urlscan.io logo urlscan.io
SecurityTrails logo

act.ontariondp.ca Open in urlscan Pro
54.193.124.172  Public Scan

Go To Rescan Add Verdict Report
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&akid=4522.849346.7BamvC
Submission: On October 07 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 14 domains to perform 36 HTTP transactions. The main IP is 54.193.124.172, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is act.ontariondp.ca.
TLS certificate: Issued by R10 on September 24th 2024. Valid for: 3 months.
This is the only time act.ontariondp.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    54.193.124.172 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-124-172.us-west-1.compute.amazonaws.com
act.ontariondp.ca
2    2607:f8b0:400d:c0f::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    45.60.31.183 (United States)

ASN19551 (INCAPSULA, US)
profile.ngpvan.com
1    2607:f8b0:400d:c0b::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    104.18.13.54 (None, )

ASN13335 (CLOUDFLARENET, US)
js.authorize.net
3    3.5.22.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com
s3.amazonaws.com
1    52.217.138.216 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.us-east-1.amazonaws.com
1    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4004:c1f::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:400d:c07::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4004:c07::71 (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c0b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c21::9a (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.ca
4    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
5 ontariondp.ca
act.ontariondp.ca
111 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
5 KB
4 amazonaws.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com
319 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
77 KB
3 authorize.net
js.authorize.net — Cisco Umbrella Rank: 35542
6 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
84 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 412
37 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
555 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
186 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
2 ngpvan.com
profile.ngpvan.com — Cisco Umbrella Rank: 300029
2 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 12143
63 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 147
1 gstatic.com
fonts.gstatic.com
47 KB
36 14
Domain Requested by
5 act.ontariondp.ca act.ontariondp.ca
4 www.facebook.com act.ontariondp.ca
3 connect.facebook.net act.ontariondp.ca
connect.facebook.net
3 s3.amazonaws.com act.ontariondp.ca
3 js.authorize.net act.ontariondp.ca
js.authorize.net
3 use.fontawesome.com act.ontariondp.ca
use.fontawesome.com
2 www.googletagmanager.com act.ontariondp.ca
www.google-analytics.com
2 www.google-analytics.com act.ontariondp.ca
www.google-analytics.com
2 profile.ngpvan.com act.ontariondp.ca
ajax.googleapis.com
2 fonts.googleapis.com act.ontariondp.ca
1 www.google.ca act.ontariondp.ca
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 s3.us-east-1.amazonaws.com act.ontariondp.ca
1 ajax.googleapis.com act.ontariondp.ca
36 17

This site contains no links.

Subject Issuer Validity Valid
act.votevets.org
R10		 2024-09-24 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-11-07 -
2024-11-06		 a year crt.sh
js.authorize.net
Cloudflare Inc ECC CA-3		 2024-05-07 -
2024-12-31		 8 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-09-18 -
2025-09-16		 a year crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.google.ca
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://act.ontariondp.ca/donate/campaign-fund?t=1&akid=4522.849346.7BamvC
Frame ID: B862C720940397E7E8B82CD7F4EB788E
Requests: 36 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-RGK2X1KSW5&gacid=1606031034.1728308207&gtm=45je4a20v9135790519za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101671035~101747727&z=351880990
Frame ID: A9C9C86360479B58DC8A25E20AAC83CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Early Election Campaign Fund | Ontario NDP

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

17
Subdomains

18
IPs

2
Countries

896 kB
Transfer

1936 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request campaign-fund
act.ontariondp.ca/donate/ 		189 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.193.124.172 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-124-172.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
126ae29cd3d7a5224eb0290cac31fb7a4950a45e14c4eca8e5edd44d2d1c3296

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 07 Oct 2024 13:36:46 GMT
server
openresty
vary
Accept-Encoding Cookie, origin
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,600,700
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:36:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:36:46 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Oct 2024 13:02:44 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
actionkit.css
act.ontariondp.ca/media/modern/ 		73 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.ontariondp.ca/media/modern/actionkit.css?1=22
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.193.124.172 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-124-172.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
90b5d41015da1f3eb25868d6a4610020415c0c9145d5412d174719d3ab5515d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f59836-1251a"
expires
Tue, 08 Oct 2024 13:36:46 GMT
date
Mon, 07 Oct 2024 13:36:46 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 17:21:58 GMT
server
openresty
vary
Accept-Encoding
b2ee5e333f.css
use.fontawesome.com/ 		1 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/b2ee5e333f.css
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de3a0797c6318e1ae12673cf58974438a1981b68e469c22e48850cfed4c12078

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"849ac041439215419228e77c35d0f7fc"
age
3293
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anyg%2BdiGaKJsI8rqzbeizbzW%2B8vRbqe%2BxYONjrD%2BfGI1uWApme4Z6u6qatNQET6rM23OZpmQ6MN1F%2FN5YbaXfMNoJPl6jr%2F%2BCRkgA1ttIYNE7ktq%2BQ7bN2TpVWk8c9b3ImnTj9yAlrYWqZr1suP7fAo7"}],"group":"cf-nel","max_age":604800}
cf-ray
8cee48351b047d06-EWR
date
Mon, 07 Oct 2024 13:36:46 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:16:31 GMT
vary
Accept-Encoding
server
cloudflare
/
profile.ngpvan.com/v2/identity/ 		80 B
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/identity/?callback=_nvId.push&t=0.7834320840741406
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
c8e16dfa34b8d2a0d8e71232d2382539a4adc185e8ddc3c8150b94c2358f8312
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

x-iinfo
17-23059119-23059124 NNNN CT(24 54 0) RT(1728308207026 77) q(0 0 1 23) r(1 1) U24
content-encoding
gzip
etag
W/"50-Y5cxOQe2ot+BCX4KQVYrE+/xLNM"
x-cdn
Imperva
x-content-type-options
nosniff
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-length
193
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
date
Mon, 07 Oct 2024 13:36:46 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
age
269984
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 10:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 10:37:02 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33593
x-xss-protection
0
server
sffe
actionkit.js
act.ontariondp.ca/resources/ 		98 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.ontariondp.ca/resources/actionkit.js
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.193.124.172 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-124-172.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
2f4034e5db3934bc5d6518144d91da903a92c440776bc8b3386c0faeb33b732e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f59836-18896"
expires
Tue, 08 Oct 2024 13:36:46 GMT
date
Mon, 07 Oct 2024 13:36:46 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 17:21:58 GMT
server
openresty
vary
Accept-Encoding
ak_authnet_accept.js
act.ontariondp.ca/resources/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.ontariondp.ca/resources/ak_authnet_accept.js
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.193.124.172 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-124-172.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
2d4d26c7f6a12383432cf294eb37aa489394badef20c80e0e9f6b7f642fc764a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f59836-1489"
expires
Tue, 08 Oct 2024 13:36:46 GMT
date
Mon, 07 Oct 2024 13:36:46 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 17:21:58 GMT
server
openresty
vary
Accept-Encoding
Accept.js
js.authorize.net/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.authorize.net/v1/Accept.js
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"80ee56fccf69d51:0"
age
1921
x-content-type-options
nosniff
expires
Sat, 12 Oct 2024 13:36:46 GMT
date
Mon, 07 Oct 2024 13:36:46 GMT
content-type
application/javascript
last-modified
Fri, 13 Sep 2019 01:10:09 GMT
vary
Accept-Encoding
cache-control
public, max-age=432000
cf-ray
8cee48353f5a39ef-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2004
server
cloudflare
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700|Roboto:300,400,400i,500,700
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd351e4a2fc7401be25b09776bb1ead2c19fd9488395ccf92bce61a49fe5d23e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:36:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:36:46 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Oct 2024 13:36:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/b2ee5e333f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://use.fontawesome.com/b2ee5e333f.css

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"36082410df2ef7f83932219089dc1443"
age
1889641
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGQUkWFIVCUUanBHB2xBCyiBYISH55bXBzwM5907XYn0QyXTQg91rsWpGX3NXVi5hk1p4y24tDTQ6gvQIMj9Afmn7qKeA31l1WZI705z9Wv%2F8ZYxrFuK3UOOwnwcr%2BV0INZ%2BReGz1v2k2%2FEV65P9v1wa"}],"group":"cf-nel","max_age":604800}
cf-ray
8cee4835dc3f7d06-EWR
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
vary
Accept-Encoding
server
cloudflare
AcceptCore.js
js.authorize.net/v1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.authorize.net/v1/AcceptCore.js
Requested by
Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"092b352f68d51:0"
age
799
x-content-type-options
nosniff
expires
Sat, 12 Oct 2024 13:36:47 GMT
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2019 23:26:44 GMT
vary
Accept-Encoding
cache-control
public, max-age=432000
cf-ray
8cee4836492f39ef-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3175
server
cloudflare
AcceptCore.js
js.authorize.net/v1/ 		9 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.authorize.net/v1/AcceptCore.js
Requested by
Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"092b352f68d51:0"
age
799
x-content-type-options
nosniff
expires
Sat, 12 Oct 2024 13:36:47 GMT
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2019 23:26:44 GMT
vary
Accept-Encoding
cache-control
public, max-age=432000
cf-ray
8cee4836492f39ef-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3175
server
cloudflare
campaign-fund
act.ontariondp.ca/context/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.ontariondp.ca/context/campaign-fund?callback=actionkit.forms.onContextLoaded&form_name=act&required=email&required=country&required=first_name&required=last_name&required=region&required=postal&required=phone&required=card_num&required=exp_date_month&required=exp_date_year&required=card_code&r=0.7859394851279249&url=https%3A%2F%2Fact.ontariondp.ca%2Fdonate%2Fcampaign-fund%3Ft%3D1%26amp%3Bakid%3D4522.849346.7BamvC
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/resources/actionkit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.193.124.172 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-124-172.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
4235b1b7bc747c115d0961652f1cbb86814858b347f7b6bacb2834e8b39ff5f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC

Response headers

content-encoding
gzip
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
text/javascript
vary
Accept-Encoding, Cookie, origin
server
openresty
ONDP_Bilingual_Reverse.png
s3.amazonaws.com/s3.ontariondp.ca/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.ontariondp.ca/images/ONDP_Bilingual_Reverse.png
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.22.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
dcac830df403815bb2b923e70fd8f95298be954bd6fb1feb1929b15cd9364ea8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

x-amz-meta-uuid
1de4dc23044c4863bec61daa966c6310
ETag
"378938f0b36dfe9a23160fb78b13de30"
x-amz-request-id
YHR3YN0S90107H2C
Accept-Ranges
bytes
Content-Length
12671
Date
Mon, 07 Oct 2024 13:36:48 GMT
Last-Modified
Wed, 06 Apr 2022 17:17:05 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-id-2
zQmxrTd3Q3a7x/O+66ihViFdcHeFC2bLc2UKRbhtrZyNWwbtMrzaj8+f+uShaHvOslzZJszBX5WtJc8x2vMgd16fdSePxC3l
marit_sitting
s3.us-east-1.amazonaws.com/s3.ontariondp.ca/images/ 		305 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/s3.ontariondp.ca/images/marit_sitting
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.217.138.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6267d8d8d13898b207abf30f3cb3c52cd4ffedbf8019e886175fbd9e2c576967

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

x-amz-id-2
B5MenKUmlReBhOn1nZrCrMf+r3zh5jhh2yWWQVmNSXuJZgcuIaRN3OWb+IR0cToa+Eu18zafTyg=
x-amz-meta-uuid
23f85dd92e60426c8c2d78541fcca7f7
ETag
"a02d9fbb5ae546b239c90eeef59dea9e"
x-amz-request-id
YHR4BFG6SAPRX1EK
Accept-Ranges
bytes
Content-Length
311944
Date
Mon, 07 Oct 2024 13:36:48 GMT
Last-Modified
Wed, 16 Aug 2023 18:38:42 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://act.ontariondp.ca
Referer
https://fonts.googleapis.com/

Response headers

age
277773
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 08:27:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 08:27:14 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/b2ee5e333f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://act.ontariondp.ca
Referer
https://use.fontawesome.com/b2ee5e333f.css

Response headers

cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
1278318
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNFq1hEc8Uwr2DuqhYampHNCfgZgt5ichUUvMBy34UrASw34iG5ZLJuLkYpdfCj%2BDIngtcwFTe79peozIOzQITkxjEv8Ryf%2Fm2de0U9LVgbk1xNvwzSm7lTSBrzF6K4XsxhpZJI3SzZgVRsua8WJ2i3w"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
application/font-woff2
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cee4837d9004262-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
age
3731
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 14:34:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 12:34:36 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
gtm.js
www.googletagmanager.com/ 		215 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5TFKQR9
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c061700ad7398dcacc8a48fd8b3e1a0182a18ae7f89b4a0e73cb7af5e3f7cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 07 Oct 2024 13:36:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
73072
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2010e65122210a4716380983f99d8e131446dd2ef8f33f9ea438ee28700ea80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
collect
www.google-analytics.com/j/ 		15 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=745640729&t=pageview&_s=1&dl=https%3A%2F%2Fact.ontariondp.ca%2Fdonate%2Fcampaign-fund%3Ft%3D1%26amp%3Bakid%3D4522.849346.7BamvC&ul=en-ca&de=UTF-8&dt=Early%20Election%20Campaign%20Fund%20%7C%20Ontario%20NDP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1197513020&gjid=1263668544&cid=1606031034.1728308207&tid=UA-93047368-1&_gid=2139094293.1728308207&_r=1&_slc=1&z=751140457
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c011270c4dbfec8b894965db6c77635ad3fb7abbfd0ffd6ec0424eb13ea3bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://act.ontariondp.ca/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:36:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://act.ontariondp.ca
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=5691, tp=10, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
mplEW6JojizHaG3XBMHw9ziwsqykWULTofFcMqy9GeFOku4zih+Wmb2zDird8sP2J1hPKR+hBCi6TeQUz5nZWg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
nvtag
profile.ngpvan.com/v2/data/zLhaYCm5G_hps540j05uyj2x/ 		2 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/zLhaYCm5G_hps540j05uyj2x/nvtag
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.ontariondp.ca/

Response headers

x-iinfo
17-23059172-23059124 PNNN RT(1728308207482 111) q(0 0 0 0) r(1 1) U24
content-encoding
gzip
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-cdn
Imperva
access-control-allow-credentials
true
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
access-control-allow-origin
https://act.ontariondp.ca
content-length
123
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
application/json; charset=utf-8
vary
Origin,Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
js
www.googletagmanager.com/gtag/ 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RGK2X1KSW5&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75425ca3412fcd0a32bf3e47033755749fcc79dce7f970225517b6e0ba37dc84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 07 Oct 2024 13:36:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
116438
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RGK2X1KSW5&gtm=45je4a20v9135790519za200&_p=1728308207129&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101533421~101671035~101747727&ul=en-ca&sr=1600x1200&cid=1606031034.1728308207&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fact.ontariondp.ca%2Fdonate%2Fcampaign-fund%3Ft%3D1%26amp%3Bakid%3D4522.849346.7BamvC&dt=Early%20Election%20Campaign%20Fund%20%7C%20Ontario%20NDP&sid=1728308207&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1987
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RGK2X1KSW5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://act.ontariondp.ca
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RGK2X1KSW5&cid=1606031034.1728308207&gtm=45je4a20v9135790519za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101533421~101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RGK2X1KSW5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://act.ontariondp.ca
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame A9C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-RGK2X1KSW5&gacid=1606031034.1728308207&gtm=45je4a20v9135790519za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101671035~101747727&z=351880990
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RGK2X1KSW5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ontariondp.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 13:36:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RGK2X1KSW5&cid=1606031034.1728308207&gtm=45je4a20v9135790519za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101533421~101671035~101747727&tag_exp=101533421~101671035~101747727&z=1583042663
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 07 Oct 2024 13:36:48 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
186412488567631
connect.facebook.net/signals/config/ 		85 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/186412488567631?v=2.9.170&r=stable&domain=act.ontariondp.ca&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6385c15e1344a18c6d91b010d5635a7458cbde52f12e0f8626196e7ccb14888f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 13:36:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=74, mss=1232, tbw=68489, tp=64, tpl=0, uplat=70, ullat=0
pragma
public
x-fb-debug
5eHnZwUqNEl361MNXNaoqIXvLillYGfAYQN7k5h3rVVwozoOA8v4RSYkJKeMJeiD2N+aH3HzIvbGN0wxvBTw0Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
2821106148166414
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2821106148166414?v=2.9.170&r=stable&domain=act.ontariondp.ca&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C133%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C125%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d2a4acaa2fd7a3eb47d5b354157c79c16c3156909def508c6d0a6b931e4c3dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 13:36:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=88, mss=1232, tbw=85673, tp=80, tpl=0, uplat=48, ullat=0
pragma
public
x-fb-debug
HlwN66Xi6isWtkt1YiQdLNUEKrelolkbrTj0x12eUGrcO0XmUenEDTrDPfNSIpqNX0CcZHrNzC7CUyhPfWYT9Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=186412488567631&ev=PageView&dl=https%3A%2F%2Fact.ontariondp.ca%2Fdonate%2Fcampaign-fund%3Ft%3D1%26amp%3Bakid%3D4522.849346.7BamvC&rl=&if=false&ts=1728308207947&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728308207940.949304663550674654&cs_est=true&ler=empty&cdl=API_unavailable&it=1728308207795&coo=false&rqm=GET
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1392, tbw=2966, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 07 Oct 2024 13:36:48 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=186412488567631&ev=PageView&dl=https%3A%2F%2Fact.ontariondp.ca%2Fdonate%2Fcampaign-fund%3Ft%3D1%26amp%3Bakid%3D4522.849346.7BamvC&rl=&if=false&ts=1728308207947&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728308207940.949304663550674654&cs_est=true&ler=empty&cdl=API_unavailable&it=1728308207795&coo=false&rqm=FGET
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423027231453245863"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x38160fb87f5dac59","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["4826280960751637","4920726271328336","6987244344650573","5057036511038794","4907313789390326"]},"debug_reporting":true,"debug_key":"3019376578486968421"}
date
Mon, 07 Oct 2024 13:36:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
y421aw4s9YmPncnq84jJwj65VCaiFyHKPfvO4ctYe/vS7hsiF8kBhgFkQnXkCos9ou1tPD8ukzMwO5xF7w/I+w==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423027231453245863", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1392, tbw=3316, tp=-1, tpl=-1, uplat=60, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2821106148166414&ev=PageView&dl=https%3A%2F%2Fact.ontariondp.ca%2Fdonate%2Fcampaign-fund%3Ft%3D1%26amp%3Bakid%3D4522.849346.7BamvC&rl=&if=false&ts=1728308208054&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728308207940.949304663550674654&ler=empty&cdl=API_unavailable&it=1728308207795&coo=false&rqm=GET
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1392, tbw=2966, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 07 Oct 2024 13:36:48 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2821106148166414&ev=PageView&dl=https%3A%2F%2Fact.ontariondp.ca%2Fdonate%2Fcampaign-fund%3Ft%3D1%26amp%3Bakid%3D4522.849346.7BamvC&rl=&if=false&ts=1728308208054&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728308207940.949304663550674654&ler=empty&cdl=API_unavailable&it=1728308207795&coo=false&rqm=FGET
Requested by
Host: act.ontariondp.ca
URL: https://act.ontariondp.ca/donate/campaign-fund?t=1&amp;akid=4522.849346.7BamvC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423027232558274965"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 13:36:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
XJZfnGRkdcV4LttNixXSuqOHvSdohjww50m9l6bYmBrZXlmZTLuJwR6OiHTwMNSH6frIio1DRMfAMGm/F9BnDw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423027232558274965", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1392, tbw=6855, tp=-1, tpl=-1, uplat=81, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
favicon.ico
s3.amazonaws.com/s3.ontariondp.ca/ONDP-main-logos/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/s3.ontariondp.ca/ONDP-main-logos/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.22.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
77d4e73ff4170c4917ec28c9c4c4096ec61e0117869e5d209f171a7eb2cf88f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

x-amz-meta-uuid
f2c5e44b44c4437c9eb265ca0706197a
ETag
"d5ac815bae39c27929531906cb1e5694"
x-amz-request-id
62N91Q5KR0N5E313
Accept-Ranges
bytes
Content-Length
1150
Date
Mon, 07 Oct 2024 13:36:49 GMT
Last-Modified
Wed, 27 Jan 2021 22:30:55 GMT
Content-Type
image/x-ico
Server
AmazonS3
x-amz-id-2
G615YsAWxMO0AfO94DjixYOMpchKSCP5k7yhI64TZrfxN2ZA5gZR1eLz33AUcpQkekLhk9rQfNcBteVFn7RT1oS8nBkPMRCl
favicon.ico
s3.amazonaws.com/s3.ontariondp.ca/ONDP-main-logos/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/s3.ontariondp.ca/ONDP-main-logos/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.22.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
77d4e73ff4170c4917ec28c9c4c4096ec61e0117869e5d209f171a7eb2cf88f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://act.ontariondp.ca/

Response headers

x-amz-meta-uuid
f2c5e44b44c4437c9eb265ca0706197a
ETag
"d5ac815bae39c27929531906cb1e5694"
x-amz-request-id
62N91Q5KR0N5E313
Accept-Ranges
bytes
Content-Length
1150
Date
Mon, 07 Oct 2024 13:36:49 GMT
Last-Modified
Wed, 27 Jan 2021 22:30:55 GMT
Content-Type
image/x-ico
Server
AmazonS3
x-amz-id-2
G615YsAWxMO0AfO94DjixYOMpchKSCP5k7yhI64TZrfxN2ZA5gZR1eLz33AUcpQkekLhk9rQfNcBteVFn7RT1oS8nBkPMRCl

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| startTime object| _nvId function| $ function| jQuery object| actionkit function| country_change function| actionkit_recaptcha_loaded function| actionkit_recaptcha_completed function| tmpl object| jQuery18307654857774132939 function| clear_radio_buttons function| clear_other function| product_info function| update_total function| highlight_selected_amount_button function| redraw_currency_symbol object| address_fields function| shipping_country_change function| toggle_shipping function| clear_shipping function| sync_to_shipping number| three_step_initialized function| three_step_reveal function| focus_field_if_blank function| three_step_advance function| three_step_goto function| validate_product_count object| validate_fields function| validate_step function| do_validate_credit_card function| step_3_validation function| step_2_validation function| step_1_validation function| actionkitValidationErrors function| three_step_initialize function| product_ids function| product_infos function| calculate_product_subtotals function| valid_credit_card function| valid_credit_card_code function| valid_bank_account_number function| valid_bank_routing_number object| email_regExp function| valid_email function| submit_paypal function| submit_cc object| Accept string| cdnPath string| encryptEndPoint object| crosssite function| unesc object| pair object| validate function| validate_form object| xndp_feature_preventdoublesubmit object| taxcalc string| key function| esc string| GoogleAnalyticsObject function| ga object| dataLayer function| actionkitFormReady string| index object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| fbq function| _fbq string| j string| t string| tt string| uitext_item string| s boolean| isReady

9 Cookies

Domain/Path Name / Value
.authorize.net/ Name: __cfruid
Value: 04536f8aac41c34df20471bf55c4aef47969f21a-1728308206
.authorize.net/ Name: _cfuvid
Value: ZuxweiAmPiFJNZJmJVxgNSzXpRFyEjwvYGUB8Exs.wA-1728308206964-0.0.1.1-604800000
.ontariondp.ca/ Name: _ga
Value: GA1.2.1606031034.1728308207
.ontariondp.ca/ Name: _gid
Value: GA1.2.2139094293.1728308207
profile.ngpvan.com/ Name: ngpvanuser
Value: zLhaYCm5G_hps540j05uyj2x
.ontariondp.ca/ Name: _gat
Value: 1
.ontariondp.ca/ Name: _ga_RGK2X1KSW5
Value: GS1.2.1728308207.1.0.1728308207.60.0.0
.ontariondp.ca/ Name: _fbp
Value: fb.1.1728308207940.949304663550674654
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.ontariondp.ca
ajax.googleapis.com
analytics.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.authorize.net
profile.ngpvan.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com
stats.g.doubleclick.net
td.doubleclick.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.googletagmanager.com
104.18.13.54
2606:4700:3036::6815:1b98
2607:f8b0:4004:c07::71
2607:f8b0:4004:c0b::9c
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1f::71
2607:f8b0:4004:c21::9a
2607:f8b0:400d:c07::61
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0b::5f
2607:f8b0:400d:c0f::5f
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.5.22.235
45.60.31.183
52.217.138.216
54.193.124.172
126ae29cd3d7a5224eb0290cac31fb7a4950a45e14c4eca8e5edd44d2d1c3296
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d4d26c7f6a12383432cf294eb37aa489394badef20c80e0e9f6b7f642fc764a
2f4034e5db3934bc5d6518144d91da903a92c440776bc8b3386c0faeb33b732e
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4235b1b7bc747c115d0961652f1cbb86814858b347f7b6bacb2834e8b39ff5f3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4d2a4acaa2fd7a3eb47d5b354157c79c16c3156909def508c6d0a6b931e4c3dc
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6267d8d8d13898b207abf30f3cb3c52cd4ffedbf8019e886175fbd9e2c576967
6385c15e1344a18c6d91b010d5635a7458cbde52f12e0f8626196e7ccb14888f
75425ca3412fcd0a32bf3e47033755749fcc79dce7f970225517b6e0ba37dc84
77d4e73ff4170c4917ec28c9c4c4096ec61e0117869e5d209f171a7eb2cf88f9
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
7c061700ad7398dcacc8a48fd8b3e1a0182a18ae7f89b4a0e73cb7af5e3f7cd9
90b5d41015da1f3eb25868d6a4610020415c0c9145d5412d174719d3ab5515d1
9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c011270c4dbfec8b894965db6c77635ad3fb7abbfd0ffd6ec0424eb13ea3bfd8
c8e16dfa34b8d2a0d8e71232d2382539a4adc185e8ddc3c8150b94c2358f8312
dcac830df403815bb2b923e70fd8f95298be954bd6fb1feb1929b15cd9364ea8
dd351e4a2fc7401be25b09776bb1ead2c19fd9488395ccf92bce61a49fe5d23e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3a0797c6318e1ae12673cf58974438a1981b68e469c22e48850cfed4c12078
e2010e65122210a4716380983f99d8e131446dd2ef8f33f9ea438ee28700ea80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629