-1032472695 | 2024-09-27T09:31:50.766393
80 /
tcp
HTTP/1.1 403 Forbidden
Date: Fri, 27 Sep 2024 09:31:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8c9a7baa38b52af1-LAX
234134779 | 2024-10-03T10:31:17.759252
443 /
tcp
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 10:31:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
set-cookie: PHPSESSID=ah9tgdo1blfmnt92lnv011u6ed; expires=Thu, 10-Oct-2024 10:31:00 GMT; Max-Age=604800; path=/; domain=www.bmr.ca; secure; HttpOnly; SameSite=Lax
set-cookie: groupbmr_gtm_customerPersonalStore=%7B%22storeNumber%22%3A%22269%22%2C%22storeName%22%3A%22Centre%20de%20R%5Cu00e9novation%20G.%20Doyon%20%28Bromont%29%22%2C%22storeZone%22%3A%22Estrie%22%2C%22storeType%22%3A%22independent%22%2C%22ispuEnabled%22%3A%221%22%7D; expires=Fri, 03-Oct-2025 10:31:00 GMT; Max-Age=31536000; path=/; domain=.www.bmr.ca; SameSite=Lax
set-cookie: X-Magento-Vary=fd167ca59742b07c596df5638d609dd27c262b37afe59e3d80b6fccd29d9e1bc; expires=Thu, 10-Oct-2024 10:31:00 GMT; Max-Age=604800; path=/; secure; HttpOnly; SameSite=Lax
report-to: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"\/csp-report.php"}]}
content-security-policy-report-only: font-src fonts.gstatic.com data: *.hotjar.com *.hotjar.io *.cloudfront.net data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.punchout2go.com www.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ www.googletagmanager.com *.google.com *.googletagmanager.com esqa.moneris.com www3.moneris.com *.dotdigital-pages.com *.dotdigital.com *.punchout2go.com data: e.bmr.co *.fls.doubleclick.net *.cloudfront.net *.hotjar.com *.hotjar.io insight.adsrvr.org www.facebook.net www.facebook.com *.google.ca *.moneris.com *.issuu.com notifications.wisepops.com wisepops.net *.addtoany.com https://*.online-metrix.net https://imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.googleapis.com *.gstatic.com *.google.com *.googleusercontent.com *.trackedlink.net 'self' blob: data: www.gstatic.com *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.fls.doubleclick.net ad.doubleclick.net ade.googlesyndication.com maps.gstatic.com maps.googleapis.com www.bmr.ca *.hotjar.com *.hotjar.io *.cloudfront.net insight.adsrvr.org www.facebook.net www.facebook.com *.paypalobjects.com adserve.atedra.com cdn.wisepops.com tracking.wisepops.com dx4nr741tfc02.cloudfront.net wisp-production-storage.s3.amazonaws.com cdn.wisepops.net cdn.cookielaw.org *.flippenterprise.net *.wishabi.com https://imgs.signifyd.com https://*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com esqa.moneris.com www3.moneris.com polyfill.io *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal *.punchout2go.com data: e.bmr.co js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.g.doubleclick.net ssl.google-analytics.com www.google.com maps.googleapis.com s.yimg.com *.hotjar.com *.hotjar.io *.cloudfront.net r2-t.trackedlink.net connect.facebook.net connect.facebook.com www.gstatic.com z.moatads.com cdn.wisepops.com loader.wisepops.com app.getwisp.co wisepops.net cdn.wisepops.net plausible.io cdn.cookielaw.org *.addtoany.com *.wishabi.com *.flippenterprise.net *.flipp.com *.flippback.com 'self' blob: https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.punchout2go.com www.gstatic.com *.hotjar.com *.hotjar.io *.cloudfront.net cdn.cookielaw.org *.flippenterprise.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com *.gstatic.com *.google.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com bam.nr-data.net bam-cell.nr-data.net *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.g.doubleclick.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.hotjar.com *.hotjar.io s.yimg.com maps.googleapis.com www.facebook.com ct.pinterest.com activity.wisepops.com popup.wisepops.com tracking.wisepops.com app.getwisp.co wisepops.net plausible.io cdn.cookielaw.org *.flippenterprise.net *.flippback.com https://imgs.signifyd.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri /csp-report.php; report-to report-endpoint;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-magento-cache-debug: MISS
pragma: no-cache
expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8ccc42f3282167af-SJC
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:7d:c3:be:11:33:4d:e9:0d:d4:59:df:59:17:0d:29
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, O=Google Trust Services, CN=WE1
Validity
Not Before: Aug 13 00:23:12 2024 GMT
Not After : Nov 11 00:23:11 2024 GMT
Subject: CN=bmr.ca
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:60:25:25:4f:26:80:4d:04:fc:05:7a:bc:3a:62:
2c:9f:0e:f6:b0:79:a2:86:39:17:58:a5:28:43:6f:
ec:14:5c:17:b3:66:b1:c3:0b:2a:9e:8c:49:84:3e:
d3:6a:b3:78:01:8d:2a:c0:7e:63:4b:b7:79:66:b6:
d3:73:db:4b:5b
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
E6:9A:1A:DD:30:65:77:9D:DC:58:2B:A7:60:D3:7E:C0:DA:34:D5:CF
X509v3 Authority Key Identifier:
90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38
Authority Information Access:
OCSP - URI:http://o.pki.goog/s/we1/Kn0
CA Issuers - URI:http://i.pki.goog/we1.crt
X509v3 Subject Alternative Name:
DNS:bmr.ca, DNS:*.bmr.ca
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
X509v3 CRL Distribution Points:
Full Name:
URI:http://c.pki.goog/we1/dpcZcgUNPbE.crl
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Aug 13 01:23:13.553 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:B7:DA:8C:08:90:6B:09:4C:C0:5C:6C:
A9:40:BC:D0:BF:BB:21:53:A7:15:95:8A:02:C2:16:2E:
9E:61:88:AF:40:02:21:00:EE:F8:E5:C8:1A:57:74:B1:
20:A1:3C:F5:A0:51:ED:2B:FA:6C:43:73:F1:D6:9C:E2:
8B:84:5B:A5:40:4B:B1:96
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Aug 13 01:23:13.614 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:68:35:CB:22:50:F6:0D:AB:9E:F1:9D:98:
8E:E2:E9:28:5F:ED:45:87:AA:D1:97:B2:FF:61:2C:56:
75:EC:5D:0C:02:21:00:D2:61:65:97:56:80:6C:7B:22:
4A:C9:BC:62:ED:09:6F:C7:0B:2F:85:74:A9:07:4F:B8:
66:57:97:FF:5D:84:B4
Signature Algorithm: ecdsa-with-SHA256
Signature Value:
30:45:02:20:10:c0:9b:7b:70:0b:d9:2d:01:0f:05:11:55:25:
8c:a3:d5:9a:14:28:bb:13:57:59:9d:de:1f:25:fa:83:36:03:
02:21:00:86:a7:7b:73:cc:8d:f1:57:3d:6c:ef:5b:80:7a:45:
56:e2:23:1f:2c:ec:ab:13:d3:b2:c0:d7:92:11:3f:10:3f
141477257 | 2024-09-15T12:14:18.352009
2053 /
tcp
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sun, 15 Sep 2024 12:14:18 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -
-2047078585 | 2024-09-21T10:05:30.077438
2082 /
tcp
HTTP/1.1 403 Forbidden
Date: Sat, 21 Sep 2024 10:05:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8c693cb6bd4f2b77-LAX
141477257 | 2024-09-17T09:02:11.940760
2083 /
tcp
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Tue, 17 Sep 2024 09:02:11 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -
-1562700518 | 2024-09-22T03:48:03.890534
2086 /
tcp
HTTP/1.1 403 Forbidden
Date: Sun, 22 Sep 2024 03:48:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8c6f51377ec8670f-AMS
1085209750 | 2024-10-02T15:57:31.321529
2087 /
tcp
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 02 Oct 2024 15:57:31 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -
<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>cloudflare</center>
</body>
</html>
2091094936 | 2024-09-24T19:12:03.064058
8080 /
tcp
HTTP/1.1 403 Forbidden
Date: Tue, 24 Sep 2024 19:12:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5892
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8c851573188cd5a3-AMS
141477257 | 2024-09-23T07:44:17.957974
8443 /
tcp
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Mon, 23 Sep 2024 07:44:17 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -
-894946457 | 2024-10-01T08:42:10.295875
8880 /
tcp
HTTP/1.1 403 Forbidden
Date: Tue, 01 Oct 2024 08:42:10 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8cbb28665c0a1003-LAX
error code: 1003