Overview

URL bmoharris.donfitzsimmons.com/main/personal.html
IP79.137.192.45
ASNLLC Digital Network
Location Russia
Report completed2022-09-29 21:08:43 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-29 2 bmoharris.donfitzsimmons.com/main/personal.html Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
2022-09-29 2 bmoharris.donfitzsimmons.com/ Bank of Montreal
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 bmoharris.donfitzsimmons.com/main/personal.html Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/js/headJS.min.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/public-data/ssi/header/js/header-harris-personal.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/public-data/ssi/header/js/bmoharris.header.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/gtag/js?id=AW-967757432 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/scripts/lightbox-js/featherlight.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/images/bmoharris/logos/harris-blue.svg Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/img/icons/svg/alert-white.svg Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/public-data/ssi/vendor/footer/js/bmoharris.foo (...) Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/pagead/f.txt Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/img/icons/svg/chevron-right-white.svg Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/scripts/lightbox-js/jquery-1.11.1.min.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/img/large/d-personal-safe-secure.webp Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/resources/scripts/libraries/jquery/1.11.1/jque (...) Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/ (...) Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/js/jquery.mobile.custom.min.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/js/launch/5aebfc6032e6/8857e2b59892/fe50ebd824 (...) Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/resources/fonts/dax.ttf Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/dax.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-regular-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-medium-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/dax.woff Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-regular-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-medium-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/fonts/BMO-icon.woff?-sys3mr Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-light-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/js/highcharts.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/xml/rates/deposit_rates.xml Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/resources/data/notices.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/ (...) Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-light-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2 Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/js/jquery-ui.min.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/js/main-ebiz.js Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/js/launch/5aebfc6032e6/8857e2b59892/launch-6d3 (...) Phishing
2022-09-29 2 bmoharris.donfitzsimmons.com/js/main.min.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL bmoharris.donfitzsimmons.com/dist/images/personal/homepage-banners/credit-c (...)
IP  79.137.192.45
Magic gzip compressed data, max compression\012- data
Size 362
MD5 a2989e3298d1571e974427dd41a45c7a
SHA1 d5480d24dfd82654a2c8d4ccf0f289ea851fa06e
SHA256 7b92c2a3389a7d097af0db8d24e5d83517e438f4e28f534ee3b0af7a700bb9d4
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (28)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.google.no (7) 25607 2016-04-05 19:50:59 UTC 2022-09-29 05:12:08 UTC 142.250.74.3
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS www.bmoharris.com (1) 158933 2013-11-22 15:42:54 UTC 2022-09-28 23:34:52 UTC 104.110.19.154
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-29 04:56:10 UTC 31.13.72.36
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-29 04:56:09 UTC 34.117.237.239
mnemonic passive DNS dpm.demdex.net (5) 204 2017-01-30 04:59:39 UTC 2022-09-29 18:24:29 UTC 34.252.39.216
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-29 13:23:40 UTC 104.18.32.68
mnemonic passive DNS api.ipify.org (1) 3267 2014-10-27 13:09:35 UTC 2022-09-29 11:53:19 UTC 52.20.78.240
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-09-29 19:27:23 UTC 142.250.74.98
mnemonic passive DNS adservice.google.no (1) 96969 2017-09-26 14:23:08 UTC 2022-09-29 04:57:21 UTC 142.250.74.98
mnemonic passive DNS bat.bing.com (3) 387 2014-04-08 09:23:16 UTC 2022-09-29 05:03:48 UTC 13.107.21.200
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 34.160.144.191
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-29 05:06:32 UTC 34.218.159.206
mnemonic passive DNS ocsp.pki.goog (17) 175 2017-06-14 07:23:31 UTC 2022-09-29 04:56:10 UTC 142.250.74.3
mnemonic passive DNS smetrics.bmo.com (1) 74724 2014-03-05 04:42:01 UTC 2022-09-29 06:57:07 UTC 13.36.218.177
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-29 13:44:03 UTC 142.250.74.164
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-29 16:06:01 UTC 143.204.55.35
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-09-29 15:12:13 UTC 93.184.220.29
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-29 04:57:12 UTC 31.13.72.12
mnemonic passive DNS adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-09-29 14:35:48 UTC 142.250.74.130
mnemonic passive DNS www.googletagmanager.com (3) 75 2012-12-25 14:52:06 UTC 2022-09-29 04:56:27 UTC 142.250.74.72
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-29 14:36:13 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-29 04:57:37 UTC 23.36.77.32
mnemonic passive DNS bmoharris.donfitzsimmons.com (68) 0 2022-09-24 15:36:09 UTC 2022-09-29 18:38:03 UTC 79.137.192.45 Unknown ranking
mnemonic passive DNS cdn.pbbl.co (1) 8838 2018-03-28 15:43:32 UTC 2022-09-29 15:55:29 UTC 143.204.55.125
mnemonic passive DNS bmofinancial.demdex.net (2) 83922 2015-06-17 20:28:14 UTC 2022-09-29 06:57:07 UTC 3.248.126.204
mnemonic passive DNS bankofmontreal.tt.omtrdc.net (1) 169296 2015-10-08 14:44:17 UTC 2022-09-29 06:57:07 UTC 15.188.95.229
mnemonic passive DNS cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-09-29 15:41:46 UTC 34.251.26.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 79.137.192.45

Date UQ / IDS / BL URL IP
2022-10-03 21:58:04 +0000
0 - 0 - 42 spencerooi.com/main/personal.html 79.137.192.45
2022-10-03 09:59:27 +0000
0 - 0 - 42 bmoharris.spencerooi.com/main/personal.html 79.137.192.45
2022-09-29 21:09:00 +0000
0 - 0 - 104 bmoharris.donfitzsimmons.com/ 79.137.192.45
2022-09-29 21:08:43 +0000
0 - 0 - 106 bmoharris.donfitzsimmons.com/main/personal.html 79.137.192.45
2022-09-28 23:35:03 +0000
0 - 0 - 112 moregivelesshate.com/ 79.137.192.45

Last 5 reports on ASN: LLC Digital Network

Date UQ / IDS / BL URL IP
2022-12-02 08:25:23 +0000
0 - 0 - 2 89.208.103.62/pollTrack.php?Jw1xCeRwWM=ZDHKlG (...) 89.208.103.62
2022-12-02 01:40:55 +0000
0 - 0 - 6 89.208.103.75 89.208.103.75
2022-12-02 00:21:07 +0000
0 - 0 - 2 79.137.206.108/s.exe 79.137.206.108
2022-12-01 22:16:40 +0000
0 - 0 - 24 amanda-nn.com/ 89.208.104.221
2022-12-01 20:03:23 +0000
0 - 0 - 2 79.137.197.181/g93dLhG2/Plugins/cred64.dll 79.137.197.181

Last 3 reports on domain: donfitzsimmons.com

Date UQ / IDS / BL URL IP
2022-09-29 21:09:00 +0000
0 - 0 - 104 bmoharris.donfitzsimmons.com/ 79.137.192.45
2022-09-29 21:08:43 +0000
0 - 0 - 106 bmoharris.donfitzsimmons.com/main/personal.html 79.137.192.45
2022-09-28 21:26:01 +0000
0 - 0 - 37 donfitzsimmons.com/main/personal.html 79.137.192.45

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-29 21:09:00 +0000
0 - 0 - 104 bmoharris.donfitzsimmons.com/ 79.137.192.45


JavaScript

Executed Scripts (48)


Executed Evals (0)


Executed Writes (6)

#1 JavaScript::Write (size: 368, repeated: 1) - SHA256: 449f166b7f7fb8502d00ede8dcc05c53f923a8ce41e19daf5fb3b3e37c1f67ee

                                        < script >
    //Get Load Time

    // this is for older browser support
    var inHeadTS = (new Date()).getTime();

// plugin
function s_getLoadTime() {
    if (!window.s_loadT) {
        var b = new Date().getTime(),
            o = window.performance ? performance.timing : 0,
            a = o ? o.requestStart : window.inHeadTS || 0;
        s_loadT = a ? Math.round((b - a) / 100) : ''
    }
    return s_loadT
}

// call plugin first time 
s_getLoadTime(); < /script>
                                    

#2 JavaScript::Write (size: 7347, repeated: 1) - SHA256: 299b2d82b87b628ce4f06768536ca3e4b018266fb96f8ed80a854844eb65aff7

                                        < script >
    // Search for BMOINFO on page, if not:
    if (typeof BMOINFO == "undefined") {

        // Page Variables, change when necessary
        var pageLang = "en";
        var pageCountry = "US";
        var pageTemplate = "BMOH Template";
        var pageContentType = "channel";

        var parser = document.createElement('a');

        // Call the URI of the current page 
        parser.href = location;

        // For IE, fix issue of empty protocol
        if (parser.host == "") {
            parser.href = parser.href;
        }

        // Split components of the url
        parser.protocol; // "http:"
        parser.host; // "bmo.com:3000"
        parser.hostname; // "bmo.com"
        parser.pathname; // "/path/"
        parser.search; // "?search=test"
        parser.hash; // "#hash"

        // Split pathname for individual sections
        var pathName = parser.pathname;
        var pathArray = parser.pathname.split('/');
        var siteName = parser.hostname;

        // If browser does not have filter
        if (!Array.prototype.filter) {
            Array.prototype.filter = function(fun /*, thisp */ ) {
                "use strict";
                if (this === void 0 || this === null) throw new TypeError();
                var t = Object(this);
                var len = t.length >>> 0;
                if (typeof fun !== "function") throw new TypeError();
                var res = [];
                var thisp = arguments[1];
                for (var i = 0; i < len; i++) {
                    if (i in t) {
                        var val = t[i]; // in case fun mutates this
                        if (fun.call(thisp, val, i, t)) res.push(val);
                    }
                }
                return res;
            };
        }

        // Filter empty elements in array    
        pathArray = pathArray.filter(function(n) {
            return n != ""
        });

        // Create BMOINFO Object
        var BMOINFO = {
            pageName: document.title,
            language: pageLang,
            country: pageCountry,
            template: pageTemplate,
            contentType: pageContentType,
            topic: "",
            site: siteName,
            Sections: pathArray,
        }

    }
    //End BMOINFO Creator


    //DTM Object
var DTM = (function() {

    /* Avoid "console" errors in browsers that lack a console. */
    (function() {
        var method;
        var noop = function() {};
        var methods = [
            'assert', 'clear', 'count', 'debug', 'dir', 'dirxml', 'error',
            'exception', 'group', 'groupCollapsed', 'groupEnd', 'info', 'log',
            'markTimeline', 'profile', 'profileEnd', 'table', 'time', 'timeEnd',
            'timeStamp', 'trace', 'warn'
        ];
        var length = methods.length;
        var console = (window.console = window.console || {});

        while (length--) {
            method = methods[length];

            // Only stub undefined methods.
            if (!console[method]) {
                console[method] = noop;
            }
        }
    })();

    /* fix indexOf issue with internet explorer */
    (function() {
        if (!window.dojo) {
            if (!Array.indexOf) {
                Array.prototype.indexOf = function(obj) {
                    for (var i = 0; i < this.length; i++) {
                        if (this[i] == obj) {
                            return i;
                        }
                    }
                    return -1;
                }
            }
        }
    })();

    function getLevels() {
        //Get levels from BMOINFO Global Object
        var levels = BMOINFO.Sections;
        //Elements to remove from levels
        var toRemove = ['Staging', 'Home', 'Main', 'us', 'main'];
        //removing elements from toRemove Array
        levels = levels.filter(function(el) {
            return toRemove.indexOf(el) < 0;
        });

        //THIS IS updated???
        //sitePrefix in index 0 of the levels array (sitePrefix is a global function in the Mapping file of each site)
        levels.splice(0, 0, sitePrefix);

        //Changing the name of the levels for the mapping file ones.
        for (i = 0; i < levels.length; i++) {
            if (pageNameMapping[levels[i]])
                levels[i] = pageNameMapping[levels[i]]
        }

        return levels;
    }

    function getSiteSections() {
        var levels = getLevels();
        var siteSections = {};
        for (i = 1; i <= levels.length; i++) {
            ssToCat = levels.slice(0, i);
            siteSections[i] = ssToCat.join(':');
        }

        return siteSections;
    }

    function getPageName() {
        var levels = getLevels();
        var pageName = levels.join(':');

        return pageName;
    }

    function getHierarchy() {
        var levels = getLevels();
        var hierarchy = levels.join(':');

        return hierarchy;
    }

    // Linktracking Functions
    function _linkTracking(link41, pos42, name43, linkType) {
        linkType = linkType || "Linktracking solution";
        s.linkTrackVars = "prop41,prop42,prop43";
        s.prop41 = link41;
        s.prop42 = pos42;
        s.prop43 = name43;
        s.tl(this, 'o', linkType, null, 'navigate');
    }

    //Form tracking
    function _setFormTracking(link41, pos42, name43, linkType) {
        linkType = linkType || "FormTracking solution";
        s.linkTrackVars = "prop41,prop42,prop43";
        s.prop41 = link41;
        s.prop42 = pos42;
        s.prop43 = name43;
        s.tl(this, 'o', linkType, null, 'formTracker');
        //console.log(formData);
    }

    function _setCookie(c_name, value, expiredays) {
        var exdate = new Date();
        var cookieDomain = _getOnlyDomain(document.domain);
        exdate.setDate(exdate.getDate() + expiredays);
        document.cookie = c_name + "=" + escape(value) + ((expiredays == null) ? "" : ";expires=" + exdate.toGMTString()) + ";domain=" + cookieDomain + ";path=/";
    }

    function _getCookie(c_name) {
        if (document.cookie.length > 0) {
            c_start = document.cookie.indexOf(c_name + "=");
            if (c_start != -1) {
                c_start = c_start + c_name.length + 1;
                c_end = document.cookie.indexOf(";", c_start);
                if (c_end == -1) c_end = document.cookie.length;
                return unescape(document.cookie.substring(c_start, c_end));
            }
        }
        return "";
    }

    function _deleteCookie(name, path, domain) {
        if (_getCookie(name)) {
            document.cookie = name + "=" + ((path) ? ";path=" + path : "") + ((domain) ? ";domain=" + domain : "") + ";expires=Thu, 01 Jan 1970 00:00:01 GMT";
        }
    }



    function _getOnlyDomain(dom) {
        domain = dom.split('.');
        domain = domain.splice(-2, 2);
        domain = domain.join('.');
        return domain
    }

    /*
	function _setLTVarsFromCookie(){
		var s_v = _getCookie('s_lt');
		if (s_v!=null && s_v!=""){
			cookie = s_v.split(';');
			s.prop41 = cookie[0].substring(cookie[0].indexOf('=')+1);
			s.prop42 = cookie[1].substring(cookie[1].indexOf('=')+1);
			s.prop43 = cookie[2].substring(cookie[2].indexOf('=')+1);
			_deleteCookie('s_lt', '/', _getOnlyDomain(document.domain));
		}
	}*/

    function _setLTVarsFromCookie() {
        var s_v = _getCookie('s_lt');
        if (s_v != null && s_v != "") {
            cookie = s_v.split(';');
            s.prop41 = cookie[0].substring(cookie[0].indexOf('=') + 1);
            s.prop42 = cookie[1].substring(cookie[1].indexOf('=') + 1);
            s.prop43 = cookie[2].substring(cookie[2].indexOf('=') + 1);
            _deleteCookie('s_lt', '/', _getOnlyDomain(document.domain));
        } else if (localStorage.getItem('prop41') !== null) {
            s.prop41 = localStorage.getItem('prop41');
            s.prop42 = localStorage.getItem('prop42');
            s.prop43 = localStorage.getItem('prop43');
            localStorage.removeItem('prop41');
            localStorage.removeItem('prop42');
            localStorage.removeItem('prop43');
            //console.log('local storage');
        }
    }


    return {
        pageName: getPageName(),
        hierarchy: getHierarchy(),
        linkTraking: _linkTracking,
        setFormTracking: _setFormTracking,
        siteSections: getSiteSections(),
        setLTVarsFromCookie: _setLTVarsFromCookie,
        getOnlyDomain: _getOnlyDomain,
        setCookie: _setCookie,
        getCookie: _getCookie,
        deleteCookie: _deleteCookie
    }

})(); < /script>
                                    

#3 JavaScript::Write (size: 1757, repeated: 1) - SHA256: a99e4b3df0b76a1234f2b2ce4014406aa968ca72dc41c650d0634f96aebd7419

                                        < script >
    document.addEventListener(adobe.target.event.REQUEST_SUCCEEDED, function(e) {
        _satellite.notify("TEST TARGET" + adobe.target.event.REQUEST_SUCCEEDED);
        window.ttMETA = typeof(window.ttMETA) != "undefined" ? window.ttMETA : [];

        var tokens = e.detail.responseTokens;
        _satellite.notify("tokens", e.detail.responseTokens);
        /*updated s_tnt_lme config*/
        var stntlme = "";
        if (isEmpty(tokens)) {
            return;
        }

        var uniqueTokens = distinct(tokens);
        _satellite.notify("uniqueTokens", uniqueTokens);
        uniqueTokens.forEach(function(token) {
            window.ttMETA.push({
                'campaign': token["activity.name"],
                'campaignId': token["activity.id"],
                'experience': token["experience.name"],
                'recipeId': token["experience.id"],
                'offerId': token["option.id"],
                'offer': token["option.name"],
                'mbox': e.detail.mbox
            });
            var campaignConstructor = token["activity.id"] + ":" + token["experience.id"] + ":0,";
            _satellite.notify("campaignConstructor", campaignConstructor);
            stntlme += campaignConstructor;
            _satellite.notify(ttMETA);
        });
        _satellite.notify(stntlme);
        if (!window.s_tnt) {
            window.s_tnt = window.s_tnt_lme = stntlme;
        }
    });

function isEmpty(val) {
    return (val === undefined || val == null || val.length <= 0) ? true : false;
}

function key(obj) {
    return Object.keys(obj)
        .map(function(k) {
            return k + "" + obj[k];
        })
        .join("");
}

function distinct(arr) {
    var result = arr.reduce(function(acc, e) {
        acc[key(e)] = e;
        return acc;
    }, {});

    return Object.keys(result)
        .map(function(k) {
            return result[k];
        });
}

< /script>
                                    

#4 JavaScript::Write (size: 245, repeated: 1) - SHA256: 0c8fd58c1665e44b3ca8c01f17d43c9cada6e6cc4b87ce71f96408defe5e4bb6

                                        < iframe src = "https://5200603.fls.doubleclick.net/activityi;src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=2050974445570.2107?"
width = "1"
height = "1"
frameborder = "0"
style = "display:none" > < /iframe>
                                    

#5 JavaScript::Write (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#6 JavaScript::Write (size: 102, repeated: 1) - SHA256: 61938658d2d08cad7928f4ee966e8b58ce134059a41eaa059fcc540a641b7b98

                                        < script > _satellite["__runScript1"](function(event, target) {
    console.log("BMOH Staging");
}); < /script>
                                    


HTTP Transactions (145)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 20:15:55 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bghYgiwlijMdo-g2mDXIK3eU66kr9V12Qz3hbZCcr4wFVRBKRJSBGQ==
Age: 3157


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3471
Expires: Thu, 29 Sep 2022 22:06:23 GMT
Date: Thu, 29 Sep 2022 21:08:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E16E8B782B441ECB9A57C3FC3DB9884B5A3034967B846CCA67B2F53644FCABDF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12450
Expires: Fri, 30 Sep 2022 00:36:02 GMT
Date: Thu, 29 Sep 2022 21:08:32 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: AF5prdlbu9QJlIE1eeeTjJa/HmpNhGXxgR5cv3NhHWxEJmpdTWkQTVURK3XOJmrYSTdk02t6de8=
x-amz-request-id: H9R269EZXAJDB6Y8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 20:50:52 GMT
age: 1060
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 21:08:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E86BD534DECCC05FAA02BB4748DF2540E3A2BF24C2885E1F3D5D5C9E7F9B2750"
Last-Modified: Wed, 28 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 30 Sep 2022 03:08:32 GMT
Date: Thu, 29 Sep 2022 21:08:32 GMT
Connection: keep-alive

                                        
                                            GET /main/personal.html HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: text/html
                                        
last-modified: Wed, 07 Sep 2022 11:15:00 GMT
etag: "64f51-5e8146c72b500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 45895
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3457), with CRLF line terminators
Size:   45895
Md5:    e76e0240728175d41b940af178486d1c
Sha1:   ae536a1630e55dcc44c7541bd4aae420ab7723db
Sha256: a7f358267755f02bbcff8e27d866f3bff3512ec7dd561f27655e98a57c512382

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /js/headJS.min.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 29 Sep 2014 09:21:12 GMT
etag: "3be5-50430c9ac3200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6282
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (15333), with no line terminators
Size:   6282
Md5:    bddfb96c122a73c1a999e268fd41db49
Sha1:   87747349458e6eee095091947a00e965fcb84b86
Sha256: 29f44e6b8b2898dc8d433c27f0c87c4b7f1911fafaf3b190bdbb0e206d87c3ed

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /public-data/ssi/header/js/header-harris-personal.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 31 Aug 2021 19:09:16 GMT
etag: "4b-5cadfaf974f00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 90
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   90
Md5:    226c153609866c1e74263f4704d87cd4
Sha1:   d245870dbe3948d31f9f82de093ab1ca763b5855
Sha256: 0d06fdc0cfe8d7de5744c5ebf5f82a8f1d646b6315d1a943b7b58002dc3b32f1

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/images/flag/thumbnail/united-states.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 04 Dec 2017 21:28:18 GMT
etag: "42e-55f8a6595e080"
accept-ranges: bytes
content-length: 1070
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   1070
Md5:    7a131f5b50d3ebf9f784b8b3ba95f782
Sha1:   ba3a3cf0125004a29226897b04c0b60cb6a63a1c
Sha256: 7fc10751e4935e26a23cec5311745827a40816aa23f63b8f3049f5b05bc05b63

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /dist/images/bmoharris/logos/harris-blue-roundel.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 28 Jun 2021 21:42:56 GMT
etag: "865-5c5da5f4d5800"
accept-ranges: bytes
content-length: 2149
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 145 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size:   2149
Md5:    87b743c6b74b0ab1ae1b15171a5f0424
Sha1:   24d760088f0c7ac443ad3992fa997856391f8731
Sha256: 9435073bd6680f87022f3cf6ac9ca1de149b560c9a77be4e9362430392768ef0

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /styles/main-ebiz.css HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 29 Sep 2021 16:20:48 GMT
etag: "3bf80-5cd24b6815800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 34250
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with CRLF line terminators
Size:   34250
Md5:    80b04cac020ebf3935d6bf213278e4f1
Sha1:   95ea65b8cd7581dd1bcf0558fb20e8797ea03bb5
Sha256: a64fa25a4eea2c0a2ff8bee4b96dca1389e067dfe129856d36acf542a82122c0

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /public-data/ssi/header/js/bmoharris.header.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 30 May 2022 18:57:12 GMT
etag: "b544-5e03f3945f200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11902
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32812)
Size:   11902
Md5:    a5a5959b2acfed97ac0c89f1de791b3d
Sha1:   e4104daa238d2fa6f6b936241e234286d50b5f7e
Sha256: 9aec7ca37ed8cf5684d4de40d42af6dcc1f3d36f0fc2fd9800bbc0e7bde7b96f

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 20:31:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MEfg6pPtSeNjr_KlVhSsjqRmgLW67i_jiYZYcg5w9cPqMp3nj-sS6A==
Age: 2339


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /gtag/js?id=AW-967757432 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
                                        
last-modified: Sun, 04 Sep 2022 12:00:00 GMT
etag: "1c72d-5e7d8b3db5000-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 45092
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   45092
Md5:    c0346f3fbe4bacecf27850fe10409ff7
Sha1:   0f457dd0e725cf71601a0fa89a52f6c7f1715d8f
Sha256: 1f7c2b2e54e26deb4477a472991ece91a6f2fbd008f31b1b2e5fd3029735343f

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /styles/main.css HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 07 Sep 2021 15:55:16 GMT
etag: "4a828-5cb69caaea100-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 36556
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (540)
Size:   36556
Md5:    db129c4c32c56c70905c6e0c340c353f
Sha1:   0475318b8de6f02e83c50dc7c5628c183190e583
Sha256: b840010f3fab8fd402438289ca9076ba31051cbabf94e909bb70ae0918faa5cd

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /css/lightbox/custom.css HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 21 Aug 2014 16:58:08 GMT
etag: "732-501269ffb8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 775
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   775
Md5:    38bc80b123834ea970145c34a8c43d87
Sha1:   cf8e66161fdaa592a040cd02d982d8407a5bee18
Sha256: ed15a56c5e610ed3639dd0a5e7361efb1ccce13a1ae8bb92a93a2623883117f8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /css/lightbox/featherlight.css HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 09 Sep 2014 20:03:06 GMT
etag: "3c24-502a76c75b280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5320
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8305)
Size:   5320
Md5:    b2d343755d9586e40170e95a111dfced
Sha1:   8c66df01a4c3f1b8842cfdde51ec9aded1f9ce9e
Sha256: fecb022cf5bada30c037d2dd74bc59d241981ac3260c40631850d2779dbfebce

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /dist/images/flag/thumbnail/canada.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Fri, 27 Sep 2019 21:13:16 GMT
etag: "2a7-5938f5ac4b300"
accept-ranges: bytes
content-length: 679
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   679
Md5:    1cbb25b3daa6e2a10a23026364776c2a
Sha1:   57d98b3db7d9798c2251d01398a28d0d96e686e8
Sha256: 2fd3abb2f3053c96dcc67d5649d9be7aa6a49fca673a7d25c406051d914787ce

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /dist/images/flag/thumbnail/china.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Fri, 27 Sep 2019 21:13:16 GMT
etag: "292-5938f5ac4b300"
accept-ranges: bytes
content-length: 658
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   658
Md5:    84f986a50438c754fde1fcde2730edaa
Sha1:   f715708ac2f3dbd0594f49ab590dc3e6f4f317c9
Sha256: 3e760e001631f754a319ad1b2d51653438a04dc5798f57c7083721ba07b1dda7

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /scripts/lightbox-js/featherlight.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 08 Sep 2021 20:22:06 GMT
etag: "2dec-5cb81a2cb3780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3808
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   3808
Md5:    534cf0325d1c08ac985675011cb90f7b
Sha1:   06ebc35169397a76c91b632f1e8aabb06a3ecaf7
Sha256: c18a517dd2f696e13210a75d8b1fe87ebffa9103d07ee386b4f4735843fc4b27

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/images/bmoharris/logos/harris-blue.svg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Mon, 28 Jun 2021 21:42:56 GMT
etag: "13b7-5c5da5f4d5800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1947
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5047), with no line terminators
Size:   1947
Md5:    fe5cb3ad7b2ef32b5d8b0ea19e6849cd
Sha1:   a182824db6e6d7c7788d639cfdfe4278cbda3014
Sha256: e06034627edea96ae8d8592a54da2cb5834dccde18c739d84d65b8d465eba809

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /img/icons/svg/alert-white.svg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Mon, 29 Sep 2014 09:31:00 GMT
etag: "458-50430ecb85d00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 638
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   638
Md5:    139957bb359a3ecc510081c94bb1fa68
Sha1:   ad31743747da7dd2995826fbab132584bbc41d87
Sha256: 985e2380e2f3aff0d5bcb7e8bab761ebcfeabfc693737e41e39c2c83d62f0a19

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /img/icon-app-store.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 29 Sep 2014 09:31:24 GMT
etag: "1cfd-50430ee269300"
accept-ranges: bytes
content-length: 7421
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 138 x 41, 8-bit/color RGB, non-interlaced\012- data
Size:   7421
Md5:    fbca66a2aaa88ff93fe18760067af3c3
Sha1:   9daa12f193bb85f0a5cbf4db806f32c1c1f5836a
Sha256: 9771c6adfd6e5157277f73669f27b1f778721a06c25000b8b47650dbd663f4e2

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /img/icon-google-play.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 29 Sep 2014 09:31:26 GMT
etag: "2313-50430ee451780"
accept-ranges: bytes
content-length: 8979
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 138 x 45, 8-bit/color RGB, interlaced\012- data
Size:   8979
Md5:    0d2d680e3e736c7ce388368805c45494
Sha1:   99bf22e1c571be196d8e181ab060be33721abb67
Sha256: 309c6f6046cefe8a652826e8f2787b8bceac36c7cf88a70d90e4716d0fed0baf

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /public-data/ssi/vendor/footer/js/bmoharris.footer.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 24 Feb 2022 22:48:34 GMT
etag: "1343-5d8cb61c7d480-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1643
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4931), with no line terminators
Size:   1643
Md5:    b8e194d01c8941f9ba7961df403f2e59
Sha1:   e392f69dd4fdcd7c09480e995aff168c93b122ad
Sha256: 06a5bb7b9c51c3873f9455a30515502666d456e29d90a652dd5f192ca2f0fbfd

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6599
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:32 GMT
Last-Modified: Thu, 29 Sep 2022 19:18:33 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pagead/f.txt HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: text/plain
                                        
last-modified: Sun, 04 Sep 2022 13:55:54 GMT
etag: "b3fd-5e7da5258ee80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17448
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1953)
Size:   17448
Md5:    9f61f990a1690da3b94dbb613508afcb
Sha1:   9025d0e195469e3646d08c5be459104e7bd2884f
Sha256: 7712575803f52bc6e3ae60891f84e66f68cd8135c0f415f0a10f9dc8a7f8b494

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /img/icons/svg/chevron-right-white.svg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Mon, 14 Dec 2020 20:37:54 GMT
etag: "f1-5b6729dd40c80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 182
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   182
Md5:    a4400ad93a2e693680f8f61366f53564
Sha1:   2eecfe749e1cc5236914a21fb9034b5a71816ecb
Sha256: dcfcc17cf710e800d88ca8fa51047cdc3575f5aa7f209135f675a78f43e69f0c

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /images/external-link_wh.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Fri, 22 Sep 2017 16:43:52 GMT
etag: "67-559c9e9f50200"
accept-ranges: bytes
content-length: 103
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 8 x 8, 8-bit gray+alpha, non-interlaced\012- data
Size:   103
Md5:    bd493960d7416fd0bfaeaf201ace0f24
Sha1:   d822acf027422e8a1b9051e50b9731e8835b7cd8
Sha256: f47b236cdead4ce58cfa5a0ff87ad7998c763dc5ba5fe1d229c4f2491767ea5d

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /img/main/personal/credit-cards/cards/large/bmoharris-CC-WorldPremiumRewards.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 02 Dec 2019 20:17:16 GMT
etag: "69f-598be4405eb00"
accept-ranges: bytes
content-length: 1695
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 69 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size:   1695
Md5:    d5317a4e21743a6317d6ba56b8753be7
Sha1:   ceaffa15b6968d13b56f74a84b45e4fa34ccb5c4
Sha256: a7e773ebd2aa01dd492076350701f29590d20abf78d7c903baf10cd523ee2d6e

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /img/icons/money-bags.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Thu, 26 Jul 2018 17:25:30 GMT
etag: "ba7-571ea48219680"
accept-ranges: bytes
content-length: 2983
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 70x55, components 3\012- data
Size:   2983
Md5:    00460784251d390fcbce0026e3cb9f10
Sha1:   b3aff67e116d24f2a529ef3cda8f225c3c36ca2d
Sha256: 0e3b5d90031b0e620deed3f35dc6db3df84e584043a47b6fa7a9e2fbdafe85a4

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /img/icons/piggy-icon.png HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Fri, 25 Jan 2019 19:24:34 GMT
etag: "efd-5804d46e80080"
accept-ranges: bytes
content-length: 3837
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 78 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   3837
Md5:    adb03891fb39f2fd21cbc09f89d12dd6
Sha1:   7d4cacbac5d0a0b9bb4b908a105f0c56f4d047d2
Sha256: 3f01ba6e2435be9315e3557ef21b31c7c7ae2d5d000deb14172ddaa38545683d

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /scripts/lightbox-js/jquery-1.11.1.min.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 20 Aug 2014 20:37:40 GMT
etag: "1762a-501159340ed00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 33225
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33225
Md5:    77c96b81bc26956680cd7813d2d4efd9
Sha1:   2f35ac87d37734bb8216c87f56079036109aeaa1
Sha256: bf48f792ab036db71babef1dbea45dceff0b04212a7278ed08b6c997115352ad

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /img/large/d-personal-safe-secure.webp HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/webp
                                        
last-modified: Wed, 25 Aug 2021 22:29:02 GMT
etag: "1dde-5ca69c6f6e780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7669
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 235x234, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7669
Md5:    1c71b096380be6924d9246b6c1be1705
Sha1:   a67d7b048c1f6bb3b6831caed08f23a8c924dccc
Sha256: fb8a7506485149b130d71d7c516f331406cf3a698a1a4250c1b0c1ac45658d1d

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /resources/scripts/libraries/jquery/1.11.1/jquery.min.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 11 Feb 2015 03:43:26 GMT
etag: "1762e-50ec7ce4d3380-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 33234
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086), with CRLF line terminators
Size:   33234
Md5:    b80f183a435595b1dcf4f4c0b2afafc0
Sha1:   fe5c21942215c3d404b9a4ff2231858959c22250
Sha256: 915595d27e7c19de33f4f6efac541a358e804a9171fa900ace338a3d33b286da

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/UGQs/FCIWcBg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /js/jquery.mobile.custom.min.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 29 Sep 2014 09:21:12 GMT
etag: "30006-50430c9ac3200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 54565
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (65437), with CRLF line terminators
Size:   54565
Md5:    b0f77308829dc0c3ac39a890021cd379
Sha1:   ab8ff7d5cb83d71dce499e71d9c12886a82c2c82
Sha256: c7c65e6a496f66b2c6065b6244745408d12467499f8705734450da51c655288e

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/images/personal/homepage-banners/checking-retail-june-2022-1200x370px.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 10 Jun 2022 19:28:34 GMT
etag: "3d28b-5e11cf1b41c80"
accept-ranges: bytes
content-length: 250507
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x370, components 3\012- data
Size:   250507
Md5:    a31dabfb0691d2296231fd389275a512
Sha1:   47f9e2c77efc5f7f1b876bf919abd470c622ed1c
Sha256: a2d7ed7553a3a30f1aa86381a9f93734a83679680f98a058ebf565d95d6e3c70

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /dist/images/personal/homepage-banners/savings-builder-2-1200x370.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 01 Apr 2022 13:38:36 GMT
etag: "4fa5f-5db97e53bcf00"
accept-ranges: bytes
content-length: 326239
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x370, components 3\012- data
Size:   326239
Md5:    cddf9383b39e3b93f3aba37b6eafe565
Sha1:   0047b67de79ed314f1908c3296e39d5f25cc6e91
Sha256: 2bb7b186652f201aae5dcdacfd61f804c127d49ca161c083d1919bf68259354a

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /dist/images/personal/homepage-banners/savings-builder-1200x370.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 01 Apr 2022 13:38:36 GMT
etag: "505de-5db97e53bcf00"
accept-ranges: bytes
content-length: 329182
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x370, components 3\012- data
Size:   329182
Md5:    0cc472b535235aeaa5275798b279586f
Sha1:   d548c47b92239267095db818cad18be11a946ffe
Sha256: 38d698fbde2db423692e6c01c7afe0f266f7c6454a4e1f4e06ac8f3b555d6f9c

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /dist/images/personal/homepage-banners/bb-checking-campaign-july-2022-1200x370px.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 20 May 2022 19:09:00 GMT
etag: "61f14-5df76390f6b00"
accept-ranges: bytes
content-length: 401172
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x370, components 3\012- data
Size:   401172
Md5:    1eca1d526210a47c1e12259b4608873b
Sha1:   90e3721c40d347f29896501f8fb998839c9a9204
Sha256: 7b4bf62847cd9906ab738ed8bc95d44e00c9c8400d6a4dbdec238c083f4598f2

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /dist/images/personal/homepage-banners/credit-card-march-2022-1200x370px.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 30 Mar 2022 14:34:12 GMT
etag: "64eb5-5db7070646100"
accept-ranges: bytes
content-length: 413365
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=740, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2400], progressive, precision 8, 1200x370, components 3\012- data
Size:   413365
Md5:    a07a544cb0b50ec76c15319c27e85ee0
Sha1:   de8acf1d760769d4598d2eacd866c16b90858519
Sha256: 28b732f996bfc202eb81739a9ed42f2b39ff1be3a588d6b22775f7e2446250e4

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /js/launch/5aebfc6032e6/8857e2b59892/fe50ebd82464/EXb087acb1f2cd44b8b49a3c550a958fd1-libraryCode_source.min.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /resources/fonts/dax.ttf HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/styles/main.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rd5yYGWHpqCCmMpkCD+qjQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.218.159.206
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MTzh29hUqpgi2B/nxKgv6f1tFSY=

                                        
                                            GET /dist/fonts/dax.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/fonts/heebo-regular-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/fonts/heebo-bold-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/fonts/heebo-medium-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1384
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:33 GMT
Last-Modified: Thu, 29 Sep 2022 20:45:29 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /dist/fonts/dax.woff HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664485710113 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://bmoharris.donfitzsimmons.com
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.252.39.216
HTTP/1.1 302 Found
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bmoharris.donfitzsimmons.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-07188673d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664485710113
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=91381148258188193250987024617831685731; Max-Age=15552000; Expires=Tue, 28 Mar 2023 21:08:33 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: KXN21NB1Tak=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /dist/fonts/heebo-regular-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/fonts/heebo-bold-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/fonts/heebo-medium-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /fonts/BMO-icon.woff?-sys3mr HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/styles/main-ebiz.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /dist/images/personal/homepage-banners/credit-card-feb-23-2022-1200x370px.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Thu, 24 Feb 2022 00:29:18 GMT
etag: "83b9f-5d8b8ac309380"
accept-ranges: bytes
content-length: 539551
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   362
Md5:    a2989e3298d1571e974427dd41a45c7a
Sha1:   d5480d24dfd82654a2c8d4ccf0f289ea851fa06e
Sha256: 7b92c2a3389a7d097af0db8d24e5d83517e438f4e28f534ee3b0af7a700bb9d4

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /dist/fonts/heebo-light-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /js/highcharts.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /xml/rates/deposit_rates.xml HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664485710113 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmoharris.donfitzsimmons.com
Content-Type: application/x-www-form-urlencoded
Referer: https://bmoharris.donfitzsimmons.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.252.39.216
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bmoharris.donfitzsimmons.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-0ca885ff3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: FR+ubMYcSeA=
Content-Length: 124
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   124
Md5:    1f6783349ac4177ec3b3845fd520dca6
Sha1:   d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
Sha256: 64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
                                        
                                            GET /resources/data/notices.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/images/personal/homepage-banners/checking-retail-june-2022-640x540px.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 10 Jun 2022 19:28:34 GMT
etag: "3144c-5e11cf1b41c80"
accept-ranges: bytes
content-length: 201804
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   472
Md5:    afd8fa81635542b658c07532cb90840c
Sha1:   bfdc45d2c58abeccfb253a1d39258fb6cfe87c3a
Sha256: 1d977286920a519d7ce191e6d7cb909b1d781f1043addcc94a51385c6b6537bb

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /dist/images/personal/homepage-banners/savings-builder-640x540.jpg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 01 Apr 2022 13:39:40 GMT
etag: "3f788-5db97e90c5f00"
accept-ranges: bytes
content-length: 259976
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/UGQs/FCIWcBg HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /fonts/BMO-icon.ttf?-sys3mr HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/styles/main-ebiz.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8
                                        
                                            GET /dist/fonts/heebo-light-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ddm/fls/i/src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=2050974445570.2107;~oref=https://bmoharris.donfitzsimmons.com/ HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5200603.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.130
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (474), with no line terminators
Size:   363
Md5:    bc51970ea3edad94b24aa61001d795c4
Sha1:   35a52ee56341757ba3d65b01bf319373787139f0
Sha256: 2d0f59e94a58d4a2c68ae174756d7d714eca2032493b5d8addd9a62d73fc8629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /dist/fonts/heebo-bold-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true; _gcl_au=1.1.1534364892.1664485710
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /dist/fonts/heebo-bold-latin.woff2 HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true; _gcl_au=1.1.1534364892.1664485710
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=AW-969792230&l=dataLayer&cx=c HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 21:08:33 GMT
expires: Thu, 29 Sep 2022 21:08:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 59477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1848)
Size:   59477
Md5:    0f10c15f97f2ba47e6d7e5bc08558e07
Sha1:   9debf8e49010a7b568681ac6bc03e775a8c472b9
Sha256: 720ed76bc61f86e9e819174dbd04a8774e44cf519b72708a0695e3f9551bfe74
                                        
                                            GET /gtag/js?id=AW-969436560&l=dataLayer&cx=c HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 21:08:33 GMT
expires: Thu, 29 Sep 2022 21:08:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46779
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   46779
Md5:    dc43c6dddde7b3e09d927b01f1306fcb
Sha1:   0bbb061f4310a7544ddddb042e34cc72149682c0
Sha256: c258a2645d9785f8783f41f55c4a9b10d4c6530bea506c7dbf4ad8bfa24c5cd1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=AW-968920444&l=dataLayer&cx=c HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 21:08:33 GMT
expires: Thu, 29 Sep 2022 21:08:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   46699
Md5:    340f417135bddc2c7a30b83b22960dc4
Sha1:   42e64affd91c9492dea2e7bf431ca9e3414b91c9
Sha256: ee74846ecb474249272f6b812ea728cfda5595fd1de2277284623cc2f598d189
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ddm/fls/i/src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=2050974445570.2107;~oref=https://bmoharris.donfitzsimmons.com/ HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:33 GMT
expires: Thu, 29 Sep 2022 21:08:33 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   177
Md5:    9393b28661a65a763699c108887882eb
Sha1:   c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
Sha256: 2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5243
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:33 GMT
Last-Modified: Thu, 29 Sep 2022 19:41:10 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 21:46:12 GMT
Expires: Wed, 05 Oct 2022 21:46:11 GMT
Etag: "d5f816723139d8987f47c524b874f67e98443559"
Cache-Control: max-age=520057,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7527b1ddabf8b512-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5243
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:33 GMT
Last-Modified: Thu, 29 Sep 2022 19:41:10 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /img/logos/ehl_wh.png HTTP/1.1 
Host: www.bmoharris.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.19.154
HTTP/2 200 OK
content-type: image/png
                                        
expires: Thu, 29 Sep 2022 10:55:46 GMT
last-modified: Mon, 02 Mar 2015 18:27:11 GMT
cache-control: max-age=600, must-revalidate
x-ihs-timer: D=603 t=1632016026645965
x-frame-options: SAMEORIGIN
accept-ranges: none
content-length: 1750
x-bmo-correlation_request_id: BMOH::W4::35cc26de20c28ab71bfbcd394e24d5cede752d2c::V4k1zawcOq8AAGZfFCcAAABV
x-ua-compatible: IE=edge
date: Thu, 29 Sep 2022 21:08:33 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 56 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   1750
Md5:    63a76cab53be5a59cf6b91787695c738
Sha1:   7b5bae385ea1ab103e2569c370f5a0ed8f667e6f
Sha256: be680dabeb0db6e5722618845a2f9182545a57429cde2cb3112bf853a3ffa1eb
                                        
                                            GET /?format=json HTTP/1.1 
Host: api.ipify.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmoharris.donfitzsimmons.com
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.20.78.240
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://bmoharris.donfitzsimmons.com
Vary: Origin
Date: Thu, 29 Sep 2022 21:08:33 GMT
Content-Length: 21
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   21
Md5:    7d69c71af0f191e9a72db6153f8018d1
Sha1:   f67c5f2887bc05654b47f76e9621e53a4091aed1
Sha256: 5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:33 GMT
Server: ECS (amb/6B8A)
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=4.5.2&d_fieldgroup=MC&mcorgid=121534B8527830F30A490D44%40AdobeOrg&ts=1664485710582 HTTP/1.1 
Host: smetrics.bmo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://bmoharris.donfitzsimmons.com
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.36.218.177
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
access-control-allow-origin: https://bmoharris.donfitzsimmons.com
access-control-allow-credentials: true
date: Thu, 29 Sep 2022 21:08:33 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|319B04A891180210-60000C462D052F01[CE]; Path=/; Domain=bmo.com; Max-Age=63072000; Expires=Sat, 28 Sep 2024 21:08:08 GMT; AMCV_121534B8527830F30A490D44%40AdobeOrg=0%7CMCMID%7C28959839021820329762636602759114120937; Path=/; Domain=bmo.com; Max-Age=63072000; Expires=Sat, 28 Sep 2024 21:08:08 GMT; s_ecid=MCMID%7C28959839021820329762636602759114120937; Path=/; Domain=bmo.com; Max-Age=63072000; Expires=Sat, 28 Sep 2024 21:08:08 GMT; SameSite=Lax;
vary: Origin
content-length: 89
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   89
Md5:    1ddf41c7110b45211a3eb5c201ed3d0e
Sha1:   7222cb02dc49054ca7c6d5d9066fb440c40634fc
Sha256: 1a4cd51e9be089dea921c1e3e4d7e547a4a53dc9265f5ec7670a4377baab469e
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19265%7CvVersion%7C4.5.2; mbox=session#d024f9b695894e968dd0aa8f6081dbf0#1664487571; check=true; _gcl_au=1.1.1534364892.1664485710
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
content-length: 275
date: Thu, 29 Sep 2022 21:08:33 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   275
Md5:    0523a6c702f2ebba621bfb2b37ecd4e1
Sha1:   68f223d7821389dd68648d4f12b89b9e33ea1401
Sha256: e20e4a78eb3a6bdfa8b11fe84bc0015756dee4b37eeccf0108d7fe349cc739c8

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
                                        
                                            GET /r/2591.js HTTP/1.1 
Host: cdn.pbbl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.125
HTTP/2 403 Forbidden
content-type: text/html
                                        
server: CloudFront
date: Thu, 29 Sep 2022 21:08:33 GMT
content-length: 986
x-cache: Error from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IS66KEEM-b8C2KW1x3qwc1shnJ4T8gJ5EFzSbAVUfaaMA8Gw7xjYvg==
vary: Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   986
Md5:    9cab2aaa867cc2b20bdf2d8f41cf1d15
Sha1:   4fa1f0bddf642d9e117203a65bb91bbf3ab5130a
Sha256: 2e8f900e80df9cdb20649423aefc4b05121e2bf6ead13ae011ca6a49e59d846c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4631
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:33 GMT
Last-Modified: Thu, 29 Sep 2022 19:51:22 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /id?d_visid_ver=4.5.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&d_mid=28959839021820329762636602759114120937&d_cid_ic=AVID%01319B04A891180210-60000C462D052F01&ts=1664485710990 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://bmoharris.donfitzsimmons.com
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.252.39.216
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bmoharris.donfitzsimmons.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v044-0ea413a51.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=29050923016152310622663725458272545007; Max-Age=15552000; Expires=Tue, 28 Mar 2023 21:08:33 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: K9TE0vdKROg=
Content-Length: 2117
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (7770), with no line terminators
Size:   2117
Md5:    c3f871740b35ccba19c881c9f9209f38
Sha1:   203806c73c21976363b050fce60e8b9b9418a858
Sha256: 40e9726d9b790620560f45840ed8145c3aafa0ea9a4972512035e1232faabdf1
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: oEIYjDfWJOQLRxMVRRnWIn/4vJ7PvMRlXHoiX1JatKW+XzmfXxkh9Qt++UUCsMgsYFGgNQq/ukVC/Thdi5BzEA==
content-length: 26840
x-fb-trip-id: 2074150462
date: Thu, 29 Sep 2022 21:08:33 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/969792230/?random=1664485710293&cv=9&fst=1664485710293&num=1&label=-XYtCOWanHAQ5rW3zgM&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1119
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Sep-2022 21:23:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2439), with no line terminators
Size:   1119
Md5:    cca858150d124e65d9fc89f9c68b1f36
Sha1:   91ba489ee3eaad2973e1cfac77c7407b007f0007
Sha256: c0c9c1e5316e094e02396d537c8e0fc36c78210add820d6f166908572fd1ba3c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4632
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:34 GMT
Last-Modified: Thu, 29 Sep 2022 19:51:22 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pagead/conversion_async.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 29 Sep 2022 21:08:34 GMT
expires: Thu, 29 Sep 2022 21:08:34 GMT
cache-control: private, max-age=3600
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1654)
Size:   15187
Md5:    8766c5a801f08afceca9b66ff9097e6a
Sha1:   ce7640d1d166eddeb9d40be642ec34652f790713
Sha256: f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1194
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:34 GMT
Last-Modified: Thu, 29 Sep 2022 20:48:40 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: bmofinancial.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         3.248.126.204
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Thu, 29 Sep 2022 21:08:34 GMT
DCS: dcs-prod-irl1-2-v044-0cc10ed06.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:47:43 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: p2dY79/YQz0=
transfer-encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /js/jquery-ui.min.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 29 Sep 2014 09:21:12 GMT
etag: "3a0a6-50430c9ac3200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64562)
Size:   63704
Md5:    dce48edd46fe43aeca13029ebd14e038
Sha1:   a23d4214291abf35d7c93df9f5497838cd8eb7a5
Sha256: 7498d7580b5b6ecbf9be5e0c5ce10bbf479286d9cfe8edff2ac46cc84b09cbc7

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            POST /rest/v1/delivery?client=bankofmontreal&sessionId=d024f9b695894e968dd0aa8f6081dbf0&version=2.2.0 HTTP/1.1 
Host: bankofmontreal.tt.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 858
Origin: https://bmoharris.donfitzsimmons.com
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         15.188.95.229
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
                                        
date: Thu, 29 Sep 2022 21:08:34 GMT
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://bmoharris.donfitzsimmons.com
access-control-allow-credentials: true
x-request-id: 9e2d0262-b544-4450-ae2f-dff33872c704
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: jag
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2799), with no line terminators
Size:   1395
Md5:    7c79cd33595a42c5e947395fd3f01127
Sha1:   dbbf117214d2ad23a62b86cf3500eda8d25b201e
Sha256: 5851691f6ac536ceaa43a3b5057a6f1a8ad261cdb5782ce0ed41444627187972
                                        
                                            GET /js/main-ebiz.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 17 Dec 2021 22:21:48 GMT
etag: "b6c4d-5d35ef7015700-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   87599
Md5:    d58cf6ae47fedad7a40c2282e816a40d
Sha1:   df44908fe6b037f8c3e0a379a145c62970c7e7c8
Sha256: dc60c6f91ffa1c4ab893b434cfd24994ee8f4252db775c5f8bfee5ec07375b35

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            GET /action/0?ti=5561742&Ver=2&mid=01180e60-3bc1-4c5c-818b-7e1edeee9a55&sid=deed18e0403a11eda7746906ad868db4&vid=deed7010403a11eda1626d962a16e75b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=BMO%20Harris%20-%20Personal%20Banking,%20Business%20Banking,%20Loans%20%26%20Investing&kw=banking,bank,mortgage,loan,auto,online,checking%20account,credit%20cards,savings%20account,bmo%20harris&p=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&r=&lt=1629&evt=pageLoad&sv=1&rn=317775 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3444D33257BD6A9A1093C11C56486B5D; domain=.bing.com; expires=Tue, 24-Oct-2023 21:08:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8137DE9E1BC842B2889F31341BC64A11 Ref B: OSL30EDGE0115 Ref C: 2022-09-29T21:08:34Z
date: Thu, 29 Sep 2022 21:08:33 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/969792230/?random=1664485710293&cv=9&fst=1664485200000&num=1&label=-XYtCOWanHAQ5rW3zgM&guid=ON&eid=376635470%2C375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&fmt=3&is_vtc=1&random=3732167374&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /p/action/5561742.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: private,max-age=1800
set-cookie: MUID=12EEEBFDAFEE60DF132DF9D3AE1B6160; domain=.bing.com; expires=Tue, 24-Oct-2023 21:08:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 385915BC338847FDB47EFC99C97C9751 Ref B: OSL30EDGE0115 Ref C: 2022-09-29T21:08:34Z
date: Thu, 29 Sep 2022 21:08:33 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /pagead/1p-user-list/969792230/?random=1664485711135&cv=9&fst=1664485200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=2738671805&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/968920444/?random=1664485711132&cv=9&fst=1664485200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=567623966&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/967757432/?random=1664485711122&cv=9&fst=1664485200000&num=1&value=1&currency_code=USD&label=nGm8CKHS134Q-Jy7zQM&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=1447065419&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /js/launch/5aebfc6032e6/8857e2b59892/launch-6d30bf830256.min.js HTTP/1.1 
Host: bmoharris.donfitzsimmons.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         79.137.192.45
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 30 Jun 2022 16:49:50 GMT
etag: "59160-5e2ad0edae780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 29 Sep 2022 21:08:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   109099
Md5:    f6ce8f2776f61ec21e68bf37ced700f0
Sha1:   f829cb4c13cc1acd13155ebe1f3c77cc9f672524
Sha256: 7ca58ebe6401e02115bba17cb7e20a44b92b6545901953da1de472da0430ce3e

Alerts:
  Blocklists:
    - openphish: Bank of Montreal
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 21:08:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/967757432/?random=1664485711119&cv=9&fst=1664485200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=646116051&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/969436560/?random=1664485711128&cv=9&fst=1664485200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=3747387492&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/972453339/?random=1664485711139&cv=9&fst=1664485200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=3380618459&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 21:08:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /tr/?id=1738710843060546&ev=PageView&dl=https%3A%2F%2Fbmoharris.donfitzsimmons.com%2Fmain%2Fpersonal.html&rl=&if=false&ts=1664485711334&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664485711333.817160799&it=1664485711081&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 29 Sep 2022 21:08:34 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 21:08:34 GMT
Last-Modified: Thu, 29 Sep 2022 19:41:54 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3El7LqusfMj7w1_Jw7YaqRc1VVMUmQK06Cwp0KGoWKdhgpD7dRzmdQ==
Age: 5200

                                        
                                            GET /cm/dd?d_uuid=29050923016152310622663725458272545007 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmoharris.donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.251.26.3
HTTP/1.1 302
                                        
Date: Thu, 29 Sep 2022 21:08:34 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzYJUgAAAF87oANx; Domain=.everesttech.net; Expires=Fri, 29-Sep-2023 21:08:34 GMT; Path=/ everest_session_v2=YzYJUgAAAF87oQNx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzYJUgAAAF87oANx
Server: AMO-cookiemap/1.1

                                        
                                            GET /ibs:dpid=411&dpuuid=YzYJUgAAAF87oANx HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bmoharris.donfitzsimmons.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.252.39.216
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-0ca885ff3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzYJUgAAAF87oANx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=04268367105956439841170847337020076235; Max-Age=15552000; Expires=Tue, 28 Mar 2023 21:08:34 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ZXBTPwCTRlo=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzYJUgAAAF87oANx HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bmoharris.donfitzsimmons.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.252.39.216
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-0d2a58cc0.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Aw+sOBDaRgc=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 21:08:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 21:08:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 21:08:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 21:08:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:43 GMT
age: 84471
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10023
Md5:    f4505f57697072468da82e0b536d0d5b
Sha1:   e1067a2dfbc22e7eb196046d57bd1e17604dba75
Sha256: b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:41:45 GMT
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
age: 84409
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14073
Md5:    11594ce7500d8776bfd5162b17f87d72
Sha1:   72603efba82d649ce5a7a0ca45dc830c0d9ef012
Sha256: 511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:12:40 GMT
age: 60954
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7810
Md5:    456968f691ae9464d69a37bffe9bd7ce
Sha1:   31b8538deb0f00d5b4182739a4a2fcc1b956a998
Sha256: 5cde1e3158e6c6c0b7a01d3bd32f2aa2