-1005964156 | 2024-04-16T02:14:50.501029
80 /
tcp
HTTP/1.1 403 Forbidden
Date: Tue, 16 Apr 2024 02:14:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8750aa057c82661f-AMS
937574103 | 2024-04-20T00:17:35.565962
443 /
tcp
HTTP/1.1 200 OK
Date: Sat, 20 Apr 2024 00:17:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
set-cookie: PHPSESSID=c9bse8vdgqr4sd4mukg6r3d7q2; expires=Sat, 27-Apr-2024 00:17:48 GMT; Max-Age=604800; path=/; domain=www.bmr.ca; secure; HttpOnly; SameSite=Lax
set-cookie: groupbmr_gtm_customerPersonalStore=%7B%22storeNumber%22%3A%223014%22%2C%22storeName%22%3A%22Novago%20Coop%5Cu00e9rative%20%28Macamic%29%22%2C%22storeZone%22%3A%22Abitibi-T%5Cu00e9miscamingue%22%2C%22storeType%22%3A%22%22%2C%22ispuEnabled%22%3A%221%22%7D; expires=Sun, 20-Apr-2025 00:17:48 GMT; Max-Age=31536000; path=/; domain=.www.bmr.ca; SameSite=Lax
set-cookie: X-Magento-Vary=96f96dc68b3b6a19f78f2c65a8115803210a8c170eb68d633878fb7efb2d81e3; expires=Sat, 27-Apr-2024 00:17:48 GMT; Max-Age=604800; path=/; secure; HttpOnly; SameSite=Lax
report-to: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"\/csp-report.php"}]}
content-security-policy-report-only: font-src fonts.gstatic.com data: *.hotjar.com *.hotjar.io *.cloudfront.net data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.punchout2go.com www.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.bolt.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.bolt.com https://www.google.com/recaptcha/ www.googletagmanager.com *.google.com esqa.moneris.com www3.moneris.com *.dotdigital-pages.com *.dotdigital.com *.punchout2go.com data: e.bmr.co *.fls.doubleclick.net *.cloudfront.net *.hotjar.com *.hotjar.io insight.adsrvr.org www.facebook.net www.facebook.com *.google.ca *.moneris.com *.issuu.com notifications.wisepops.com wisepops.net https://*.online-metrix.net https://imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.googleapis.com *.gstatic.com *.google.com *.googleusercontent.com *.trackedlink.net 'self' blob: data: www.gstatic.com *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.fls.doubleclick.net ad.doubleclick.net ade.googlesyndication.com maps.gstatic.com maps.googleapis.com www.bmr.ca *.hotjar.com *.hotjar.io *.cloudfront.net insight.adsrvr.org www.facebook.net www.facebook.com *.paypalobjects.com adserve.atedra.com cdn.wisepops.com tracking.wisepops.com dx4nr741tfc02.cloudfront.net wisp-production-storage.s3.amazonaws.com cdn.wisepops.net *.flippenterprise.net *.wishabi.com https://imgs.signifyd.com https://*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.bolt.com *.commerce-quick-checkout.com http://localhost:8082 https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com esqa.moneris.com www3.moneris.com polyfill.io *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal *.punchout2go.com data: e.bmr.co js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.g.doubleclick.net *.googletagmanager.com ssl.google-analytics.com www.google.com maps.googleapis.com s.yimg.com *.hotjar.com *.hotjar.io *.cloudfront.net r2-t.trackedlink.net connect.facebook.net connect.facebook.com www.gstatic.com z.moatads.com cdn.wisepops.com loader.wisepops.com app.getwisp.co wisepops.net cdn.wisepops.net plausible.io *.wishabi.com *.flippenterprise.net *.flipp.com *.flippback.com 'self' blob: https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.punchout2go.com www.gstatic.com *.hotjar.com *.hotjar.io *.cloudfront.net *.flippenterprise.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bolt.com *.googleapis.com *.gstatic.com *.google.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com bam.nr-data.net bam-cell.nr-data.net *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.g.doubleclick.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.hotjar.com *.hotjar.io s.yimg.com insights.algolia.io maps.googleapis.com www.facebook.com ct.pinterest.com activity.wisepops.com popup.wisepops.com tracking.wisepops.com app.getwisp.co wisepops.net plausible.io *.flippenterprise.net *.flippback.com https://imgs.signifyd.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri /csp-report.php; report-to report-endpoint;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-magento-cache-debug: MISS
pragma: no-cache
expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8770f3b4596e171a-SJC
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:27:f0:51:0d:2e:fe:44:9c:dc:22:54:41:6a:a1:96
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3
Validity
Not Before: Sep 13 00:00:00 2023 GMT
Not After : Sep 12 23:59:59 2024 GMT
Subject: C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=bmr.ca
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:33:85:a5:81:57:6c:25:5d:94:e4:29:e6:e6:8f:
53:98:47:8d:25:6d:76:85:12:e3:65:f8:26:06:5e:
39:2f:90:51:05:b8:c6:45:02:40:2a:eb:48:cc:ab:
4e:4d:92:bf:aa:c9:89:4c:9b:a6:32:83:00:ce:fa:
27:90:6a:83:85
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Authority Key Identifier:
A5:CE:37:EA:EB:B0:75:0E:94:67:88:B4:45:FA:D9:24:10:87:96:1F
X509v3 Subject Key Identifier:
CD:FB:9B:96:56:39:BC:98:F6:F8:BB:DF:D8:4D:40:D1:9C:6E:42:E0
X509v3 Subject Alternative Name:
DNS:bmr.ca, DNS:*.bmr.ca
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS
X509v3 Key Usage: critical
Digital Signature, Key Agreement
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl3.digicert.com/CloudflareIncECCCA-3.crl
Full Name:
URI:http://crl4.digicert.com/CloudflareIncECCCA-3.crl
Authority Information Access:
OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/CloudflareIncECCCA-3.crt
X509v3 Basic Constraints: critical
CA:FALSE
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Sep 13 02:50:26.848 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:63:FF:5A:EF:0F:BD:D8:00:97:51:07:D0:
C9:31:FE:D0:EC:3A:EC:A0:8C:F0:A7:C5:58:5D:88:51:
84:52:27:7C:02:21:00:E3:B9:A8:A0:26:A5:04:3C:F2:
87:AB:02:AE:E7:76:8C:A0:B6:5A:15:0F:DF:B6:B0:9D:
43:EA:C1:7D:E1:8E:13
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Sep 13 02:50:26.840 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:80:70:43:EF:BE:09:91:95:AC:D1:65:
9E:80:D9:06:15:F5:3D:1B:A3:D8:3A:64:A1:A4:73:98:
AD:74:D4:8E:21:02:20:25:5E:A9:40:0F:2B:1D:DD:57:
C1:5F:6D:3D:6A:0F:78:A9:4F:DC:1D:BE:F4:61:49:4A:
04:76:EA:61:11:D8:C2
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Sep 13 02:50:26.849 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:0D:DF:64:4A:B9:2B:D9:3C:F6:EF:42:B2:
08:CC:82:ED:43:7E:B0:93:FB:EE:CE:46:90:CE:F5:E3:
CB:81:C2:73:02:20:5F:D4:9D:BB:9F:31:DE:1E:57:42:
33:D0:48:9B:EE:3D:81:BE:46:EC:F4:9F:25:F0:1A:09:
6D:B7:FC:08:0A:FC
Signature Algorithm: ecdsa-with-SHA256
Signature Value:
30:45:02:21:00:b6:97:75:55:de:9f:25:7b:e3:40:88:c5:86:
d1:f9:64:e2:5a:ac:82:9f:60:8a:81:cb:ac:ee:88:23:2c:8f:
95:02:20:00:8f:c7:9d:aa:ee:7b:a4:d6:bd:e7:91:2b:00:b4:
d9:f8:c7:b0:cf:0a:13:db:90:f0:c3:5b:7b:88:d0:5a:51
235404141 | 2024-03-25T13:14:16.047268
2082 /
tcp
HTTP/1.1 403 Forbidden
Date: Mon, 25 Mar 2024 13:14:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5894
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 869f29ba3b4fb773-AMS
141477257 | 2024-04-19T07:46:48.127029
2083 /
tcp
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Fri, 19 Apr 2024 07:46:48 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -
-876761428 | 2024-04-15T02:25:02.769127
2086 /
tcp
HTTP/1.1 403 Forbidden
Date: Mon, 15 Apr 2024 02:25:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87487b97fa131afc-AMS
141477257 | 2024-04-11T06:13:19.258390
2087 /
tcp
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Thu, 11 Apr 2024 06:13:19 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -
-440825943 | 2024-04-13T21:59:14.266920
8080 /
tcp
HTTP/1.1 403 Forbidden
Date: Sat, 13 Apr 2024 21:59:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5894
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 873eb8da1c1765f0-AMS
141477257 | 2024-03-23T05:49:58.220639
8443 /
tcp
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sat, 23 Mar 2024 05:49:58 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -
1613212695 | 2024-04-18T23:59:59.300958
8880 /
tcp
HTTP/1.1 403 Forbidden
Date: Thu, 18 Apr 2024 23:59:59 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 87689c9b6d4c1500-LAX
error code: 1003