urlscan.io logo urlscan.io
SecurityTrails logo

www.firstontario.com Open in urlscan Pro
2600:9000:2509:f800:16:add0:abc0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.firstontario.com/
Effective URL: https://www.firstontario.com/
Submission: On October 30 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 1 countries across 13 domains to perform 85 HTTP transactions. The main IP is 2600:9000:2509:f800:16:add0:abc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.firstontario.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on April 10th 2024. Valid for: a year.
This is the only time www.firstontario.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

49    2600:9000:2509:f800:16:add0:abc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.firstontario.com
4    2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.167.88.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-88-3.iad55.r.cloudfront.net
plugins.central1.cc
4    18.165.98.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-77.iad55.r.cloudfront.net
static.ada.support
1    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
fonts.gstatic.com
6    2600:9000:2269:3a00:13:3b2a:9e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.forge.central1.cc
2    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com
pixel.byspotify.com
1    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:4004:c0b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
www.google.ca
1    172.253.122.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f104.1e100.net
www.google.com
2    2600:1901:1:7c5:: (United States)

ASN15169 (GOOGLE, US)
pixels.spotify.com
2    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    3.167.37.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-37-107.iad61.r.cloudfront.net
rollout.ficanex.ada.support
3    3.167.88.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-88-75.iad55.r.cloudfront.net
fcu.ficanex.ada.support
Apex Domain
Subdomains		 Transfer
49 firstontario.com
www.firstontario.com
4 MB
8 ada.support
static.ada.support — Cisco Umbrella Rank: 9274
rollout.ficanex.ada.support
fcu.ficanex.ada.support
65 KB
7 central1.cc
plugins.central1.cc
api.forge.central1.cc
64 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
318 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 spotify.com
pixels.spotify.com — Cisco Umbrella Rank: 3275
271 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 12143
127 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 147
www.google.com — Cisco Umbrella Rank: 3
64 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
75 KB
1 byspotify.com
pixel.byspotify.com — Cisco Umbrella Rank: 7141
22 KB
1 gstatic.com
fonts.gstatic.com
15 KB
0 Failed
function sub() { [native code] }. Failed
85 13
Domain Requested by
49 www.firstontario.com www.firstontario.com
6 api.forge.central1.cc plugins.central1.cc
4 static.ada.support plugins.central1.cc
static.ada.support
4 www.googletagmanager.com www.firstontario.com
www.googletagmanager.com
3 fcu.ficanex.ada.support static.ada.support
2 www.facebook.com www.firstontario.com
2 pixels.spotify.com plugins.central1.cc
2 www.google.ca www.firstontario.com
2 td.doubleclick.net www.googletagmanager.com
2 connect.facebook.net www.firstontario.com
connect.facebook.net
1 rollout.ficanex.ada.support plugins.central1.cc
1 www.google.com www.firstontario.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com plugins.central1.cc
1 googleads.g.doubleclick.net www.googletagmanager.com
1 pixel.byspotify.com www.firstontario.com
1 fonts.gstatic.com www.firstontario.com
1 plugins.central1.cc www.firstontario.com
0 assets Failed www.firstontario.com
85 19
Subject Issuer Validity Valid
*.firstontario.com
Thawte TLS RSA CA G1		 2024-04-10 -
2025-05-11		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
plugins.central1.cc
Amazon RSA 2048 M02		 2024-03-02 -
2025-03-31		 a year crt.sh
*.ada.support
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.forge.central1.cc
Amazon RSA 2048 M03		 2024-06-22 -
2025-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-08 -
2024-11-06		 3 months crt.sh
pixel.byspotify.com
WR3		 2024-10-15 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.ca
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.spotify.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-05 -
2025-02-04		 a year crt.sh
*.ficanex.ada.support
Amazon RSA 2048 M02		 2024-10-22 -
2025-11-20		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.firstontario.com/
Frame ID: 11899513133C56EE34392E737714CC2E
Requests: 75 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.firstontario.com
Frame ID: BCFF92B261121B50DB5CC03B04FCC1B0
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/954063134?random=1730298545053&cv=11&fst=1730298545053&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4as0v9176235933z879888712za201zb79888712&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstontario.com%2F&hn=www.googleadservices.com&frm=0&tiba=FirstOntario%20Credit%20Union%20%7C%20Banking%20and%20Investments&npa=0&pscdl=noapi&auid=800824018.1730298545&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: A81142764AEFD762DAF241C89E45D92B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-BPTVZ4B3DN&gacid=387793115.1730298545&gtm=45je4as0v9115597187z879888712za200zb79888712&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=1155393220
Frame ID: 6A5EB459D436D99AB8F4F815368CE304
Requests: 1 HTTP requests in this frame

Frame: https://fcu.ficanex.ada.support/embed/x-storage/06c760b/index.html
Frame ID: 207CEBD54C6A20F400D7CCE648AEB16B
Requests: 1 HTTP requests in this frame

Frame: https://fcu.ficanex.ada.support/embed/button/06c760b/index.html
Frame ID: 94E8BF14757050F2A81039F87FED2D0B
Requests: 1 HTTP requests in this frame

Frame: https://fcu.ficanex.ada.support/embed/intro/06c760b/index.html
Frame ID: 3C3B1711935DF73B32C5CE96554D181C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FirstOntario Credit Union | Banking and Investments

Page URL History Show full URLs

  1. http://www.firstontario.com/ HTTP 307
    https://www.firstontario.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment-timezone(?:-data)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

99 %
HTTPS

44 %
IPv6

13
Domains

19
Subdomains

19
IPs

1
Countries

4164 kB
Transfer

6092 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.firstontario.com/ HTTP 307
    https://www.firstontario.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.firstontario.com/
Redirect Chain
  • http://www.firstontario.com/
  • https://www.firstontario.com/
124 KB
125 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ee4bd1d13ae0cb8f96383e27f3fc4382ac6c54f7f8f3b41ce7f1fd3837630c96
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
29
content-type
text/html;charset=UTF-8
date
Wed, 30 Oct 2024 14:28:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
x-amz-cf-id
Grsy21WP5BoxFmrb82k6emO0J7qUrmxtk6w0akmZYB4Zvx4WT17QpQ==
x-amz-cf-pop
IAD12-P2
x-cache
Hit from cloudfront

Redirect headers

Location
https://www.firstontario.com/
Non-Authoritative-Reason
HttpsUpgrades
ie-warning.js
www.firstontario.com/assets/js/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/assets/js/ie-warning.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a4654a214cda74c3ea270492e08f0c046be8bfdff5c7f6b44968d8a0625b53a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"6196c46e-4ab"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
H2wKrMZmh6ExCyS6QrLwL7vvmXkwpPu56CKwHpMjBp5zdIds7Mq19A==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 18 Nov 2021 21:23:58 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
bootstrap.min.css
www.firstontario.com/global-styles/vendors/bootstrap/css/ 		119 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/vendors/bootstrap/css/bootstrap.min.css
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a99d9fc1e5b71c8f5b9a932828efd44c8db4fe903ff9e965ec19b7aabaeaf790
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"618bd79d-1dabb"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
yWNyeLG7GmwK-w4R_EljuSu8xrc84oYFYKeQLDwn0hw1L4FQlJUuxA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
text/css
last-modified
Wed, 10 Nov 2021 14:30:53 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
theme.min.css
www.firstontario.com/global-styles/ 		484 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/theme.min.css
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d37a0aae996a76aad608cf9e8096c9cbf1455be843a22e5722ce47c85e5936fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"66aab04a-78e04"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
HWoq_tjjW7eOUKRoO4C5DeIa53sbn-_sdYD713-Sm6L5Yf5vIozXig==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
text/css
last-modified
Wed, 31 Jul 2024 21:44:42 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
brand.min.css
www.firstontario.com/styles/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/styles/brand.min.css
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a2e88a8d812bbb0b3f48fe98f91e07fccfaea0d49586eb47708fa092011eaadd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"6602e0d1-c853"
age
338
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
JYFj2zvkvj5RyOEyYPJT4mvTriOos17MPf81wlUlLoNBvQrSFPd5eg==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
text/css
last-modified
Tue, 26 Mar 2024 14:50:57 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
jquery-3.2.1.min.js
www.firstontario.com/global-styles/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/jquery-3.2.1.min.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c207bbe7195556c8fcecfa1a694014b26416161feff2836da7f283ea2af7d69f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"61139a9a-15636"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
Q913P0JmZla3eDBmr4X8aQc-OHZa51mbNuW6f6w9bI6cXFrf7--b7A==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 11 Aug 2021 09:38:34 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
c1-moment.js
www.firstontario.com/global-styles/js/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-moment.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"61139a9a-c9df"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
rhCQZkICTfsiDxtmXQLCqQD6XQyBe_IzEgkwneVuT620zpe3beQIUA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 11 Aug 2021 09:38:34 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
c1-moment-timezone.js
www.firstontario.com/global-styles/js/ 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-moment-timezone.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
012017b424242339bb83341d273811d102721a4d732c0563634e634d45a4156c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"61139a99-9c8b"
age
174
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
PVdr0QIsY-ifAk6NUQHeLJD8gwzKX7sDwXTHkYv1UMSGotTMeczJyQ==
date
Wed, 30 Oct 2024 14:26:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 11 Aug 2021 09:38:33 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
js.cookie.js
www.firstontario.com/global-styles/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/js.cookie.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"61139a99-f2e"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
hrs12onD41-UWKbhdLbYFWw61AVr92TIekn4e8uab9Fk5As0dQk6bA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 11 Aug 2021 09:38:33 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
c1-tabbed-layout.js
www.firstontario.com/global-styles/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-tabbed-layout.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
18fc98a716762c732468d3d55ab67b89323c1c6345af6ebb453c966e8745ea3f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"61fc2d8f-861"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
LcbmH8trC7BpcvbKJgZM0WTCQW3__CDBzEw_0zIU1BtSqMT7X7Ms3g==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 03 Feb 2022 19:31:27 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
c1-collapsible-content.js
www.firstontario.com/global-styles/js/ 		1 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-collapsible-content.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d82de76a9de883c92983ceaf43c98f9adea3b0130cdbfa7e7f0e2fe60f4acbc9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"61139a99-48a"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
7dnsxm-UB3tWstCOE_2HDdA7-Mvz0Ez6hKS62dyFH_E_r5_Z_iL-tw==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 11 Aug 2021 09:38:33 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
c1-collapsible-container.js
www.firstontario.com/global-styles/js/ 		995 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-collapsible-container.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
85a288d366b3335edd014a5281f1488ba7a284cbb71c4c8f4bd2ff0a02d15829
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"62f34084-3e3"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
995
x-amz-cf-id
qT9DQublYxAtG7RvBzJY7Pe2TZWGUJkF0-NH4G7Y457AjB0beVoUmw==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Aug 2022 05:22:12 GMT
x-amz-cf-pop
IAD12-P2
c1-customer-advisory.js
www.firstontario.com/global-styles/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-customer-advisory.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ee3ee7817ef03e32791e4d3434392164bc4dcb195376156e5f2048a269d98190
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"64091371-3484"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
7ejVw9S_16OTo1ef-MlixM2xb4bQfroBtYz0DsbU5Q9TPd03689AUA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 08 Mar 2023 23:00:01 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
iframeResizer.js
www.firstontario.com/global-styles/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/iframeResizer.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c8f0a8deda615592283eb23b1def693615dc13425a42931b872d26a68a7c8bb6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"6269864d-3723"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
XzNT3nwCb1YmnjqA7-R4hkAPHaXFvAdRpRCs5OrHJ501AsAzhpCxGw==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Apr 2022 18:07:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
slick.js
www.firstontario.com/global-styles/vendors/slick/ 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/vendors/slick/slick.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
60772bfc7c6d5c6c5cdeb89a8462a3f8e37e7ef2d765f380b641a9b0f336ea55
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"65d53334-15b97"
age
174
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
987GLxQA9yDOR0qwmgWdpRSOfhSLeCRxm7ocEj_NSHPmbaTApykQpw==
date
Wed, 30 Oct 2024 14:26:10 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 20 Feb 2024 23:18:12 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
c1-carousel.js
www.firstontario.com/global-styles/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-carousel.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fced5b2200f870f587c021f909053734d351c076c65624ad5de34ca0967a5d56
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"63864b6c-1a87"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
fQkZ1nNwN5okg_3fmFA_K1aObO9xuzPMKMbI2GKWh5bm_OwHfKNKXw==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 29 Nov 2022 18:11:56 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
c1-cookie-acceptance.js
www.firstontario.com/global-styles/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-cookie-acceptance.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c91d20a139184604bbd2b7dc4754c06d2cc21231926b46a55ab3b90bb7b0870f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"653ffe93-c40"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
pw1V686VRiAK42MQvlXacb2bpGUALmkQq_MFY4vZVm4jcwI-f_ZpNA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 30 Oct 2023 19:05:55 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
c1-javascript-component.js
www.firstontario.com/global-styles/js/ 		1 KB
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/c1-javascript-component.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
64d7c3e28431280a73040b795d0c73b4bd270384a5d37a13a70d56ae03bf6f82
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"632b678a-5a4"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
Esqq7GhpT2PtNJjg-W4DNxG6hhLIGLcG26AJRZ4_c8fOyc3p4Q-lYg==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 21 Sep 2022 19:35:38 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
sticky-header.js
www.firstontario.com/global-styles/js/header-c1-basic/ 		2 KB
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/header-c1-basic/sticky-header.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3654e3be27e53e32ecf7e6e9b646837632873e27ea0da69aee18eeee18908d3b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"614d17f0-7d5"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
CyFmqmI4AKoVaiXULjWsN-cHDm6badlkCg65PMyrpc2gsuonv5Fz-A==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 24 Sep 2021 00:12:32 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
fcu-logo-responsive.svg
www.firstontario.com/assets/img/logos/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/logos/fcu-logo-responsive.svg
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf30262aa0c1c3e8abc50f342b74fed1927fb81623d25b081846c750ccd873bb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"60e4e28b-1688"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
2HktQo_ypjGGOJDch81WM9_QLOekzE7N-JA9fIPOBlIGhn8z-XAQNQ==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/svg+xml
last-modified
Tue, 06 Jul 2021 23:08:59 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
fcu-gps-pin.svg
assets/img/images/ 		0
0
407x372%20-%20Financial%20Literacy.png
www.firstontario.com/assets/img/images/header/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/header/407x372%20-%20Financial%20Literacy.png
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cbe5396934684351ffbdef41b82bb7d3c59e3f1c815e6ce30b1bd3f83eb9d926
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"63d7f193-1b747"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
112455
x-amz-cf-id
q4nF3pJX3sAVrvbwj1e1tPGQskcPwVE8U9ojkRE7eK2GicRJev1kzQ==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/png
last-modified
Mon, 30 Jan 2023 16:34:27 GMT
x-amz-cf-pop
IAD12-P2
gtm.js
www.googletagmanager.com/ 		312 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGGLDV5
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8dafeba0ddf8593653b41de4304f69c039f98c9311db9e3f784911b84ec100bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 30 Oct 2024 14:29:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 14:29:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108370
x-xss-protection
0
server
Google Tag Manager
fcu-businessmenu-smallbusiness-470x373.jpg
www.firstontario.com/assets/img/images/header/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/header/fcu-businessmenu-smallbusiness-470x373.jpg
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0ed329b7ecd36ff3d5994cf61f9c7bd4c268e9e8e3e6a1333221131844692953
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"654913d5-29e8f"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
171663
x-amz-cf-id
tleO4dIBEwIqoEBi5Gfxfz9RrpBGGm0CM1T2Gqkjovvos2FC7NEeNw==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/jpeg
last-modified
Mon, 06 Nov 2023 16:27:01 GMT
x-amz-cf-pop
IAD12-P2
megamenu.js
www.firstontario.com/global-styles/js/header-c1-basic/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/header-c1-basic/megamenu.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f4d0bd87d4d54d7306a535cb520c90747c4c1677a44e35f143953fd8174e7d3e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"62a77589-1108"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
T2oOmMxpHkGESMr3ODe88OWEK2O6xxjSTodOmZeKnJVt2Qbu4m6b6A==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 13 Jun 2022 17:36:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
hamburger.js
www.firstontario.com/global-styles/js/header-c1-basic/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/header-c1-basic/hamburger.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9d50bab362344eb0bf6f28d3eb767f87c08b9cce16726a07795a4c19eaf2e9b0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"62a96aca-1f96"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
wooDozZoBoNqi1mRBwTG1rud_V7pVHmUogFpGRSwODoqfzjkXzaTFg==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 15 Jun 2022 05:14:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
quick-search.js
www.firstontario.com/global-styles/js/header-c1-basic/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/js/header-c1-basic/quick-search.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5c95dabf3f0b484cc147b3c2ddb03359b3af48f72559182203505c68fe40f84d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"650b160b-71b"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
RHOCj7IG0gojdMsKu5WpkD-jBN7SWZ1lGK0rhZFiWxdhX3BCovsXLA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Sep 2023 15:55:55 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
ficanex-tunnel-chat.js
plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ 		193 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-3.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d812ef8173e9ecd6fcb5158fba5c24eae09fcbc779d4c3935794a7f37ce22a94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

x-amz-cf-pop
IAD55-P6
content-encoding
br
etag
W/"a1ea638e202e7ccaf867b1f62f23d277"
age
85
via
1.1 42aed972fa621ce88b3040a924849922.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
K43len3Al0yvKrenelDfSGChnQDGkOIHQ3AxpHXm6Uw1f6ANpIdX1g==
date
Wed, 30 Oct 2024 14:27:40 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 06 Dec 2023 05:12:06 GMT
x-amz-server-side-encryption
AES256
firstontario_web_banner_main_26_month_1280x480.webp
www.firstontario.com/assets/img/images/personal/banners/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/personal/banners/firstontario_web_banner_main_26_month_1280x480.webp
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0e174bc1a6892c9df569b8077628d1b0ff2f207158dd6add8f779080c323141
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"66b3d0b1-76c4"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
30404
x-amz-cf-id
BXDIOmjusuhhenOg_sZZmA1_6I7XaHldnMADnhakDrcvT9aF7MZiVQ==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/webp
last-modified
Wed, 07 Aug 2024 19:53:21 GMT
x-amz-cf-pop
IAD12-P2
firstontario_web_banner_main_1280x480.webp
www.firstontario.com/assets/img/images/personal/banners/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/personal/banners/firstontario_web_banner_main_1280x480.webp
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
91f8be8dbb9fb9b97fe4832822018ec1592f29c7b7f714aa0fa0e663fc1e6b26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"66b3d0b1-1bfc"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
7164
x-amz-cf-id
GMu1sY17BsoNEg9fal5_E2H-qIRddwpO1wasnXuj_pLo-OBTaULhJA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/webp
last-modified
Wed, 07 Aug 2024 19:53:21 GMT
x-amz-cf-pop
IAD12-P2
fcu-events-tigercatsfundraiser-1280x480.png
www.firstontario.com/assets/img/images/personal/banners/ 		725 KB
726 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/personal/banners/fcu-events-tigercatsfundraiser-1280x480.png
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af0d9ba4c581d1ea44c00afbdd3397435828f847f72cad92ce066d1de2982d44
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"66fc0ad8-b52d1"
age
164
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
742097
x-amz-cf-id
OV7OPBanXpzXIJzf4GpZFA4flUjHoMx4UWhkaPRUPqPGcKHtof93cQ==
date
Wed, 30 Oct 2024 14:26:20 GMT
content-type
image/png
last-modified
Tue, 01 Oct 2024 14:44:40 GMT
x-amz-cf-pop
IAD12-P2
firstontario-momentum-micro-466x300.png
www.firstontario.com/assets/img/images/personal/cards/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/personal/cards/firstontario-momentum-micro-466x300.png
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0f30666ba466b8a4a597a49943558d345aeb9b506060754cf4d48e0b52a07fe4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"671288ba-2a3fe"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
173054
x-amz-cf-id
86-sHyjTTiKutBMLXWxmrPc6wu1CY5dkznkAYEHUK7vnw4K7R2k4cg==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/png
last-modified
Fri, 18 Oct 2024 16:11:38 GMT
x-amz-cf-pop
IAD12-P2
firstontario-mortgagecampaign-webbanner-micro-466x300.webp
www.firstontario.com/assets/img/images/personal/cards/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/personal/cards/firstontario-mortgagecampaign-webbanner-micro-466x300.webp
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a7a7e598f63fd2ea01b1fd7cc01572067569f6b39852353ecc2d34ad3884acc5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"663e1c03-63f8"
age
164
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
25592
x-amz-cf-id
y4amgOtUFDh0zUx4yHX9luGdu2kYyWdkv1fByQg-DHhkar2dKO0IgQ==
date
Wed, 30 Oct 2024 14:26:20 GMT
content-type
image/webp
last-modified
Fri, 10 May 2024 13:07:15 GMT
x-amz-cf-pop
IAD12-P2
fcu-bod-election-micro-466x300.png
www.firstontario.com/assets/img/images/personal/cards/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/personal/cards/fcu-bod-election-micro-466x300.png
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ad0c4aa0be4cdc8fecd97a2d21dda864e16452ac4c7c1eaf38009dfc351e2b05
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"66fbf78f-220d8"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
139480
x-amz-cf-id
ZMpjKNCRFlMhTtNwOWzHYrjrl5WuCEzNTiPDbJFbUl4JKPBCXYKQ8w==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/png
last-modified
Tue, 01 Oct 2024 13:22:23 GMT
x-amz-cf-pop
IAD12-P2
1280x365-Personal-Marquee%20with%20Banner%20Overlay1.jpg
www.firstontario.com/assets/img/images/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/1280x365-Personal-Marquee%20with%20Banner%20Overlay1.jpg
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
49b2d6fef41ccc713d8e5d1e83749a009cd32052b41569cf81956cd346159f53
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"60e51f04-4337e"
age
164
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
275326
x-amz-cf-id
TAWIOt_WiZVq5gH0-pYXCNnK-DFkFLxn50eUh8vKcPA6It7wh4gcQg==
date
Wed, 30 Oct 2024 14:26:20 GMT
content-type
image/jpeg
last-modified
Wed, 07 Jul 2021 03:27:00 GMT
x-amz-cf-pop
IAD12-P2
fcu-icon-social-facebook.svg
www.firstontario.com/assets/img/icons/ 		764 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/icons/fcu-icon-social-facebook.svg
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec2adffdcd9d1fbee3a42469703d3e1df06c20e9a542493c4665b3511d22efae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"60e521ef-2fc"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
764
x-amz-cf-id
hJvvHlOdeLmXDz_wTAUz0_kneIQ8MzjWBFD8Nc8r8VaRA8r742H8fw==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/svg+xml
last-modified
Wed, 07 Jul 2021 03:39:27 GMT
x-amz-cf-pop
IAD12-P2
IG_Glyph_Fill.png
www.firstontario.com/assets/img/images/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/IG_Glyph_Fill.png
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bc8f34d351b0080e4647690bc35acee7e0af2c92a7a60a4e782b274bbdf549c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"60e4e223-15f0f"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
89871
x-amz-cf-id
F7Td3PotlJy42EZce3y5B-wHL5EdlNk98igrwT18arDyA8YXgNZ1Uw==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/png
last-modified
Tue, 06 Jul 2021 23:07:15 GMT
x-amz-cf-pop
IAD12-P2
fcu-icon-social-linkedin.svg
www.firstontario.com/assets/img/icons/ 		919 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/icons/fcu-icon-social-linkedin.svg
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2a5b06c5883c345c40d2e908870fca4cb657989cd1c09ec70dd671e9f705354b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"60e521ef-397"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
919
x-amz-cf-id
lDsZOb6HoiWSoFGe-rMfBvzDQnopd-otxfYh4GcTfUPyJssxF-DP6A==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/svg+xml
last-modified
Wed, 07 Jul 2021 03:39:27 GMT
x-amz-cf-pop
IAD12-P2
fcu-icon-social-x-original.svg
www.firstontario.com/assets/img/icons/ 		38 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/icons/fcu-icon-social-x-original.svg
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5f03f4347c768012bbb6bb6ae231776b56dc515d8627d44adc893aa521230498
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
etag
W/"65e0888f-99ab"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
18lPcv9vg6lqdCrtwPMzVAkkNbskQXtBUlYMpy1zz4_i9wkE03DDEg==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Feb 2024 13:37:19 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
FCU-Icon-YouTube.svg
www.firstontario.com/assets/img/icons/widgets/ 		938 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/icons/widgets/FCU-Icon-YouTube.svg
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c86873aca128553b5ab382cbac9193f3d38c748c858dc798ef45f763c5439c24
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"6356dff6-3aa"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
938
x-amz-cf-id
8KbFROx6Bi-FB-WFeKAQFScJyiM-eKsniynNZjtJXRHLwv_5xgWHuw==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/svg+xml
last-modified
Mon, 24 Oct 2022 18:56:54 GMT
x-amz-cf-pop
IAD12-P2
fsra-badge.PNG
www.firstontario.com/assets/img/logos/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/logos/fsra-badge.PNG
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
32947542264ff1ca0d3aa8febac78c9526cc295b65682b647ff3b161c8c94ba5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"6356e27c-1465e"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
83550
x-amz-cf-id
QLe4o78IyugvN2dGtE6YXTD39hgfA5ZGyRTMtXv_t_N1G3zHzPshXA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/png
last-modified
Mon, 24 Oct 2022 19:07:40 GMT
x-amz-cf-pop
IAD12-P2
SourceSansPro-Regular.ttf
www.firstontario.com/assets/fonts/Source_Sans_Pro/ 		287 KB
287 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/assets/fonts/Source_Sans_Pro/SourceSansPro-Regular.ttf
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/styles/brand.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/styles/brand.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"611e5801-47a8c"
age
165
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
293516
x-amz-cf-id
cCkHNzg2xmg0qnsVdT7WoUxiXfslYS_6O_bWDFtgeEKV43N6hWRrrw==
date
Wed, 30 Oct 2024 14:26:19 GMT
content-type
application/octet-stream
last-modified
Thu, 19 Aug 2021 13:09:21 GMT
x-amz-cf-pop
IAD12-P2
fa-solid-900.woff2
www.firstontario.com/global-styles/fontawesome/webfonts/ 		134 KB
134 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/global-styles/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/global-styles/theme.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"60ed7c76-21678"
age
174
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
136824
x-amz-cf-id
eTM3FkBJpKH2G_flZqicUeZVqElkCRAE9pT9XV8WcO_T0f-Xh2sppw==
date
Wed, 30 Oct 2024 14:26:10 GMT
content-type
font/woff2
last-modified
Tue, 13 Jul 2021 11:43:50 GMT
x-amz-cf-pop
IAD12-P2
SourceSansPro-SemiBold.ttf
www.firstontario.com/assets/fonts/Source_Sans_Pro/ 		285 KB
286 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/assets/fonts/Source_Sans_Pro/SourceSansPro-SemiBold.ttf
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/styles/brand.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1abd7bd14daea0c793865e0df0e17b3f07ec1cbf22855676c4716726b930f17e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/styles/brand.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"611e5802-47418"
age
165
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
291864
x-amz-cf-id
gKdvCmuRkMtHjC01pIf0-M6OpRA9EI_Zgn3sncQ5rwWfg_taIZJr8A==
date
Wed, 30 Oct 2024 14:26:19 GMT
content-type
application/octet-stream
last-modified
Thu, 19 Aug 2021 13:09:22 GMT
x-amz-cf-pop
IAD12-P2
SourceSansPro-Light.ttf
www.firstontario.com/assets/fonts/Source_Sans_Pro/ 		286 KB
287 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/assets/fonts/Source_Sans_Pro/SourceSansPro-Light.ttf
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/styles/brand.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5705ecafdaa64d8af74d0c03f89272a65cfee9f7e62b55016a8dcbe4a69b6f86
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/styles/brand.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"611e5802-47748"
age
165
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
292680
x-amz-cf-id
31A-4EdkzLkD09y-mwh-Z_nSxbjkYyloX6heCbPFxRzeXxz1jAhaDA==
date
Wed, 30 Oct 2024 14:26:19 GMT
content-type
application/octet-stream
last-modified
Thu, 19 Aug 2021 13:09:22 GMT
x-amz-cf-pop
IAD12-P2
embed2.js
static.ada.support/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed2.js
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-77.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43da18f909be2ce7b2a6908460d55c1e85440107401bb04706c2bf725ff55fe5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
JTEe2QogZxw2trnqb5fj0lJ5svkPSon1
etag
W/"d556a4fd6f86b7c64ce2e54347438fb8"
age
36521
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
R6Yp2LlezUmms1yM4BoQokoshf7VF5MQRLT_0vc6ecoBI24zVM5BQA==
date
Wed, 30 Oct 2024 04:20:24 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Tue, 17 Sep 2024 18:14:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age: 300
via
1.1 5a0e8b615e213d3d5cc20b095e088b16.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD55-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2
fonts.gstatic.com/s/sourceserifpro/v5/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v5/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/styles/brand.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
858c43f311dc3adb895f69ee9e3fbed55e6dc98c83ac0f2af877ad43ce23b017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/

Response headers

report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 14:29:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 14:29:05 GMT
content-type
font/woff2
last-modified
Tue, 10 Oct 2017 23:08:06 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15356
x-xss-protection
0
server
sffe
ajax-loader.gif
www.firstontario.com/global-styles/vendors/slick/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/global-styles/vendors/slick/ajax-loader.gif
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/global-styles/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/global-styles/theme.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"6114471a-1052"
age
164
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
4178
x-amz-cf-id
IA4ld7o6Kw7NXCP6USdQnQ0QEWc27s7-Yyg1zSUYOEkE5CIQRSEtWQ==
date
Wed, 30 Oct 2024 14:26:20 GMT
content-type
image/gif
last-modified
Wed, 11 Aug 2021 21:54:34 GMT
x-amz-cf-pop
IAD12-P2
slick.woff
www.firstontario.com/global-styles/vendors/slick/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/vendors/slick/fonts/slick.woff
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/global-styles/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/global-styles/theme.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"6114471b-564"
age
165
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
1380
x-amz-cf-id
lWyX4ft5R3S1HSGHE2CmEhG0Mc77tLFXFNoVam9ayuZxhlTGopnF1Q==
date
Wed, 30 Oct 2024 14:26:19 GMT
content-type
font/woff
last-modified
Wed, 11 Aug 2021 21:54:35 GMT
x-amz-cf-pop
IAD12-P2
204572c6-4ef3-49ee-b4f7-964b73aecaac
api.forge.central1.cc/rates-service/v1/rates/ 		335 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.forge.central1.cc/rates-service/v1/rates/204572c6-4ef3-49ee-b4f7-964b73aecaac
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2269:3a00:13:3b2a:9e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ca3cf854a0ef4dcc7e6430e83809a002495f55d676832d9db73f1e9327d7c74c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
c1-tid
on_firstontariocu_com
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
rLhf-JahuqucPo8Zvg6yAaBHymm-sV0rVKLXBXQDHq1zTWE1X-JgEg==
date
Wed, 30 Oct 2024 14:29:06 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-amz-cf-pop
IAD89-P1
b07be614-e0e8-4592-96cc-922ec35a282b
api.forge.central1.cc/rates-service/v1/rates/ 		340 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.forge.central1.cc/rates-service/v1/rates/b07be614-e0e8-4592-96cc-922ec35a282b
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2269:3a00:13:3b2a:9e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a07106fbec1066b70fd83388f90c31bbaa3a5c6dd699c7ffb68e37809e6e3c8e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
c1-tid
on_firstontariocu_com
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
cjcfWmxsjaCNfEH8_dwo89YMmTqGQwtmV8gLkFaq4U9a05Sqw85cUg==
date
Wed, 30 Oct 2024 14:29:06 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-amz-cf-pop
IAD89-P1
8ab22f7c-3857-4f78-b311-2690b048f84c
api.forge.central1.cc/rates-service/v1/rates/ 		372 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.forge.central1.cc/rates-service/v1/rates/8ab22f7c-3857-4f78-b311-2690b048f84c
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2269:3a00:13:3b2a:9e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c87b7b19c6aa7373b38b8b230d809a0c56ae054a6dac2c1a836a12e6adfef0be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
c1-tid
on_firstontariocu_com
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
ODEpKUYdHHl4HHoCYE13SChDw6EwogIi7cy72etI8ZixR_DZ0S7kAg==
date
Wed, 30 Oct 2024 14:29:06 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-amz-cf-pop
IAD89-P1
SourceSansPro-LightItalic.ttf
www.firstontario.com/assets/fonts/Source_Sans_Pro/ 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/assets/fonts/Source_Sans_Pro/SourceSansPro-LightItalic.ttf
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/styles/brand.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
93ed5542962715b40b4a63779206cd099d1ca865f0ee096a5cddce265be0c356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/styles/brand.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"611e5801-196dc"
age
165
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
104156
x-amz-cf-id
vAyg9iUHUcm5T_3j4XJ6qsVDu0mwGTUiD55x2QHpznewVEMjQfCFzg==
date
Wed, 30 Oct 2024 14:26:19 GMT
content-type
application/octet-stream
last-modified
Thu, 19 Aug 2021 13:09:21 GMT
x-amz-cf-pop
IAD12-P2
Roboto-Thin.woff2
www.firstontario.com/global-styles/assets/fonts/Roboto/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/global-styles/assets/fonts/Roboto/Roboto-Thin.woff2
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/global-styles/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
61b96427944966fbdac416e7ef6d343606758ea2b3fb2cad0f725f82f32ed18f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/global-styles/theme.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"6165be24-f648"
age
165
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
63048
x-amz-cf-id
5H9a1dzSUMr2dQxufZwrv-O79BpULUCVWcU2rEPe3qognmSVVTiX6w==
date
Wed, 30 Oct 2024 14:26:19 GMT
content-type
font/woff2
last-modified
Tue, 12 Oct 2021 16:56:04 GMT
x-amz-cf-pop
IAD12-P2
SourceSansPro-ExtraLight.ttf
www.firstontario.com/assets/fonts/Source_Sans_Pro/ 		284 KB
285 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/assets/fonts/Source_Sans_Pro/SourceSansPro-ExtraLight.ttf
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/styles/brand.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8315c5b2e847440ce2ce9c233de6b87c568cbf0e611be67e4ebc799e536be978
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.firstontario.com
Referer
https://www.firstontario.com/styles/brand.min.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"611e5801-47128"
age
165
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
291112
x-amz-cf-id
ERxxhhfuf6IMHDQNKfiwSjMVMZ79jPEhn7Ih_8rQxW7VWmQoV0Lh3A==
date
Wed, 30 Oct 2024 14:26:19 GMT
content-type
application/octet-stream
last-modified
Thu, 19 Aug 2021 13:09:21 GMT
x-amz-cf-pop
IAD12-P2
js
www.googletagmanager.com/gtag/ 		370 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BPTVZ4B3DN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGGLDV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e47ecacd21698a8fb72dff67fbccd0876034c665a5818c33aa88789accb0e03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 30 Oct 2024 14:29:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 14:29:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
116579
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		282 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-954063134&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGGLDV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9d49431ca6ded07c1185b8fe27fe29382c3a9be0f3369574781d4ccca5331a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 30 Oct 2024 14:29:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 14:29:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98963
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		229 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-mg6drQtT' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 14:29:04 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-mg6drQtT' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4416, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
r+52OxhDeO7GKH7IwjhOjAuCGy1ua12tAgGvDFFMAIxshQS3/oB8n7pXulvvGnUyyQsHaa5kHjJdrfAq/E4rxg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59722
x-xss-protection
0
origin-agent-cluster
?1
ping.min.js
pixel.byspotify.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.byspotify.com/ping.min.js
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.162.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag
"4eddeec95afda969b3d1b2fb970c1eb1"
age
1442
x-goog-stored-content-encoding
identity
expires
Wed, 30 Oct 2024 15:05:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
22096
date
Wed, 30 Oct 2024 14:05:03 GMT
last-modified
Tue, 25 Jun 2024 13:55:33 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY0fAZMTToOnoD84QH6nydNCqzdudZP7d-1x7M_tggaOI-HbOfOTtFCfU-ymDDGDijOQZFeBfYwt-w
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
x-goog-generation
1719323733334567
content-length
22096
server
UploadServer
fcu-gps-pin.svg
www.firstontario.com/assets/img/images/ 		660 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstontario.com/assets/img/images/fcu-gps-pin.svg
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e42613a35536834b38ea06d06051c54e7a1d9844b211ce3231d85e7afbaac899
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"60e4e3e7-294"
age
338
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
660
x-amz-cf-id
pJ5WucxX6TJm6G78MUKc70VI9qB2dxS-ib_NL0BscJoRV4SBQBtIPA==
date
Wed, 30 Oct 2024 14:23:26 GMT
content-type
image/svg+xml
last-modified
Tue, 06 Jul 2021 23:14:47 GMT
x-amz-cf-pop
IAD12-P2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame BCFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.firstontario.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGGLDV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 14:29:05 GMT
expires
Thu, 30 Oct 2025 14:29:05 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
204572c6-4ef3-49ee-b4f7-964b73aecaac
api.forge.central1.cc/rates-service/v1/rates/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.forge.central1.cc/rates-service/v1/rates/204572c6-4ef3-49ee-b4f7-964b73aecaac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2269:3a00:13:3b2a:9e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
c1-tid
Access-Control-Request-Method
GET
Origin
https://www.firstontario.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
c1-tid
access-control-allow-methods
GET
access-control-allow-origin
*
content-length
0
date
Wed, 30 Oct 2024 14:29:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
x-amz-cf-id
Vli_D_rwYiebquyivd9mRsExdFV6ISU929K52JQHkdO_X_7HWdjAHA==
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
b07be614-e0e8-4592-96cc-922ec35a282b
api.forge.central1.cc/rates-service/v1/rates/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.forge.central1.cc/rates-service/v1/rates/b07be614-e0e8-4592-96cc-922ec35a282b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2269:3a00:13:3b2a:9e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
c1-tid
Access-Control-Request-Method
GET
Origin
https://www.firstontario.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
c1-tid
access-control-allow-methods
GET
access-control-allow-origin
*
content-length
0
date
Wed, 30 Oct 2024 14:29:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
x-amz-cf-id
AI498QrekQ0TNF750OYwW4wC5HwuYO9t-KnMTABVkYw5ARmXqRji_Q==
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
8ab22f7c-3857-4f78-b311-2690b048f84c
api.forge.central1.cc/rates-service/v1/rates/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.forge.central1.cc/rates-service/v1/rates/8ab22f7c-3857-4f78-b311-2690b048f84c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2269:3a00:13:3b2a:9e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
c1-tid
Access-Control-Request-Method
GET
Origin
https://www.firstontario.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
c1-tid
access-control-allow-methods
GET
access-control-allow-origin
*
content-length
0
date
Wed, 30 Oct 2024 14:29:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
x-amz-cf-id
qCls203tKQP6I56YfFae5GYzeJgxpvBZy35vJiVDZXvmN-go2B8fxw==
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/954063134/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954063134/?random=1730298545053&cv=11&fst=1730298545053&bg=ffffff&guid=ON&async=1&gtm=45be4as0v9176235933z879888712za201zb79888712&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstontario.com%2F&hn=www.googleadservices.com&frm=0&tiba=FirstOntario%20Credit%20Union%20%7C%20Banking%20and%20Investments&npa=0&pscdl=noapi&auid=800824018.1730298545&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-954063134&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
9a589e18479c9874be0dec71f90ce19ef9bdc035d466813ac03ada73f66ae09e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2354
date
Wed, 30 Oct 2024 14:29:05 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
954063134
td.doubleclick.net/td/rul/ Frame A811 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/954063134?random=1730298545053&cv=11&fst=1730298545053&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4as0v9176235933z879888712za201zb79888712&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstontario.com%2F&hn=www.googleadservices.com&frm=0&tiba=FirstOntario%20Credit%20Union%20%7C%20Banking%20and%20Investments&npa=0&pscdl=noapi&auid=800824018.1730298545&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-954063134&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.firstontario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 14:29:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-BPTVZ4B3DN&gtm=45je4as0v9115597187z879888712za200zb79888712&_p=1730298544065&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=387793115.1730298545&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1730298545&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstontario.com%2F&dt=FirstOntario%20Credit%20Union%20%7C%20Banking%20and%20Investments&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1658
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.firstontario.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 14:29:05 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BPTVZ4B3DN&cid=387793115.1730298545&gtm=45je4as0v9115597187z879888712za200zb79888712&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPTVZ4B3DN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.firstontario.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 14:29:05 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 6A5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-BPTVZ4B3DN&gacid=387793115.1730298545&gtm=45je4as0v9115597187z879888712za200zb79888712&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=1155393220
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPTVZ4B3DN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.firstontario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 14:29:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BPTVZ4B3DN&cid=387793115.1730298545&gtm=45je4as0v9115597187z879888712za200zb79888712&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&tag_exp=101533421~101823848~101878899~101878944~101925629&z=831300946
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 30 Oct 2024 14:29:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
embed-manifest.json
static.ada.support/ 		136 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed-manifest.json
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-77.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fb322b4e89470ea19c3f7c0a3d000761a58407e68e3bff7ec7cb717bd50348b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
etag
"ca420d02fe145725c1e3a356cd14c528"
x-amz-version-id
Hoz8jqvwAxq40hCLeGvLMd1TaTQmI2Yd
age
65233
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
YZzawr8-pWc083KHWO_QqSAJ1Gn_82nXISWAh1P7fUlYWiuughTP9Q==
date
Tue, 29 Oct 2024 20:21:53 GMT
content-type
application/json
last-modified
Fri, 25 Oct 2024 13:50:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 896a4d182a4523c1fe9109d1977e13a6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
136
x-amz-cf-pop
IAD55-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
189246455272863
connect.facebook.net/signals/config/ 		82 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/189246455272863?v=2.9.174&r=stable&domain=www.firstontario.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
7a5befd687e6912caa2c0e086cc5351f6d25e286197943484a95b75119ddba2e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-8nhmRwjg' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 14:29:05 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-8nhmRwjg' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=67, mss=1232, tbw=67856, tp=64, tpl=0, uplat=72, ullat=0
pragma
public
x-fb-debug
kvBZdByBSTCtP1XJ3l80LWyR78ZQVdajaGWXy7cNGMdr29DCTb8xJCJilCIxykXajwRNw6vwDBLm5eh38GmNyg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.google.com/pagead/1p-user-list/954063134/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/954063134/?random=1730298545053&cv=11&fst=1730296800000&bg=ffffff&guid=ON&async=1&gtm=45be4as0v9176235933z879888712za201zb79888712&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstontario.com%2F&hn=www.googleadservices.com&frm=0&tiba=FirstOntario%20Credit%20Union%20%7C%20Banking%20and%20Investments&npa=0&pscdl=noapi&auid=800824018.1730298545&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dEYonLI7QTYj3Q9QkdEGaJqH8Igd75Q&random=3629679081&rmt_tld=0&ipr=y
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 30 Oct 2024 14:29:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/954063134/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/954063134/?random=1730298545053&cv=11&fst=1730296800000&bg=ffffff&guid=ON&async=1&gtm=45be4as0v9176235933z879888712za201zb79888712&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstontario.com%2F&hn=www.googleadservices.com&frm=0&tiba=FirstOntario%20Credit%20Union%20%7C%20Banking%20and%20Investments&npa=0&pscdl=noapi&auid=800824018.1730298545&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dEYonLI7QTYj3Q9QkdEGaJqH8Igd75Q&random=3629679081&rmt_tld=1&ipr=y
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 30 Oct 2024 14:29:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ingest
pixels.spotify.com/v1/ 		52 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixels.spotify.com/v1/ingest
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
f2caf20ea2608361817cf13cddea16f87b7d900359e2e170ee75282a4a8c6b96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstontario.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
grpc-status
0
content-encoding
gzip
x-envoy-upstream-service-time
5
x-content-type-options
nosniff
via
HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding
gzip,x-snappy-framed
access-control-allow-origin
https://www.firstontario.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 14:29:05 GMT
content-type
application/json
vary
Accept-Encoding
grpc-encoding
identity
server
envoy
ingest
pixels.spotify.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pixels.spotify.com/v1/ingest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstontario.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
https://www.firstontario.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 30 Oct 2024 14:29:05 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
embed2.06c760b.js
static.ada.support/ 		166 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed2.06c760b.js
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-77.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3817333aa94d0b7517de503cfc53b8c4cad2f1d626fbfefea5b85e1f28b9ae12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
PJIxgLKjWev_zhwFG5hl7mPFH41MgO6H
etag
W/"768bde170059c64ba8f6e2a396a609b0"
age
55868
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
mm_y3n95IC3Ol3IQLBiWdWrQFJ0BkBWJBW3UGAlfWLq3gezB3omEuw==
date
Tue, 29 Oct 2024 22:57:58 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Fri, 25 Oct 2024 13:48:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
via
1.1 5a0e8b615e213d3d5cc20b095e088b16.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD55-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=189246455272863&ev=PageView&dl=https%3A%2F%2Fwww.firstontario.com&rl=&if=false&ts=1730298545443&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1730298545440.189044658853306035&cs_est=true&pm=1&hrl=982c15&ler=empty&cdl=API_unavailable&it=1730298545283&coo=false&cs_cc=1&cas=7957656364255321%2C3407699689244529&rqm=GET
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1297, tbw=2904, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 30 Oct 2024 14:29:05 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=189246455272863&ev=PageView&dl=https%3A%2F%2Fwww.firstontario.com&rl=&if=false&ts=1730298545443&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1730298545440.189044658853306035&cs_est=true&pm=1&hrl=982c15&ler=empty&cdl=API_unavailable&it=1730298545283&coo=false&cs_cc=1&cas=7957656364255321%2C3407699689244529&rqm=FGET
Requested by
Host: www.firstontario.com
URL: https://www.firstontario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431575664027671697"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 14:29:05 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
7Zcr0R+TVPJXnkB+VHCzjzfs6s3JM1kAjY3o0kJcmTnS3xfHZdmRy+DVNdQBJ9yfxwTQS5j53zoxJ19fKKZwxQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431575664027671697", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1297, tbw=3222, tp=-1, tpl=-1, uplat=122, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
favicon.png
www.firstontario.com/assets/ 		925 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.firstontario.com/assets/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:f800:16:add0:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
76558117f82afa0fa4d1fd555269064f9f0612f3b8eb083ac16b5476f273fc3e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
etag
"6151f604-39d"
age
99
access-control-allow-credentials
true
via
1.1 google, 1.1 21921ea369a14dee885ead4f8f5ca75a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
925
x-amz-cf-id
SI-MLv4sg2AWZpzDoQ4tqBhBoiHycWNoBfp5jlfowiHINQWPUeuM9w==
date
Wed, 30 Oct 2024 14:27:26 GMT
content-type
image/png
last-modified
Mon, 27 Sep 2021 16:49:08 GMT
x-amz-cf-pop
IAD12-P2
client.json
rollout.ficanex.ada.support/fcu/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rollout.ficanex.ada.support/fcu/client.json?ada_request_origin=embed
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.37.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-37-107.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0aad73df5f71449f85b34af577ae2613e9396f1dbb9bb33f0fe9aa8fe39cf104

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

access-control-max-age
300
access-control-expose-headers
ETag
etag
"1d4643f188711de57dacb590348d0cb1"
access-control-allow-methods
GET, HEAD
x-cache
RefreshHit from cloudfront
x-amz-cf-id
AOjnxV2yHgff9B-TdV8Jg27P2lN1ZnIv4fE4B_tUemD4TnWO0Q8gCQ==
date
Wed, 30 Oct 2024 14:29:09 GMT
content-type
application/json
vary
Origin
last-modified
Thu, 09 May 2024 13:48:34 GMT
cache-control
no-cache
via
1.1 b74365e62a15568f4c1434d713851630.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
8079
x-amz-cf-pop
IAD61-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
chat-manifest.json
static.ada.support/ 		136 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-manifest.json
Requested by
Host: plugins.central1.cc
URL: https://plugins.central1.cc/c1/ficanex-tunnel-chat/stable/ficanex-tunnel-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-77.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0351b83233a2c6f70cca3ef312b0754d69a5bd73cb0e0b44a17f27b47656b8d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.firstontario.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
etag
"6ec940ba680f54294707621e916f0c84"
x-amz-version-id
hItKgqXM.Kf3lw5t9JuO_9ra3vVJ5s8_
age
55871
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
i1tJkue52DcwgZKu5Fsqa0BT80fYvPR1opof9ljYfbFEAkjRcfuxPA==
date
Tue, 29 Oct 2024 22:57:58 GMT
content-type
application/json
last-modified
Fri, 25 Oct 2024 14:12:07 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 896a4d182a4523c1fe9109d1977e13a6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
136
x-amz-cf-pop
IAD55-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
index.html
fcu.ficanex.ada.support/embed/x-storage/06c760b/ Frame 207C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fcu.ficanex.ada.support/embed/x-storage/06c760b/index.html
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.06c760b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-75.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://www.firstontario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
45362
cache-control
172800
content-length
237
content-type
text/html
date
Wed, 30 Oct 2024 01:53:07 GMT
etag
"9de74f7ad2e5dab10ee5461c55c0cbe4"
last-modified
Fri, 25 Oct 2024 13:48:52 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 e4988703a7c309c2817a35cb916bef58.cloudfront.net (CloudFront)
x-amz-cf-id
pSXrGYQizVKTeoquSI4_gk6K3rgLeMoB6w9lWbx4Naf2fgEgqWCx6g==
x-amz-cf-pop
IAD55-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
Gg2CLXLmDFjn4MsNQ3UeDCRyPIZ2NxA5
x-cache
Hit from cloudfront
index.html
fcu.ficanex.ada.support/embed/button/06c760b/ Frame 94E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fcu.ficanex.ada.support/embed/button/06c760b/index.html
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.06c760b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-75.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://www.firstontario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
50097
cache-control
172800
content-encoding
gzip
content-type
text/html
date
Wed, 30 Oct 2024 00:34:11 GMT
etag
W/"3edde4849d0d77c3017f95618cda0595"
last-modified
Fri, 25 Oct 2024 13:48:52 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
accept-encoding
via
1.1 e4988703a7c309c2817a35cb916bef58.cloudfront.net (CloudFront)
x-amz-cf-id
h1KlAc5eSaXaVuf_nFMYIo0OePo_6jFKUz1yB6YlI35_tUnBVJerxQ==
x-amz-cf-pop
IAD55-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
VrOgn4SkkdeQtZEaKa.pWAZ3fisn0scM
x-cache
Hit from cloudfront
index.html
fcu.ficanex.ada.support/embed/intro/06c760b/ Frame 3C3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fcu.ficanex.ada.support/embed/intro/06c760b/index.html
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.06c760b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-75.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://www.firstontario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
49274
cache-control
172800
content-encoding
gzip
content-type
text/html
date
Wed, 30 Oct 2024 00:47:55 GMT
etag
W/"353ee3cb54169a4146a7fbf44384ba36"
last-modified
Fri, 25 Oct 2024 13:48:52 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
accept-encoding
via
1.1 e4988703a7c309c2817a35cb916bef58.cloudfront.net (CloudFront)
x-amz-cf-id
VNaG93fCjWlaHB96gzQdgjrj6qocj9r0eNrKp4trOf8FOYiy06JPMA==
x-amz-cf-pop
IAD55-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
RGKDouUsvLvTtrColYn8Ik0XoUz6B7mZ
x-cache
Hit from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets
URL
https://assets/img/images/fcu-gps-pin.svg

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer function| $ function| jQuery object| matched object| browser function| moment function| Cookies function| loadCollapsibleContent function| loadCollapsibleContainer function| CookiesUtility function| DateandTimeRegEx object| AdvisoryTime object| ScheduledAdvisory function| CustomerAdvisory function| loadCustomerAdvisory function| iFrameResize object| f2 function| initiateCookieAcceptance function| setAcceptanceCookie function| getAcceptanceCookie function| dismissAcceptance function| initiateJavaScriptInjector object| webpackChunkficanex_tunnel_chat function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| __core-js_shared__ object| core object| __zone_symbol__orientationchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__loadfalse object| google_tag_manager object| google_tag_data object| root string| x function| scrollToTop function| fbq function| _fbq function| spdt object| __zone_symbol__DOMContentLoadedfalse object| __zone_symbol__resizetrue number| ENTER_KEY_CODE number| ESC_KEY_CODE object| primaryNavMegamenu object| primaryNavNodeOne function| setPrimaryNavigationNodes function| megamenuEventHandler function| openMegamenu function| closeMegamenuClickHandler function| setSelectedElement function| resetSelectedElement function| setAriaExpanded object| menuStates object| menuLevel number| currentLevel object| hamburgerContainer object| openHamburgerMenuBtn object| closeHamburgerMenuBtn object| hamburgerMenuList object| backButton object| search function| navigateForwardInMenu function| navigateBackInMenu function| setSubmenuEventListener function| setSubmenuLayer function| closeHamburgerClickHandler function| openHamburgerMenu function| closeHamburgerMenu function| setCurrentMenuLevel function| subtractCurrentLevel function| resetCurrentLevel function| resetAllSelectedElements function| applyCorrectTabOrder string| ENTER_KEY_STRING string| QUERY_STRING object| searchBtn object| hamSearchBtn function| onClickSearch function| onClickSearchButton function| onTextEntered function| setOpenState function| setClosedState function| clearInput object| __zone_symbol__pagehidefalse object| GooglebQhCsO function| onYouTubeIframeAPIReady object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| gaGlobal string| __AdaEmbedLoaderVersion boolean| __AdaEmbedLoaderScriptLoaded object| adaEmbed object| __zone_symbol__scrollendfalse object| __zone_symbol__popstatefalse object| __SENTRY__ boolean| __AdaEmbedLoaded object| __zone_symbol__ada-custom-messagefalse object| __zone_symbol__locationchangefalse object| __zone_symbol__messagefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

7 Cookies

Domain/Path Name / Value
www.firstontario.com/ Name: JSESSIONID
Value: DC1B27D98E68C8456F06776F81FF5581
.firstontario.com/ Name: _gcl_au
Value: 1.1.800824018.1730298545
.firstontario.com/ Name: _ga_BPTVZ4B3DN
Value: GS1.1.1730298545.1.0.1730298545.60.0.0
.firstontario.com/ Name: _ga
Value: GA1.1.387793115.1730298545
www.firstontario.com/ Name: __spdt
Value: 1c783cd9bf5e4ad884dc2b2843cb1a25
.doubleclick.net/ Name: IDE
Value: AHWqTUnkJFVpcyRznnaTjALu_SCM3ubwlOsmAPfaPuH416ysrnbZIe1rR5h19m1r
.firstontario.com/ Name: _fbp
Value: fb.1.1730298545440.189044658853306035

1 Console Messages

Source Level URL
Text
network error URL: https://assets/img/images/fcu-gps-pin.svg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.forge.central1.cc
assets
connect.facebook.net
fcu.ficanex.ada.support
fonts.gstatic.com
googleads.g.doubleclick.net
pixel.byspotify.com
pixels.spotify.com
plugins.central1.cc
rollout.ficanex.ada.support
static.ada.support
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.firstontario.com
www.google.ca
www.google.com
www.googletagmanager.com
assets
142.251.163.94
157.240.229.1
172.253.115.156
172.253.115.94
172.253.122.104
18.165.98.77
2001:4860:4802:36::181
2600:1901:1:7c5::
2600:9000:2269:3a00:13:3b2a:9e00:93a1
2600:9000:2509:f800:16:add0:abc0:93a1
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c0b::9c
2607:f8b0:4004:c1b::9b
2a03:2880:f103:181:face:b00c:0:25de
3.167.37.107
3.167.88.3
3.167.88.75
34.117.162.98
012017b424242339bb83341d273811d102721a4d732c0563634e634d45a4156c
0351b83233a2c6f70cca3ef312b0754d69a5bd73cb0e0b44a17f27b47656b8d5
0aad73df5f71449f85b34af577ae2613e9396f1dbb9bb33f0fe9aa8fe39cf104
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
0ed329b7ecd36ff3d5994cf61f9c7bd4c268e9e8e3e6a1333221131844692953
0f30666ba466b8a4a597a49943558d345aeb9b506060754cf4d48e0b52a07fe4
18fc98a716762c732468d3d55ab67b89323c1c6345af6ebb453c966e8745ea3f
1abd7bd14daea0c793865e0df0e17b3f07ec1cbf22855676c4716726b930f17e
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2a5b06c5883c345c40d2e908870fca4cb657989cd1c09ec70dd671e9f705354b
32947542264ff1ca0d3aa8febac78c9526cc295b65682b647ff3b161c8c94ba5
3654e3be27e53e32ecf7e6e9b646837632873e27ea0da69aee18eeee18908d3b
3817333aa94d0b7517de503cfc53b8c4cad2f1d626fbfefea5b85e1f28b9ae12
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
43da18f909be2ce7b2a6908460d55c1e85440107401bb04706c2bf725ff55fe5
49b2d6fef41ccc713d8e5d1e83749a009cd32052b41569cf81956cd346159f53
4fb322b4e89470ea19c3f7c0a3d000761a58407e68e3bff7ec7cb717bd50348b
5705ecafdaa64d8af74d0c03f89272a65cfee9f7e62b55016a8dcbe4a69b6f86
5c95dabf3f0b484cc147b3c2ddb03359b3af48f72559182203505c68fe40f84d
5f03f4347c768012bbb6bb6ae231776b56dc515d8627d44adc893aa521230498
60772bfc7c6d5c6c5cdeb89a8462a3f8e37e7ef2d765f380b641a9b0f336ea55
61b96427944966fbdac416e7ef6d343606758ea2b3fb2cad0f725f82f32ed18f
64d7c3e28431280a73040b795d0c73b4bd270384a5d37a13a70d56ae03bf6f82
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a
76558117f82afa0fa4d1fd555269064f9f0612f3b8eb083ac16b5476f273fc3e
7a5befd687e6912caa2c0e086cc5351f6d25e286197943484a95b75119ddba2e
8315c5b2e847440ce2ce9c233de6b87c568cbf0e611be67e4ebc799e536be978
858c43f311dc3adb895f69ee9e3fbed55e6dc98c83ac0f2af877ad43ce23b017
85a288d366b3335edd014a5281f1488ba7a284cbb71c4c8f4bd2ff0a02d15829
8bc8f34d351b0080e4647690bc35acee7e0af2c92a7a60a4e782b274bbdf549c
8dafeba0ddf8593653b41de4304f69c039f98c9311db9e3f784911b84ec100bb
91f8be8dbb9fb9b97fe4832822018ec1592f29c7b7f714aa0fa0e663fc1e6b26
93ed5542962715b40b4a63779206cd099d1ca865f0ee096a5cddce265be0c356
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9a589e18479c9874be0dec71f90ce19ef9bdc035d466813ac03ada73f66ae09e
9d50bab362344eb0bf6f28d3eb767f87c08b9cce16726a07795a4c19eaf2e9b0
a07106fbec1066b70fd83388f90c31bbaa3a5c6dd699c7ffb68e37809e6e3c8e
a0e174bc1a6892c9df569b8077628d1b0ff2f207158dd6add8f779080c323141
a2e88a8d812bbb0b3f48fe98f91e07fccfaea0d49586eb47708fa092011eaadd
a4654a214cda74c3ea270492e08f0c046be8bfdff5c7f6b44968d8a0625b53a3
a7a7e598f63fd2ea01b1fd7cc01572067569f6b39852353ecc2d34ad3884acc5
a99d9fc1e5b71c8f5b9a932828efd44c8db4fe903ff9e965ec19b7aabaeaf790
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad0c4aa0be4cdc8fecd97a2d21dda864e16452ac4c7c1eaf38009dfc351e2b05
af0d9ba4c581d1ea44c00afbdd3397435828f847f72cad92ce066d1de2982d44
c207bbe7195556c8fcecfa1a694014b26416161feff2836da7f283ea2af7d69f
c86873aca128553b5ab382cbac9193f3d38c748c858dc798ef45f763c5439c24
c87b7b19c6aa7373b38b8b230d809a0c56ae054a6dac2c1a836a12e6adfef0be
c8f0a8deda615592283eb23b1def693615dc13425a42931b872d26a68a7c8bb6
c91d20a139184604bbd2b7dc4754c06d2cc21231926b46a55ab3b90bb7b0870f
ca3cf854a0ef4dcc7e6430e83809a002495f55d676832d9db73f1e9327d7c74c
cbe5396934684351ffbdef41b82bb7d3c59e3f1c815e6ce30b1bd3f83eb9d926
cf30262aa0c1c3e8abc50f342b74fed1927fb81623d25b081846c750ccd873bb
d37a0aae996a76aad608cf9e8096c9cbf1455be843a22e5722ce47c85e5936fe
d812ef8173e9ecd6fcb5158fba5c24eae09fcbc779d4c3935794a7f37ce22a94
d82de76a9de883c92983ceaf43c98f9adea3b0130cdbfa7e7f0e2fe60f4acbc9
d9d49431ca6ded07c1185b8fe27fe29382c3a9be0f3369574781d4ccca5331a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42613a35536834b38ea06d06051c54e7a1d9844b211ce3231d85e7afbaac899
e47ecacd21698a8fb72dff67fbccd0876034c665a5818c33aa88789accb0e03c
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ec2adffdcd9d1fbee3a42469703d3e1df06c20e9a542493c4665b3511d22efae
ee3ee7817ef03e32791e4d3434392164bc4dcb195376156e5f2048a269d98190
ee4bd1d13ae0cb8f96383e27f3fc4382ac6c54f7f8f3b41ce7f1fd3837630c96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2caf20ea2608361817cf13cddea16f87b7d900359e2e170ee75282a4a8c6b96
f4d0bd87d4d54d7306a535cb520c90747c4c1677a44e35f143953fd8174e7d3e
fced5b2200f870f587c021f909053734d351c076c65624ad5de34ca0967a5d56