView&dl=https%3A%2F%2Fwww.bloomfin.ca&rl=&if=false&ts=1731549242216&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1731549242214.916008938951042565&pm=1&hrl=e8ba79&ler=empty&cdl=API_unavailable&it=1731549242053&coo=false&tm=1&cs_cc=1&cas=8037656049599116%2C4320558731363122&rqm=FGET

Requested by

Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436947367220446705"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: /dobvoF/ZmnFmQNNNQkKomxqs4eDXbxuTASVNWCQ9Kz5GzHW5DILAp+B9E0qLrlSscqrvDXLDh2qMQBOecApmQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436947367220446705", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4853, tp=13, tpl=0, uplat=99, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 65ms
64ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97023789
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

x-azure-ref: 20241114T015402Z-17958fbc6d4bh2vkhC1MIAwfpc00000008rg00000000emny
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 5df73997-801e-0067-71b5-333e27000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 01:20:43 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
279 B 299ms
152ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.bloomfin.ca/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://www.bloomfin.ca
Date: Thu, 14 Nov 2024 01:54:02 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 196ms
59ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.bloomfin.ca
URL: https://www.bloomfin.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
Connection: keep-alive
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
expires: Sat, 14 Nov 2026 01:54:02 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Thu, 14 Nov 2024 01:54:02 GMT
Content-Type: application/javascript
last-modified: Wed, 13 Nov 2024 19:13:53 GMT
vary: Accept-Encoding,User-Agent

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DFDEE283C4FD447DB2555F5D3B0A251A&RedC=c.clarity.ms&MXFR=141447B2CC94642B27345285C8946AEA
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFDEE283C4FD447DB2555F5D3B0A251A&MUID=02B230AA3D0C6FCB03E7259D3C106E1A

42 B
442 B

56ms
55ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFDEE283C4FD447DB2555F5D3B0A251A&MUID=02B230AA3D0C6FCB03E7259D3C106E1A
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFDEE283C4FD447DB2555F5D3B0A251A&MUID=02B230AA3D0C6FCB03E7259D3C106E1A
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E738D8016D1848D099B12AA04F391B49 Ref B: MIA301000108035 Ref C: 2024-11-14T01:54:03Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Thu, 14 Nov 2024 01:54:02 GMT
x-powered-by: ASP.NET

GET
H3 200 65bcd7816748ae624cd39bc3_favicon-32x32.png
cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/ 870 B
1 KB 89ms
89ms Other
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/64ecf9b57bce0f7d4787b159/65bcd7816748ae624cd39bc3_favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60039b14e5ee3f7ddee4c1a1e8a43fff6b17dd411b7cddce87a5a097e29a11db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cf-cache-status: HIT
etag: "d9e65139e9a79e04ad356ed8cc7a3f95"
x-amz-version-id: okXGfZUzhL4tVCcm9ckJ1XpjR_shF6Z8
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 01:54:02 GMT
content-type: image/png
last-modified: Fri, 02 Feb 2024 11:52:34 GMT
vary: Accept-Encoding
x-amz-id-2: ao4kcxxsTWoIzWjCG0y4b/62QL3K87Ltc3Z50uuP8kU981Az4chrZeFBGLMTH3l7et1lF6nHe2A=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 91E8BNR86B4ANAVK
cf-ray: 8e235f0fafc27421-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 870
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 336ms
336ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=34230&account_id=964223&title=Bloom%20Finance%20%7C%20Reverse%20Mortgages%20%26%20Retirement%20Solutions%20in%20Canada&url=https%3A%2F%2Fwww.bloomfin.ca%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-96-194.compute-1.amazonaws.com

Software

Resource Hash

328813fac1c23ce87d97244a279f4a079658c4a3f233b9c76079c6ae055191c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 533
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Thu, 14 Nov 2024 01:54:03 GMT
Content-Type: text/javascript; charset=utf-8
vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK analytics Show response
go.bloomfin.ca/ 50 B
1020 B 349ms
151ms Script
text/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.bloomfin.ca/analytics?conly=true&visitor_id=299396755&visitor_id_sign=20f54820f883ccb3d88f1e807043a405df52e4bfdb948cffa8c8f926efa0a220c5dd3ce0c9e0ef83e4faf6a6b7d9b30a909238cf&pi_opt_in=&campaign_id=34230&account_id=964223&title=Bloom%20Finance%20|%20Reverse%20Mortgages%20&%20Retirement%20Solutions%20in%20Canada&url=https://www.bloomfin.ca/&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=34230&account_id=964223&title=Bloom%20Finance%20%7C%20Reverse%20Mortgages%20%26%20Retirement%20Solutions%20in%20Canada&url=https%3A%2F%2Fwww.bloomfin.ca%2F&referrer=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 50
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Thu, 14 Nov 2024 01:54:03 GMT
Content-Type: text/javascript; charset=utf-8
vary: User-Agent

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
279 B 61ms
59ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.bloomfin.ca/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://www.bloomfin.ca
Date: Thu, 14 Nov 2024 01:54:03 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
0 83ms
82ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B2DC9W4YJZ&gtm=45je4bc0v883580038za200zb850351985&_p=1731549241283&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102077855&cid=801526446.1731549242&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1731549241&sct=1&seg=1&dl=https%3A%2F%2Fwww.bloomfin.ca%2F&dt=Bloom%20Finance%20%7C%20Reverse%20Mortgages%20%26%20Retirement%20Solutions%20in%20Canada&en=page_view&_ee=1&_et=110&tfd=6985
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B2DC9W4YJZ&l=dataLayer&cx=c&gtm=45He4bc0v850351985za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bloomfin.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bloomfin.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:54:07 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.prod.website-files.com/	1970-01-21 00:59:11	Name: __cf_bm Value: 4BHpnF_Max9F_MsEkLZjraoRtdopQBpSM_51bqt0d_o-1731549241-1.0.1.1-H__un3MzRXbdJ.83tmtPQlDXK5FX9ey2H_bVqCU3ehxqwkwsefB3MAv2RdtzKg16BOsVmWvUrTEX1Rc4kVHotA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: q_6QkPEWpHo
.youtube.com/	1970-01-21 05:18:21	Name: VISITOR_INFO1_LIVE Value: -PNUq73VGIY
.youtube.com/	1970-01-21 05:18:21	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgMw%3D%3D
.bloomfin.ca/	1970-01-21 03:08:45	Name: _gcl_au Value: 1.1.1641335861.1731549242
www.bloomfin.ca/	1970-01-21 09:44:45	Name: __spdt Value: a0b933d2b1e74f5f90bf22ff5647a17c
.bloomfin.ca/	1970-01-21 10:35:09	Name: _ga Value: GA1.1.801526446.1731549242
.www.bloomfin.ca/	1970-01-21 10:35:09	Name: _ga Value: GA1.3.801526446.1731549242
.www.bloomfin.ca/	1970-01-21 01:00:35	Name: _gid Value: GA1.3.869935132.1731549242
.calendly.com/	1969-12-31 23:59:59	Name: _cfuvid Value: DDjSHEdR_rbjjRAQnGJqRPrZWel1xNqv8JbT5qZCkfQ-1731549242043-0.0.1.1-604800000
.www.bloomfin.ca/	1970-01-21 00:59:09	Name: _gat_UA-192129358-1 Value: 1
.bloomfin.ca/	1970-01-21 10:35:09	Name: _ga_B2DC9W4YJZ Value: GS1.1.1731549241.1.1.1731549242.59.0.0
.bloomfin.ca/	1970-01-21 01:00:35	Name: _uetsid Value: 525dd380a22b11ef900c1df23d5cf0ac
.bloomfin.ca/	1970-01-21 10:20:45	Name: _uetvid Value: 525e3870a22b11ef8e23b7b2fba75265
.bing.com/	1970-01-21 10:20:45	Name: MUID Value: 02B230AA3D0C6FCB03E7259D3C106E1A
.bat.bing.com/	1970-01-21 01:09:14	Name: MR Value: 0
.doubleclick.net/	1970-01-21 00:59:10	Name: test_cookie Value: CheckForPermission
.bloomfin.ca/	1970-01-21 03:08:45	Name: _fbp Value: fb.1.1731549242214.916008938951042565
www.clarity.ms/	1970-01-21 09:44:45	Name: CLID Value: 163217cc105148adae6638f45bad9c74.20241114.20251114
.bloomfin.ca/	1970-01-21 09:44:45	Name: _clck Value: 1e4b6mn%7C2%7Cfqv%7C0%7C1779
.bloomfin.ca/	1970-01-21 01:00:35	Name: _clsk Value: lja5op%7C1731549242793%7C1%7C1%7Ct.clarity.ms%2Fcollect
.c.bing.com/	1970-01-21 01:09:14	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:20:45	Name: SRM_B Value: 02B230AA3D0C6FCB03E7259D3C106E1A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:20:45	Name: MUID Value: 02B230AA3D0C6FCB03E7259D3C106E1A
.c.clarity.ms/	1970-01-21 01:09:14	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:59:09	Name: ANONCHK Value: 0
.pardot.com/	1970-01-21 10:35:09	Name: visitor_id963223 Value: 299396755
.pardot.com/	1970-01-21 10:35:09	Name: visitor_id963223-hash Value: 20f54820f883ccb3d88f1e807043a405df52e4bfdb948cffa8c8f926efa0a220c5dd3ce0c9e0ef83e4faf6a6b7d9b30a909238cf
pi.pardot.com/	1970-01-21 00:59:11	Name: lpv963223 Value: aHR0cHM6Ly93d3cuYmxvb21maW4uY2Ev
www.bloomfin.ca/	1970-01-21 10:35:09	Name: visitor_id963223 Value: 299396755
www.bloomfin.ca/	1970-01-21 10:35:09	Name: visitor_id963223-hash Value: 20f54820f883ccb3d88f1e807043a405df52e4bfdb948cffa8c8f926efa0a220c5dd3ce0c9e0ef83e4faf6a6b7d9b30a909238cf
go.bloomfin.ca/	1970-01-21 10:35:09	Name: visitor_id963223 Value: 299396755
go.bloomfin.ca/	1970-01-21 10:35:09	Name: visitor_id963223-hash Value: 20f54820f883ccb3d88f1e807043a405df52e4bfdb948cffa8c8f926efa0a220c5dd3ce0c9e0ef83e4faf6a6b7d9b30a909238cf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
assets.calendly.com
bat.bing.com
bloomfin.ca
bloomreversemortgage.co
c.bing.com
c.clarity.ms
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
go.bloomfin.ca
io.clickguard.com
pi.pardot.com
pixel.byspotify.com
pixels.spotify.com
players.brightcove.net
pulse.clickguard.com
stats.g.doubleclick.net
t.clarity.ms
td.doubleclick.net
widget.trustpilot.com
www.bloomfin.ca
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube.com
104.18.160.117
13.33.251.68
142.251.163.103
15.197.225.128
157.240.241.1
157.240.241.35
172.253.63.94
18.173.219.102
18.173.219.114
18.208.125.13
20.110.205.119
20.114.189.70
2001:4860:4802:34::181
23.59.145.71
2600:1901:1:7c5::
2606:4700:20::681a:c98
2606:4700:20::681a:d98
2606:4700:4400::ac40:9251
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::71
2607:f8b0:4004:c07::61
2607:f8b0:4004:c09::88
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1f::5f
2620:1ec:33:1::10
2620:1ec:bdf::40
2620:1ec:c11::237
3.233.126.24
34.117.162.98
52.54.96.194
99.83.190.102
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0a2098c596891a4d347db63c1177c70cb4527ffa74b536e88006afa91c034f78
0ae26a5c6ccbe62e971901a539368657ee902fed5ccc4b8f9911329ffdc4a3da
10b3b86c6264f47dcbd0369a2ced2170ecc91dc349daceb2c93aff34a0306d7e
1196079ccf410c72ac0a4c8af9835405c83e5d6b0ee407ada3658425d9d324d4
15dea8cafee66c3c28cb4301124d254915679c763b6d46672f17dd7ac3ea3466
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2681dbb4ab316ef7a9ba8f3be91b283eacf1f12aca432b0634456d84be1141a5
2fe4bd0f8db09f66685280e38109a387995d2c1262b14f1f9a90e89454c5f75c
31a8ab391d3116e1786d0de28fed67ffa95d1c36c179583fff70206f3504b463
328813fac1c23ce87d97244a279f4a079658c4a3f233b9c76079c6ae055191c0
365beece7ca879db44c515fc5d6cced3af7b0ab60e90a35999b1d6e99afa16d7
3e4a8e4101c6580ce55d213dfa91408cf5818e3f96f91f919d442775655caad3
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5838c86dea2ef1782cf9e89a7624457c7c519658fa8ca3d5305d6faf51d3bab7
60039b14e5ee3f7ddee4c1a1e8a43fff6b17dd411b7cddce87a5a097e29a11db
6c44e3eb70b49eb87f1c71935560b2151011425196e01d9b936416c254d5afba
7dccde77800122145dc0a52d34ba168ccd2a3d532f6c4004e24a8a81fd9dc141
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8a3195b22bc399b5e8e5ec8f9f9efe01669a314d20b1016ee65d32baadf079bd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a11a72e50c3ac9ff8cefa28e82bd823299ef57a88b70f3a57990d2a7bd9b8af4
a41ed35bdb3d90af3717a3a4930bf4c42fc6047ee37f703d9a07f6ae7a8bd424
a9ad1ef51724393a21fc56bb2aaba09844e7c650cbbfe028212afd9a8c91f973
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b1a6d517464d2d9d4b82f1bbcf877b4526bbc5942e2db328c8f2f7e8a40c81aa
b1fbeb84e90088df7fefba7e073b9cf4d9086275b85952a8defa0960afd5d74b
b2941315ec8d012b9fc3a03e8668897ef2a96492293753e74a0703448c6bb81c
bacab678d7310f65209a40b33c0b17f3d229863cdc07556317ad517c31998981
c16087f94368bd67d653e0b46e0116a745fdea03be4cb91d7e3b43d0b5eb7601
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
ce73cfe6c4e0447410d75ef195b5f3ba474e2e4083bb827943de3e2c03469715
d25dd2084bcebdb1397e8b593037df9b15a823389e4c0959e69ab60388158ab8
d4253eebe60dff4ce6837be42ff3aee8d2133e316ed8d99530c66d5fef10ada3
db072feaad879d5926c33d223a3bbecb1186ab39ef99c2c08590b08599e81c6e
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e25ef9e9573c0a0dbde747900deaa6e13fc0c0a858b7d28e5a085e9e30ec07fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4917f981a8f9cf700261957decb3ec3971bd72e3212bc0f789caf5455045e63
e64f9986a5140577c674be53c14c6a86c1e53ef18b7b0907aae684a0a8123f03
e6db956a07db08ea20e19755cddaba0402a0972035c97f2adf0ffcac47afea79
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0
f9833973dca8b09a0b5ead87be39425cc9df123cd904491c77c693a2cd727392

www.bloomfin.ca Open in urlscan Pro 3.233.126.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

47 %IPv6

22 Domains

31 Subdomains

29 IPs

2 Countries

3120 kBTransfer

4839 kBSize

34 Cookies

7 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bloomfin.ca Open in urlscan Pro
3.233.126.24 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

47 %
IPv6

22
Domains

31
Subdomains

29
IPs

2
Countries

3120 kB
Transfer

4839 kB
Size

34
Cookies

64 HTTP transactions
0 data transactions