urlscan.io logo urlscan.io
SecurityTrails logo

www.fansfirst.ca Open in urlscan Pro
18.164.124.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.fansfirst.ca/
Effective URL: https://www.fansfirst.ca/
Submission: On July 13 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 15 domains to perform 63 HTTP transactions. The main IP is 18.164.124.16, located in United States and belongs to AMAZON-02, US. The main domain is www.fansfirst.ca.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 23rd 2023. Valid for: a year.
This is the only time www.fansfirst.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    18.164.124.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-16.jfk50.r.cloudfront.net
www.fansfirst.ca
1    23.54.177.249 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-177-249.deploy.static.akamaitechnologies.com
api.convergepay.com
2    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2140:9a00:10:181f:fdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
dev.libs.fraud.eu.elavonaws.com
1    108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net
static.hotjar.com
11    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
5    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2600:1f11:f61:e402:db85:66b2:2371:2572 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
cognito-identity.ca-central-1.amazonaws.com
1    2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net
script.hotjar.com
1    2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
scontent-yyz1-1.xx.fbcdn.net
1    2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    108.138.106.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-34.jfk50.r.cloudfront.net
api-v2.fansfirst.ca
3    16.12.4.36 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-w.ca-central-1.amazonaws.com
json-blogs-bucket.s3.amazonaws.com
3    52.95.146.144 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com
blogs-images-bucket.s3.ca-central-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
17 fansfirst.ca
www.fansfirst.ca
api-v2.fansfirst.ca
1 MB
12 fbcdn.net
scontent-yyz1-1.xx.fbcdn.net — Cisco Umbrella Rank: 41226
static.xx.fbcdn.net — Cisco Umbrella Rank: 660
577 KB
10 amazonaws.com
cognito-identity.ca-central-1.amazonaws.com — Cisco Umbrella Rank: 422347
json-blogs-bucket.s3.amazonaws.com
blogs-images-bucket.s3.ca-central-1.amazonaws.com
4 MB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
68 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
180 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
203 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
133 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 753
script.hotjar.com — Cisco Umbrella Rank: 1081
73 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
2 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1196
48 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
347 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
873 B
1 elavonaws.com
dev.libs.fraud.eu.elavonaws.com
130 KB
1 convergepay.com
api.convergepay.com — Cisco Umbrella Rank: 114808
99 KB
63 15
Domain Requested by
9 static.xx.fbcdn.net www.facebook.com
9 www.fansfirst.ca 1 redirects www.fansfirst.ca
8 api-v2.fansfirst.ca www.fansfirst.ca
5 www.facebook.com www.fansfirst.ca
4 cognito-identity.ca-central-1.amazonaws.com www.fansfirst.ca
3 blogs-images-bucket.s3.ca-central-1.amazonaws.com
3 json-blogs-bucket.s3.amazonaws.com www.fansfirst.ca
3 scontent-yyz1-1.xx.fbcdn.net www.facebook.com
3 www.google-analytics.com www.googletagmanager.com
www.fansfirst.ca
3 www.googletagmanager.com www.fansfirst.ca
www.googletagmanager.com
2 connect.facebook.net www.fansfirst.ca
connect.facebook.net
2 fonts.googleapis.com www.fansfirst.ca
2 use.fontawesome.com www.fansfirst.ca
use.fontawesome.com
1 stats.g.doubleclick.net www.fansfirst.ca
1 www.gstatic.com www.google.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.google.com www.fansfirst.ca
1 static.hotjar.com www.fansfirst.ca
1 dev.libs.fraud.eu.elavonaws.com www.fansfirst.ca
1 api.convergepay.com www.fansfirst.ca
63 21

This site contains links to these domains. Also see Links.

Domain
www.bcplace.com
www.bclions.com
www.facebook.com
www.instagram.com
www.twitter.com
Subject Issuer Validity Valid
*.fansfirst.ca
Amazon RSA 2048 M02		 2023-02-23 -
2024-01-22		 a year crt.sh
convergepay.com
Entrust Certification Authority - L1M		 2022-07-06 -
2023-08-05		 a year crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
nonprod-libs.fraud.eu.elavonaws.com
Entrust Certification Authority - L1K		 2022-09-29 -
2023-10-29		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-22 -
2023-07-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
cognito-identity.ca-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-04-19 -
2024-05-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
*.s3.ca-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2024-01-15		 9 months crt.sh

This page contains 5 frames:

Primary Page: https://www.fansfirst.ca/
Frame ID: 43BA3150CC590FFD02CD88B596F7D94D
Requests: 50 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fnick.czuba%2Fposts%2Fpfbid02bDwgUJ7y8LmtrX27USFkqPM8SiidQUv6GXxY8JnviRAiFV4LNeaDpkaYRkLWinaCl&show_text=true&width=auto&height=150
Frame ID: 4E19C844AF53D521F66F409D87CE61F9
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Frame ID: CB65EA991F29973BB2221A128C2EB626
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcasey.toews.9%2Fposts%2Fpfbid0qNL88ix2dQGov6BtmoYwxn1gnCEyhJ9R6uSybfT4PXzXjCaUAqMk1fqgtB7cnpjbl&show_text=true&width=auto&height=150
Frame ID: E30DE4D92BB6102726207D918E779599
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A813348A2832943B9512299F9A6CC3B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FansFirst - Buy Cheap NHL/NBA/MLB/CFL Tickets

Page URL History Show full URLs

  1. http://www.fansfirst.ca/ HTTP 301
    https://www.fansfirst.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

63
Requests

100 %
HTTPS

65 %
IPv6

15
Domains

21
Subdomains

21
IPs

2
Countries

7088 kB
Transfer

12999 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.fansfirst.ca/ HTTP 301
    https://www.fansfirst.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fansfirst.ca/
Redirect Chain
  • http://www.fansfirst.ca/
  • https://www.fansfirst.ca/
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d306ea8c489bfe35c2c3f01d682f68c567b49d9ec591d073f8155beb595b31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Thu, 13 Jul 2023 15:59:00 GMT
etag
W/"c1903901cc43a5d33eaf8f902b44fdff"
last-modified
Sat, 08 Jul 2023 00:13:30 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
x-amz-cf-id
0N7eLrG8QjU-qUfbsgyCkag3kG1lskS0udxAswvcxDRxzJFd1-KqSg==
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 13 Jul 2023 15:58:59 GMT
Location
https://www.fansfirst.ca/
Server
CloudFront
Via
1.1 4da3e729faec3d2f5eeca39813785c2c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
eYIn1i-2EEw_ATkeXviIKHD1nCA49nHojTFWSfQKGwzSYyXJQSNzHw==
X-Amz-Cf-Pop
JFK50-P7
X-Cache
Redirect from cloudfront
Checkout.js
api.convergepay.com/hosted-payments/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.convergepay.com/hosted-payments/Checkout.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.177.249 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-177-249.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f0c2c7876010d8975f0c9a3359cd74b91bf7884ddf3ee0545516eb5b66ceba96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 13 Jul 2023 15:58:59 GMT
Last-Modified
Mon, 26 Jun 2023 19:43:28 GMT
Server
Apache
Client-IP-Seen-by-Edge
149.56.153.188
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
X-Cnection
close
Cache-Control
no-store
Debug-XFF-Seen-by-Edge
149.56.153.188
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101356
all.css
use.fontawesome.com/releases/v5.0.7/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.7/css/all.css
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:58:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9FS19Y6ZTMHCT603
age
359211
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tnp0oyzstHbRgCbfVl+qmAut9guZiz5a1BlFiE7MgKadeS4oP5zz/cNFdRHNdrjR5EnOY2GVoAw=
last-modified
Wed, 30 Jun 2021 15:27:50 GMT
server
cloudflare
etag
W/"16f4f6797931e43125885e1741f125a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuPwFlN5Kqhz5jWytxpMSSbyCqf%2FIzD1JmrQZ3WHjivtfWdmc0WEp88%2FoxS6fhRkyKnFWdpFC3QaLN7HK5o6cODPhmcbdhLlbVds7ofBykkHNIudF%2Bz%2FVbFQhnz44aZFDGYIVQNjIxllOpvq%2BwV1vXOo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7e62bb05bf2f436e-EWR
icon
fonts.googleapis.com/ 		569 B
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 15:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 15:58:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 15:58:59 GMT
2.72132020.chunk.css
www.fansfirst.ca/static/css/ 		3 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/static/css/2.72132020.chunk.css
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51371c1924bc32f162643d55e2194f9a550b18699a2c61bfb973f69e879be0ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
gzip
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jul 2023 00:13:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
etag
W/"343c03bb77b428fc7e7b64ab0450dab5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
awXDzbYDFP-LJ0pDlpuNE2OF2rkWKfC4GTr7AeEgYBeLyShM6v20Fw==
main.a343f97e.chunk.css
www.fansfirst.ca/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/static/css/main.a343f97e.chunk.css
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
134002928a608c114396af6024cef9a2577fac2fc3916b99f6f70c1f691cb875

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
gzip
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jul 2023 00:13:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
etag
W/"19202bcbd015264a393af3e6a032fc30"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
Txo3G7V1pA-8raZZyJfRvubmHFmCMfivSpwtA2Ru0npBfbDsE1J7Zg==
js
www.googletagmanager.com/gtag/ 		125 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128361305-1
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8da053334f1a7da64d578604b19e301e8e7809c980be1707d7f17bde814eb27e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:58:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
49204
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jul 2023 15:58:59 GMT
3ds2-web-sdk.min.js
dev.libs.fraud.eu.elavonaws.com/sdk-web-js/1.2.0/ 		130 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.libs.fraud.eu.elavonaws.com/sdk-web-js/1.2.0/3ds2-web-sdk.min.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:9a00:10:181f:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a1dce6eeb6dbe84c403811768b526312e32e76a422d0f01bf4a198ca916cd62

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
fB_STNBYVdVAlqK3b4At4.gehxJbMUtJ
date
Thu, 13 Jul 2023 15:15:39 GMT
via
1.1 edf4d9eb8e5d775f8b1cd6b4e97dd4c6.cloudfront.net (CloudFront)
last-modified
Fri, 16 Sep 2022 15:20:06 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
age
2601
x-amz-server-side-encryption
AES256
etag
"85cf8ea2d0a3d1827495cf96302056be"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
132770
x-amz-cf-id
QSoTOwPhzpGewT4THdRoS4d1c1GwKJuj2SvGaRniISMyiAn-cuWTmw==
2.b9fecd25.chunk.js
www.fansfirst.ca/static/js/ 		2 MB
577 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92cdee1c640de35eac37dbc7b031c3d56280dbf92c21986ac31a8920fe4453d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
gzip
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jul 2023 00:13:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
etag
W/"d425f25d5b92e670dd87bf5d130c8093"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
0g3CsbeOgYYRhrC5rHkINXoyF5cxoJvc1LlUPi111qt-gULAf8D_nQ==
main.0ee47cbd.chunk.js
www.fansfirst.ca/static/js/ 		2 MB
311 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/static/js/main.0ee47cbd.chunk.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d8be915e12a35def0ce3186371ce9cc0dd9bb8534178cdcd4716049bc9731f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
gzip
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jul 2023 00:13:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
etag
W/"562e1f998e74f553836ad78c1010616a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
FO58SAinEXSBqiBcPlix8S0vsHy1VNLmwV-qYEI-nE6syoKk09jC_g==
css2
fonts.googleapis.com/ 		8 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito&family=Nunito+Sans:wght@400;800;900&display=swap
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/css/main.a343f97e.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93e2f17b8866506ecdbe2a6eb6a4d3e9fc7f9b185c8b5e109171d236e7fc5fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 15:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 15:58:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 15:58:59 GMT
hotjar-1120382.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1120382.js?sv=6
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-124.jfk50.r.cloudfront.net
Software
/
Resource Hash
fc69e413e34a59bda98649364aea071ffac64754973971029f32ce8769a168fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 15:58:59 GMT
via
1.1 134f499632d1e15750219cb766bdc50c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/76093c79124aeedf31eb32cc5684604d
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
rnsV8phb98iHACNunMKkHL_dCZFuCABy_PaQlxZqX5XiFYe_tpk_Lg==
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jul 2023 15:58:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
JRnKEuXliQluJ3tO8JvvpM1o+KYElWdYx4aYNpZ57Kqq7eZFWAbVCij5VsTh4Hrd0pxziJWtGQB+ualm9KUCrw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NDX9XPC0BZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128361305-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3cf8439c665571e7b56c2e300e6e87280362de0a1f8b6eca3751ee8dbc67e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:58:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87819
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jul 2023 15:58:59 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128361305-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 14:39:17 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4782
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 13 Jul 2023 16:39:17 GMT
gtm.js
www.googletagmanager.com/ 		121 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQM7TN8&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a54b2ed84e5961b52306b9b48b4989a073362d35c4084c9467a27e504595861a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47116
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jul 2023 15:59:00 GMT
api.js
www.google.com/recaptcha/ 		850 B
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c5f2fc4a7d1ddd45d3f965b175b70973260f079bbe0fbc6eb5feee59d41a70e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
553
x-xss-protection
1; mode=block
expires
Thu, 13 Jul 2023 15:59:00 GMT
post.php
www.facebook.com/plugins/ Frame 4E19 		73 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fnick.czuba%2Fposts%2Fpfbid02bDwgUJ7y8LmtrX27USFkqPM8SiidQUv6GXxY8JnviRAiFV4LNeaDpkaYRkLWinaCl&show_text=true&width=auto&height=150
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
293ed6f883b8e1aefbd62e0644bd876b853441cacada9d8ac30215bf45d28b48
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fansfirst.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 15:59:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ulajIoMEZDfnK5HXW3Gk3Vc9yAaElABnMCWsVGJKuL4X93U3fORJERbEXOcRMexuKUSWPf0bNIwIZsSjrjqNuQ==
x-xss-protection
0
post.php
www.facebook.com/plugins/ Frame CB65 		73 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2be3a95941ba61bf82ae9f3b8998bbd11b446ab3e65d8d9f1d5cb65384af39bb
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fansfirst.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 15:59:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
huLQtHs782INLNKuz5DTMTqNNejZuLRXxVfvL8RBGkxokgPkKfg55gUcGm7HoUqR7XRrRsuwNIzKexUdgXotfA==
x-xss-protection
0
post.php
www.facebook.com/plugins/ Frame E30D 		73 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcasey.toews.9%2Fposts%2Fpfbid0qNL88ix2dQGov6BtmoYwxn1gnCEyhJ9R6uSybfT4PXzXjCaUAqMk1fqgtB7cnpjbl&show_text=true&width=auto&height=150
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
983e587b4c572eeb76bb85059aafd765d4e4cb61e6a7b4eb2cc87b31ba76f56b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fansfirst.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 15:59:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
UbTsM8+KbX5/fdaKKgLgc2Xg2tKtFyzNAfW34hqNIIrI2xwLxtPxu+x7N3A+s8QGtwUQPKboGktEzFaLlLx0Ew==
x-xss-protection
0
logo.165f4bb7.png
www.fansfirst.ca/static/media/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fansfirst.ca/static/media/logo.165f4bb7.png
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5d8f3420a45050a14ed90d14477356f27bc05f331c764e2689ae6a950202cab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:01 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jul 2023 00:13:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
etag
"165f4bb7c3757def24345061271bd954"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
68470
x-amz-cf-id
qKZiBJ4a_POnF6Ic9Kr5gpeiSQk_BFuCDCqivKBO_iJZ_20RlJtMdw==
illustration.53c4a5a4.png
www.fansfirst.ca/static/media/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fansfirst.ca/static/media/illustration.53c4a5a4.png
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca5f10edff78f262743d7845ff6dda9e70c88820bea65b22d2f92e8c54e9584

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:01 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jul 2023 00:13:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
etag
"53c4a5a48e1e9788aa601d49fce58e39"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
183846
x-amz-cf-id
QAH0snbBDh6Hl_l8SMUKZGRiHVLjfrONG4_AYyWfXNNN4uMu3KxW2A==
buyertrust-seal.afcd0ff7.svg
www.fansfirst.ca/static/media/ 		740 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fansfirst.ca/static/media/buyertrust-seal.afcd0ff7.svg
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91e972fb4cd498d0b06453d5a13a471e44e36a836a3798ff5def6f70f1d03f02

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:01 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jul 2023 00:13:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
etag
"afcd0ff7ff13431ee325546f11c02228"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
740
x-amz-cf-id
rOG48fQ3KyStUWX6tkLedBkFYfoqoour-MIOqKSfQAGoR8LOFmHawA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a42e05091bd51eeddf4efc615439a8a2e9ea683cfce239c6a84f26b53c9e4991

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bed9a7a0311f3db571d726b0b15e8d69c54f01a2b7616fdb46766a6f58d121f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cc567139f4cb99775ea84aa7505e13baaf3198bfa2b5fc7b3e8f0b2ac01392d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		863 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b10f2438a074a9a49aa6f08cb88d14e1e52c0abb4db14f9871a7f255fac2d46

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f40d9b3f79eb25d3ccc600d910ac25cc8c4ce9d15a601ff44faef68c54ce0c18

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50ffc1e935017863ef0292a76e27a485c54b26c778e171b9a325b37fdf490dd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		771 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1295ed6d1f54a9b3add4a5706431f2bf27cfc80aaa1c78c7b472e5c34c20569e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b2fbff77273ec2235f8509d58772d1d39092526dbf136de0df57a55da179ac4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		839 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b3c69664d06183eaf9a3250d7542260c93404ceef72e56d2027850a8ae209b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
/
cognito-identity.ca-central-1.amazonaws.com/ 		66 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.ca-central-1.amazonaws.com/
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f11:f61:e402:db85:66b2:2371:2572 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1b223e4a4bd543b4b786c1c035c144be2cfa15b9d5310c8e6c143e9b6f1786d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Amz-Content-Sha256
6f20e6439c1be362c795c2c46f95b5067215173363b4a47ca1de626cbed41a16
Referer
https://www.fansfirst.ca/
X-Amz-Target
AWSCognitoIdentityService.GetId
accept-language
en-CA,en;q=0.9
X-Amz-User-Agent
aws-amplify/1.0.23 js aws-amplify/1.0.23 js callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 15:59:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
8f85bbb3-c786-4d19-9820-ba9db5e96a3c
content-length
66
content-type
application/x-amz-json-1.1
/
cognito-identity.ca-central-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.ca-central-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f11:f61:e402:db85:66b2:2371:2572 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Thu, 13 Jul 2023 15:59:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
769c38f8-1fc5-4e66-9e02-64623e45adcd
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito&family=Nunito+Sans:wght@400;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fansfirst.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 21:57:32 GMT
x-content-type-options
nosniff
age
496888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jul 2024 21:57:32 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.7/webfonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.7/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.7/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ececd30b13956872441d17b03b9de4c032b5983f0932051e763a0a6d0250842b

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.7/css/all.css
Origin
https://www.fansfirst.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y9S3582K7XNQDZ9J
age
2034106
alt-svc
h3=":443"; ma=86400
content-length
40244
x-amz-id-2
Y4h2LgSs1TMrFRpBaIx1Cj/CBcMsdZZV+Kwsk25TjcO5dvSPBu/yN3zxWRAmXhQ7Ug2O6eabRFM=
last-modified
Wed, 30 Jun 2021 15:28:03 GMT
server
cloudflare
etag
"64f88ebe25c54a12320f42f0b229961b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4drb%2BmhU1WRf5Yo1iuktcZ%2F7lo23yQsJwCf8TX4Z1Ljvz%2B4SvA88eJw6KPOFMXofanz977dM%2FsMUlYlvFXmmhlEEozT1f6CB1NO0DGGYwlXr0aCHQ%2BtwBv0t%2Bg%2Fke5PI2YnBTHG4cBuw1Jyb3mpTbwq"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7e62bb0a99481780-EWR
780780385648340
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/780780385648340?v=2.9.111&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9b0b6b67f7c4f8b849b8de53c1e4692e72a2aaf61c3076a99de85e9fe337713
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jul 2023 15:59:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
h8vJD9UsRZpmNyFlw8DSG7l6EC5SZIImUhA8Csp+mFWCn3Jbc9k/MtUvSLX2bLVRQIK/Cqi8ttED1teby3pVOA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.fba0c9b2e1c5e125e170.js
script.hotjar.com/ 		270 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1120382.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 07:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
290153
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70330
last-modified
Mon, 10 Jul 2023 07:22:19 GMT
etag
"0054d18e8d659772b0e915a12ecd8b15"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
zB_kHNaUNcmyAkysrLXnCQe3Q4fn7kelsYqOo8vmxxfUMC5oMPCNcQ==
collect
www.google-analytics.com/j/ 		2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2047806273&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fansfirst.ca%2F&ul=en-us&de=UTF-8&dt=FansFirst%20-%20Buy%20Cheap%20NHL%2FNBA%2FMLB%2FCFL%20Tickets&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=776563524&gjid=200380095&cid=552720158.1689263940&tid=UA-128361305-1&_gid=2048011340.1689263940&_r=1&gtm=457e37a0&jsscut=1&z=1326285835
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 15:59:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fansfirst.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NDX9XPC0BZ&gtm=45je37a0&_p=2047806273&cid=552720158.1689263940&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689263940&sct=1&seg=0&dl=https%3A%2F%2Fwww.fansfirst.ca%2F&dt=FansFirst%20-%20Buy%20Cheap%20NHL%2FNBA%2FMLB%2FCFL%20Tickets&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NDX9XPC0BZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 15:59:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fansfirst.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cognito-identity.ca-central-1.amazonaws.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.ca-central-1.amazonaws.com/
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f11:f61:e402:db85:66b2:2371:2572 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
87ce0086c738750c485f4bfa8f87f78013b611ffd9ef8df8e5158429c531529c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Amz-Content-Sha256
1b223e4a4bd543b4b786c1c035c144be2cfa15b9d5310c8e6c143e9b6f1786d9
Referer
https://www.fansfirst.ca/
X-Amz-Target
AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language
en-CA,en;q=0.9
X-Amz-User-Agent
aws-amplify/1.0.23 js aws-amplify/1.0.23 js callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 15:59:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
7a43d165-90b9-4d17-87ca-10d9d5aa5857
content-length
1774
content-type
application/x-amz-json-1.1
recaptcha__en.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 		427 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fansfirst.ca/
Origin
https://www.fansfirst.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 19:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175692
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 Jul 2024 19:32:04 GMT
28336514_10101302550391575_4706732070745642440_o.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t31.18172-1/ Frame CB65 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-yyz1-1.xx.fbcdn.net/v/t31.18172-1/28336514_10101302550391575_4706732070745642440_o.jpg?stp=c461.123.889.889a_cp0_dst-jpg_s50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=aHQxTQJqSscAX8NUaDM&_nc_ht=scontent-yyz1-1.xx&edm=AN6CN6oEAAAA&oh=00_AfDM1GbzARJuFCTy1NvELmQEBnY2hDUx-LDcK-MPkrWq7A&oe=64D7794B
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1a78bcd2d3beb760b890da4e94d89221f1d5e0c5be50b20ebda819b32a55c61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-haystack-needlechecksum
2477518623
date
Thu, 13 Jul 2023 15:59:00 GMT
x-fbtype
22
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 26 Feb 2018 08:06:16 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=648681203
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2839943436
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1585
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame CB65 		522 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
BeuvoJ9zbxctwDeXystt/lLzKwSrzY+JnKzDHix/cPacni67OSi94OgokQo8zCVXeGRZ9rvH2xRSbzevnTN6Fw==
date
Thu, 13 Jul 2023 15:59:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
522
expires
Thu, 04 Jul 2024 19:39:59 GMT
/
cognito-identity.ca-central-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.ca-central-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f11:f61:e402:db85:66b2:2371:2572 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Thu, 13 Jul 2023 15:59:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
6ca563be-9d85-4db2-a7a0-31e6c2947e8c
69903356_10157233571098506_4822111275305664512_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t1.6435-1/ Frame E30D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-yyz1-1.xx.fbcdn.net/v/t1.6435-1/69903356_10157233571098506_4822111275305664512_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=109&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=JN4iPaVTDh0AX__iBkU&_nc_ht=scontent-yyz1-1.xx&edm=AN6CN6oEAAAA&oh=00_AfDgshaNMRo2S6UlWKpxVY9XHUsj2hkHXVQrWkqSHcJVLA&oe=64D7934A
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcasey.toews.9%2Fposts%2Fpfbid0qNL88ix2dQGov6BtmoYwxn1gnCEyhJ9R6uSybfT4PXzXjCaUAqMk1fqgtB7cnpjbl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e80ca679ad465ada41d362c2de7d0bb7ec243d51af4d80309254192ef40c0711

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-haystack-needlechecksum
3415172177
date
Thu, 13 Jul 2023 15:59:00 GMT
x-fbtype
6435
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 02 Sep 2019 02:04:08 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=242704426
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3826288207
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1770
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame E30D 		522 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcasey.toews.9%2Fposts%2Fpfbid0qNL88ix2dQGov6BtmoYwxn1gnCEyhJ9R6uSybfT4PXzXjCaUAqMk1fqgtB7cnpjbl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
BeuvoJ9zbxctwDeXystt/lLzKwSrzY+JnKzDHix/cPacni67OSi94OgokQo8zCVXeGRZ9rvH2xRSbzevnTN6Fw==
date
Thu, 13 Jul 2023 15:59:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
522
expires
Thu, 04 Jul 2024 19:39:59 GMT
NTaxpoW2ia9.js
static.xx.fbcdn.net/rsrc.php/v3ibPD4/yn/l/en_GB/ Frame CB65 		749 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ibPD4/yn/l/en_GB/NTaxpoW2ia9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d57407026de0c85d57a222f5faf7ad6a98addb8adb255e018a81fe541cdef51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ySJBZBvCmYobDfi7PXRGGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
191913
x-fb-debug
SBlXNna7C0OBWpijCCFpba1iIU7LSNdamil/rs2CzZaincM5F3DevHLzkizKqiwDLajm+mgkMbbZ5cS6YfYTew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 11 Jul 2024 23:04:17 GMT
151526217_10164869834905577_7461313365583973656_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t1.6435-1/ Frame 4E19 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-yyz1-1.xx.fbcdn.net/v/t1.6435-1/151526217_10164869834905577_7461313365583973656_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=fs_2ePVNHe8AX8YQh87&_nc_ht=scontent-yyz1-1.xx&edm=AN6CN6oEAAAA&oh=00_AfCtYLG9DCU3G637LVKxJ-iGh8wo53vo7fswRAfcANeC_A&oe=64D77F39
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fnick.czuba%2Fposts%2Fpfbid02bDwgUJ7y8LmtrX27USFkqPM8SiidQUv6GXxY8JnviRAiFV4LNeaDpkaYRkLWinaCl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa5cac77038ffd9683e0e6e9760890533b8d61c727361957723b7c745fff4741

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-haystack-needlechecksum
1818583671
date
Thu, 13 Jul 2023 15:59:00 GMT
x-fbtype
6435
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 19 Feb 2021 03:50:07 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3999167030
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
911091260
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1793
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 4E19 		522 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fnick.czuba%2Fposts%2Fpfbid02bDwgUJ7y8LmtrX27USFkqPM8SiidQUv6GXxY8JnviRAiFV4LNeaDpkaYRkLWinaCl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fb-debug
BeuvoJ9zbxctwDeXystt/lLzKwSrzY+JnKzDHix/cPacni67OSi94OgokQo8zCVXeGRZ9rvH2xRSbzevnTN6Fw==
date
Thu, 13 Jul 2023 15:59:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
522
expires
Thu, 04 Jul 2024 19:39:59 GMT
NTaxpoW2ia9.js
static.xx.fbcdn.net/rsrc.php/v3ibPD4/yn/l/en_GB/ Frame E30D 		749 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ibPD4/yn/l/en_GB/NTaxpoW2ia9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcasey.toews.9%2Fposts%2Fpfbid0qNL88ix2dQGov6BtmoYwxn1gnCEyhJ9R6uSybfT4PXzXjCaUAqMk1fqgtB7cnpjbl&show_text=true&width=auto&height=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d57407026de0c85d57a222f5faf7ad6a98addb8adb255e018a81fe541cdef51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ySJBZBvCmYobDfi7PXRGGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
191913
x-fb-debug
SBlXNna7C0OBWpijCCFpba1iIU7LSNdamil/rs2CzZaincM5F3DevHLzkizKqiwDLajm+mgkMbbZ5cS6YfYTew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 Jul 2024 23:04:17 GMT
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame CB65 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2023
x-fb-debug
v56rKirKWXZdhv0Vi4xeiKZ4YhEGMTGY7jdrudEhy1rBIe0HJZX6sHuPcQYeT2+F1+zve2VI5A1phTrlzPntag==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 07 Jul 2024 05:44:32 GMT
NTaxpoW2ia9.js
static.xx.fbcdn.net/rsrc.php/v3ibPD4/yn/l/en_GB/ Frame 4E19 		749 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ibPD4/yn/l/en_GB/NTaxpoW2ia9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fnick.czuba%2Fposts%2Fpfbid02bDwgUJ7y8LmtrX27USFkqPM8SiidQUv6GXxY8JnviRAiFV4LNeaDpkaYRkLWinaCl&show_text=true&width=auto&height=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d57407026de0c85d57a222f5faf7ad6a98addb8adb255e018a81fe541cdef51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ySJBZBvCmYobDfi7PXRGGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
191913
x-fb-debug
SBlXNna7C0OBWpijCCFpba1iIU7LSNdamil/rs2CzZaincM5F3DevHLzkizKqiwDLajm+mgkMbbZ5cS6YfYTew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 Jul 2024 23:04:17 GMT
/
www.facebook.com/tr/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=780780385648340&ev=PageView&dl=https%3A%2F%2Fwww.fansfirst.ca%2F&rl=&if=false&ts=1689263940597&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689263940596.905014227&it=1689263940264&coo=false&rqm=GET
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jul 2023 15:59:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame E30D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcasey.toews.9%2Fposts%2Fpfbid0qNL88ix2dQGov6BtmoYwxn1gnCEyhJ9R6uSybfT4PXzXjCaUAqMk1fqgtB7cnpjbl&show_text=true&width=auto&height=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2023
x-fb-debug
v56rKirKWXZdhv0Vi4xeiKZ4YhEGMTGY7jdrudEhy1rBIe0HJZX6sHuPcQYeT2+F1+zve2VI5A1phTrlzPntag==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 07 Jul 2024 05:44:32 GMT
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 4E19 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fnick.czuba%2Fposts%2Fpfbid02bDwgUJ7y8LmtrX27USFkqPM8SiidQUv6GXxY8JnviRAiFV4LNeaDpkaYRkLWinaCl&show_text=true&width=auto&height=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2023
x-fb-debug
v56rKirKWXZdhv0Vi4xeiKZ4YhEGMTGY7jdrudEhy1rBIe0HJZX6sHuPcQYeT2+F1+zve2VI5A1phTrlzPntag==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 07 Jul 2024 05:44:32 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-128361305-1&cid=552720158.1689263940&jid=776563524&gjid=200380095&_gid=2048011340.1689263940&_u=YEBAAUAAAAAAACAAI~&z=1176179911
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Jul 2023 15:59:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fansfirst.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
calgary-flames
api-v2.fansfirst.ca/marketplace/events/homepage/by/homeTeamSlug/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/events/homepage/by/homeTeamSlug/calgary-flames?includeMinPrices=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-34.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
3
content-type
application/json
date
Thu, 13 Jul 2023 15:59:00 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-apigw-id
IAnSyHAhYosFqCQ=
x-amz-cf-id
yFPuX0Il_qDwrQt1pGANc_t6K3lWBueslNA4c9Bs6uy1uDyLWcV1nQ==
x-amz-cf-pop
JFK50-P3
x-amzn-requestid
42461261-02a6-40ad-84de-6c7e9b98066a
x-cache
Miss from cloudfront
currencyRate
api-v2.fansfirst.ca/marketplace/ticketEvo/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/ticketEvo/currencyRate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-34.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
3
content-type
application/json
date
Thu, 13 Jul 2023 15:59:00 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-apigw-id
IAnSyEBL4osFb7A=
x-amz-cf-id
EqXVJHUn8k5dALBupdSA51jwG9ITjORwUbSfWQA9m8hKahSKdlmkrQ==
x-amz-cf-pop
JFK50-P3
x-amzn-requestid
0e6fe109-35bb-46fd-aa1b-fb5dfc9d23f5
x-cache
Miss from cloudfront
get-emergency-mode
api-v2.fansfirst.ca/marketplace/emergencyMode/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/emergencyMode/get-emergency-mode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-34.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
3
content-type
application/json
date
Thu, 13 Jul 2023 15:59:00 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-apigw-id
IAnSyEsQYosFmsg=
x-amz-cf-id
niW71HDe_aUMuV3w1jDkKgfadgW9hArRDFdrH2R9Xe-tAPbcZj7R5g==
x-amz-cf-pop
JFK50-P3
x-amzn-requestid
6f1c7f8d-6e95-452d-9f55-db0671f7d49b
x-cache
Miss from cloudfront
latest
api-v2.fansfirst.ca/blogs/get/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/blogs/get/latest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-34.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
3
content-type
application/json
date
Thu, 13 Jul 2023 15:59:00 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-apigw-id
IAnSyF-OYosFyvw=
x-amz-cf-id
zEFgTB_YxR5O7mOlmileX1qHmiB8V4guSuUSv7Zbk3LZb1u8VxFilQ==
x-amz-cf-pop
JFK50-P3
x-amzn-requestid
39db9e84-d18f-4cb6-a63a-534d61c451a8
x-cache
Miss from cloudfront
calgary-flames
api-v2.fansfirst.ca/marketplace/events/homepage/by/homeTeamSlug/ 		26 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/events/homepage/by/homeTeamSlug/calgary-flames?includeMinPrices=true
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-34.jfk50.r.cloudfront.net
Software
/
Resource Hash
7cf9b76cd440587765597688eb37ddfaa2072910aba24f0b245a692aadf3a615

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEHgaDGNhLWNlbnRyYWwtMSJHMEUCIAWh2PVTsobixZ1svgH3fJy55M67JkYElwGWzIqKUpARAiEAj6sBAxGGY4ZbGuOgPSg0lEu+6umCT90wXBaY7L76S50qlgYI8f//////////ARAAGgwyNjEwOTA4MTY3NTAiDPpIglAWsYUVlgrR6CrqBddgPH7u3uvgsEai+yDyyHYdiN9AIuQKPpmbESiz2JEuOxBqBOVg8ZrefkQb0Cv7N0pGWRtNVzqE8Ta0QipowchWtYw+ZpW/m8VFx8x+dPFa4slUl6J9gad41TivGf3kNb143agKPKOQ9m6+Qt5OvJ35kfKt262KR+PdlhvcrEW4RG9AeGmBf4ezyA4FZCMvhFmmPrSxNe8Vw//oZMMCduMqoDbwVop1vtIkg9XyGflr0B2EApllBtG9ZKSSYZVxAApD8+iI8lvYILZgxjqSfBArgjBmNcvoY09gEhzsze7ztcCJ48FWrgrccWyFlHf7t+GxNqfENjhidGaJeVpk4sxItQ+WifjrJAfmmlSeL5g2UNrtQqUnBIiK9Y4ziHP02QI1KwrIiWRKPABXyf/LeNUfHoMojjvoQDaT0sucRg5e+s8oa4cTLP1t1RkKx8fUuN+GsK/PeCo09kzUXZzyGPny2QXHrHlcXwPV9MP6sgwv5fWKOM92RL4Mo1IekENtch1ZT5D+wGIA0s8qpRNra3kKbTgZNIAEuB6Zx643EmQaflHFAF7D/oNy7SjMQ7UCH4JThzKj3PEDkIuxV3Z21+9vU/FDUHnOphRoazrFNBglLQyDrlRQCA4B5YVtYXpkI/b0gute+IWE2nEo0ObSEREP/ZmehWgJLBgm5WiA35z3gqhWt41tYnAaYAXy+UKJnYZmZBEmJj409tdcPxKLRMu9L2a1V3VtphZGx6Kk0b58sPBg1FOMWwP4J+PCgn4eu2nOPIsHhso0/dkxqkRoHRcAKyjytHX+Z8yhpZkiGbr6rt0v2XMSEw9JZnsoOmUfrm5U772EIIWFRsDdLzYMsE94ofS78/dt6H/UjuURANVpv6dBlSGkSnN5rP+vRmu1b5vn62neSFGJ1DLCyh1wx7VqDP03UMcozV3M7Dog/gp633coZQ5RwG7tjYmzpJm+XrzGtleRLRDNDeSsRDnsI/7tt+GfNaIDnt2SMMS+wKUGOocCDVREimItMQTtJ3WH8x+o7liVB7ItARWGvyf3uMzf8QtWAnOJlbGNRlnNN4ctfdinL3HbpqQ3eQgLrhYpZqYrXNqyA2+Hf9E1VctW+5KmEb/K4Tl00KBm4tiCUAzOhG/OEGBnkNSa2asjXuW8xDtIi1T95mnEcgNcOteBjz8iy5tRedYzoPjufCOxwZlIUN6hsqFTenomm67CL+YoPTQP1ctWFsJLaCbxyIm/g3kXPyGnUppvHZ6C++7BS90SNZC8z+V+ZM+bnaX5kbuUTzJeixeW2Xv+Xqmnst+dN2huXKjnQY5h/H+bVODFfqs/ku45D1ijcEaWOZU5xqfMasUAdNJ1Wxif4e8=
Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
x-amz-date
20230713T155900Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIATZSRZWLXBF6LAAUW/20230713/ca-central-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=9ffee1d8f11e3aa1b6bae1d48284a46093e0172f2d44d48e807679f859e90ca7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:01 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-amzn-requestid
0052dc5a-9ee7-4c2b-8fee-bdd6b1bed711
x-amzn-trace-id
Root=1-64b01f44-4c9eb9027716066d04e13ff2;Sampled=0;lineage=b59959b0:0
access-control-max-age
600
access-control-allow-methods
GET, HEAD, POST, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
*
x-amz-apigw-id
IAnSzGO74osFoXg=
content-length
26502
x-amz-cf-id
-BXGiqPsbmIIahCgPuVyVcEy4cbeBIfXa5U-ge3gF2GEIycEyrWXAQ==
access-control-allow-headers
*
currencyRate
api-v2.fansfirst.ca/marketplace/ticketEvo/ 		57 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/ticketEvo/currencyRate
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-34.jfk50.r.cloudfront.net
Software
/
Resource Hash
474636e9d608d3c7986eff2386a948630d4a1c7f2c09c70f622213633b6b18b0

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEHgaDGNhLWNlbnRyYWwtMSJHMEUCIAWh2PVTsobixZ1svgH3fJy55M67JkYElwGWzIqKUpARAiEAj6sBAxGGY4ZbGuOgPSg0lEu+6umCT90wXBaY7L76S50qlgYI8f//////////ARAAGgwyNjEwOTA4MTY3NTAiDPpIglAWsYUVlgrR6CrqBddgPH7u3uvgsEai+yDyyHYdiN9AIuQKPpmbESiz2JEuOxBqBOVg8ZrefkQb0Cv7N0pGWRtNVzqE8Ta0QipowchWtYw+ZpW/m8VFx8x+dPFa4slUl6J9gad41TivGf3kNb143agKPKOQ9m6+Qt5OvJ35kfKt262KR+PdlhvcrEW4RG9AeGmBf4ezyA4FZCMvhFmmPrSxNe8Vw//oZMMCduMqoDbwVop1vtIkg9XyGflr0B2EApllBtG9ZKSSYZVxAApD8+iI8lvYILZgxjqSfBArgjBmNcvoY09gEhzsze7ztcCJ48FWrgrccWyFlHf7t+GxNqfENjhidGaJeVpk4sxItQ+WifjrJAfmmlSeL5g2UNrtQqUnBIiK9Y4ziHP02QI1KwrIiWRKPABXyf/LeNUfHoMojjvoQDaT0sucRg5e+s8oa4cTLP1t1RkKx8fUuN+GsK/PeCo09kzUXZzyGPny2QXHrHlcXwPV9MP6sgwv5fWKOM92RL4Mo1IekENtch1ZT5D+wGIA0s8qpRNra3kKbTgZNIAEuB6Zx643EmQaflHFAF7D/oNy7SjMQ7UCH4JThzKj3PEDkIuxV3Z21+9vU/FDUHnOphRoazrFNBglLQyDrlRQCA4B5YVtYXpkI/b0gute+IWE2nEo0ObSEREP/ZmehWgJLBgm5WiA35z3gqhWt41tYnAaYAXy+UKJnYZmZBEmJj409tdcPxKLRMu9L2a1V3VtphZGx6Kk0b58sPBg1FOMWwP4J+PCgn4eu2nOPIsHhso0/dkxqkRoHRcAKyjytHX+Z8yhpZkiGbr6rt0v2XMSEw9JZnsoOmUfrm5U772EIIWFRsDdLzYMsE94ofS78/dt6H/UjuURANVpv6dBlSGkSnN5rP+vRmu1b5vn62neSFGJ1DLCyh1wx7VqDP03UMcozV3M7Dog/gp633coZQ5RwG7tjYmzpJm+XrzGtleRLRDNDeSsRDnsI/7tt+GfNaIDnt2SMMS+wKUGOocCDVREimItMQTtJ3WH8x+o7liVB7ItARWGvyf3uMzf8QtWAnOJlbGNRlnNN4ctfdinL3HbpqQ3eQgLrhYpZqYrXNqyA2+Hf9E1VctW+5KmEb/K4Tl00KBm4tiCUAzOhG/OEGBnkNSa2asjXuW8xDtIi1T95mnEcgNcOteBjz8iy5tRedYzoPjufCOxwZlIUN6hsqFTenomm67CL+YoPTQP1ctWFsJLaCbxyIm/g3kXPyGnUppvHZ6C++7BS90SNZC8z+V+ZM+bnaX5kbuUTzJeixeW2Xv+Xqmnst+dN2huXKjnQY5h/H+bVODFfqs/ku45D1ijcEaWOZU5xqfMasUAdNJ1Wxif4e8=
Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
x-amz-date
20230713T155900Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIATZSRZWLXBF6LAAUW/20230713/ca-central-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=06cef177c544bee470ea4c42ecf4e44258853593285695c48460d8fbb3e8ed42
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-amzn-requestid
297ab024-5d07-4b5d-9441-093f301fdd5a
x-amzn-trace-id
Root=1-64b01f44-3e85fb192534aac81858ea22;Sampled=0;lineage=edb250dd:0
access-control-max-age
600
access-control-allow-methods
GET, HEAD, POST, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
*
x-amz-apigw-id
IAnSzHNuYosFmqw=
content-length
57
x-amz-cf-id
7qAFWUYVJEuFfBmWFts4YixYnPzKyttzzIVXH8EqcG6KJi_dMsDtgw==
access-control-allow-headers
*
get-emergency-mode
api-v2.fansfirst.ca/marketplace/emergencyMode/ 		7 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/emergencyMode/get-emergency-mode
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-34.jfk50.r.cloudfront.net
Software
/
Resource Hash
cea17e0b05e3e6ace77ec2d13b5870803ef957ad160f289cca6a3a4a826d20af

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEHgaDGNhLWNlbnRyYWwtMSJHMEUCIAWh2PVTsobixZ1svgH3fJy55M67JkYElwGWzIqKUpARAiEAj6sBAxGGY4ZbGuOgPSg0lEu+6umCT90wXBaY7L76S50qlgYI8f//////////ARAAGgwyNjEwOTA4MTY3NTAiDPpIglAWsYUVlgrR6CrqBddgPH7u3uvgsEai+yDyyHYdiN9AIuQKPpmbESiz2JEuOxBqBOVg8ZrefkQb0Cv7N0pGWRtNVzqE8Ta0QipowchWtYw+ZpW/m8VFx8x+dPFa4slUl6J9gad41TivGf3kNb143agKPKOQ9m6+Qt5OvJ35kfKt262KR+PdlhvcrEW4RG9AeGmBf4ezyA4FZCMvhFmmPrSxNe8Vw//oZMMCduMqoDbwVop1vtIkg9XyGflr0B2EApllBtG9ZKSSYZVxAApD8+iI8lvYILZgxjqSfBArgjBmNcvoY09gEhzsze7ztcCJ48FWrgrccWyFlHf7t+GxNqfENjhidGaJeVpk4sxItQ+WifjrJAfmmlSeL5g2UNrtQqUnBIiK9Y4ziHP02QI1KwrIiWRKPABXyf/LeNUfHoMojjvoQDaT0sucRg5e+s8oa4cTLP1t1RkKx8fUuN+GsK/PeCo09kzUXZzyGPny2QXHrHlcXwPV9MP6sgwv5fWKOM92RL4Mo1IekENtch1ZT5D+wGIA0s8qpRNra3kKbTgZNIAEuB6Zx643EmQaflHFAF7D/oNy7SjMQ7UCH4JThzKj3PEDkIuxV3Z21+9vU/FDUHnOphRoazrFNBglLQyDrlRQCA4B5YVtYXpkI/b0gute+IWE2nEo0ObSEREP/ZmehWgJLBgm5WiA35z3gqhWt41tYnAaYAXy+UKJnYZmZBEmJj409tdcPxKLRMu9L2a1V3VtphZGx6Kk0b58sPBg1FOMWwP4J+PCgn4eu2nOPIsHhso0/dkxqkRoHRcAKyjytHX+Z8yhpZkiGbr6rt0v2XMSEw9JZnsoOmUfrm5U772EIIWFRsDdLzYMsE94ofS78/dt6H/UjuURANVpv6dBlSGkSnN5rP+vRmu1b5vn62neSFGJ1DLCyh1wx7VqDP03UMcozV3M7Dog/gp633coZQ5RwG7tjYmzpJm+XrzGtleRLRDNDeSsRDnsI/7tt+GfNaIDnt2SMMS+wKUGOocCDVREimItMQTtJ3WH8x+o7liVB7ItARWGvyf3uMzf8QtWAnOJlbGNRlnNN4ctfdinL3HbpqQ3eQgLrhYpZqYrXNqyA2+Hf9E1VctW+5KmEb/K4Tl00KBm4tiCUAzOhG/OEGBnkNSa2asjXuW8xDtIi1T95mnEcgNcOteBjz8iy5tRedYzoPjufCOxwZlIUN6hsqFTenomm67CL+YoPTQP1ctWFsJLaCbxyIm/g3kXPyGnUppvHZ6C++7BS90SNZC8z+V+ZM+bnaX5kbuUTzJeixeW2Xv+Xqmnst+dN2huXKjnQY5h/H+bVODFfqs/ku45D1ijcEaWOZU5xqfMasUAdNJ1Wxif4e8=
Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
x-amz-date
20230713T155900Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIATZSRZWLXBF6LAAUW/20230713/ca-central-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=f3d2377c666e90afcb14b2e402c170b72a846f0159db5d9bd9917e5b4ab7caef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:00 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-amzn-requestid
a71763a2-4ea9-4a98-8192-5d2d44c8db15
x-amzn-trace-id
Root=1-64b01f44-0fdc52165bbdf09661cacb48;Sampled=0;lineage=60f2ce9c:0
access-control-max-age
600
access-control-allow-methods
GET, HEAD, POST, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
*
x-amz-apigw-id
IAnSzELAYosFyqA=
content-length
7
x-amz-cf-id
mhKeIhH36_o8R7-kTuTeAf2a9qujHKe4QSVqPu6XUttXz5iR77PUmw==
access-control-allow-headers
*
latest
api-v2.fansfirst.ca/blogs/get/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/blogs/get/latest
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-34.jfk50.r.cloudfront.net
Software
/
Resource Hash
799f5f3fa3add7212fea31eed9c16e0813ed24ac2c8ba1b60c7ebcbfd1ba6936

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEHgaDGNhLWNlbnRyYWwtMSJHMEUCIAWh2PVTsobixZ1svgH3fJy55M67JkYElwGWzIqKUpARAiEAj6sBAxGGY4ZbGuOgPSg0lEu+6umCT90wXBaY7L76S50qlgYI8f//////////ARAAGgwyNjEwOTA4MTY3NTAiDPpIglAWsYUVlgrR6CrqBddgPH7u3uvgsEai+yDyyHYdiN9AIuQKPpmbESiz2JEuOxBqBOVg8ZrefkQb0Cv7N0pGWRtNVzqE8Ta0QipowchWtYw+ZpW/m8VFx8x+dPFa4slUl6J9gad41TivGf3kNb143agKPKOQ9m6+Qt5OvJ35kfKt262KR+PdlhvcrEW4RG9AeGmBf4ezyA4FZCMvhFmmPrSxNe8Vw//oZMMCduMqoDbwVop1vtIkg9XyGflr0B2EApllBtG9ZKSSYZVxAApD8+iI8lvYILZgxjqSfBArgjBmNcvoY09gEhzsze7ztcCJ48FWrgrccWyFlHf7t+GxNqfENjhidGaJeVpk4sxItQ+WifjrJAfmmlSeL5g2UNrtQqUnBIiK9Y4ziHP02QI1KwrIiWRKPABXyf/LeNUfHoMojjvoQDaT0sucRg5e+s8oa4cTLP1t1RkKx8fUuN+GsK/PeCo09kzUXZzyGPny2QXHrHlcXwPV9MP6sgwv5fWKOM92RL4Mo1IekENtch1ZT5D+wGIA0s8qpRNra3kKbTgZNIAEuB6Zx643EmQaflHFAF7D/oNy7SjMQ7UCH4JThzKj3PEDkIuxV3Z21+9vU/FDUHnOphRoazrFNBglLQyDrlRQCA4B5YVtYXpkI/b0gute+IWE2nEo0ObSEREP/ZmehWgJLBgm5WiA35z3gqhWt41tYnAaYAXy+UKJnYZmZBEmJj409tdcPxKLRMu9L2a1V3VtphZGx6Kk0b58sPBg1FOMWwP4J+PCgn4eu2nOPIsHhso0/dkxqkRoHRcAKyjytHX+Z8yhpZkiGbr6rt0v2XMSEw9JZnsoOmUfrm5U772EIIWFRsDdLzYMsE94ofS78/dt6H/UjuURANVpv6dBlSGkSnN5rP+vRmu1b5vn62neSFGJ1DLCyh1wx7VqDP03UMcozV3M7Dog/gp633coZQ5RwG7tjYmzpJm+XrzGtleRLRDNDeSsRDnsI/7tt+GfNaIDnt2SMMS+wKUGOocCDVREimItMQTtJ3WH8x+o7liVB7ItARWGvyf3uMzf8QtWAnOJlbGNRlnNN4ctfdinL3HbpqQ3eQgLrhYpZqYrXNqyA2+Hf9E1VctW+5KmEb/K4Tl00KBm4tiCUAzOhG/OEGBnkNSa2asjXuW8xDtIi1T95mnEcgNcOteBjz8iy5tRedYzoPjufCOxwZlIUN6hsqFTenomm67CL+YoPTQP1ctWFsJLaCbxyIm/g3kXPyGnUppvHZ6C++7BS90SNZC8z+V+ZM+bnaX5kbuUTzJeixeW2Xv+Xqmnst+dN2huXKjnQY5h/H+bVODFfqs/ku45D1ijcEaWOZU5xqfMasUAdNJ1Wxif4e8=
Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
x-amz-date
20230713T155900Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIATZSRZWLXBF6LAAUW/20230713/ca-central-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=c3f554cebe6868442faa13b4c4ebaa9dceb59bddd312e37a5a55e0eaa9822c67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:59:01 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-amzn-requestid
00064f7d-20b3-45e9-b576-82e2d8b2f64a
x-amzn-trace-id
Root=1-64b01f44-283a91147def56182a24ed62;Sampled=0;lineage=c7248993:0
access-control-max-age
600
access-control-allow-methods
GET, HEAD, POST, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
*
x-amz-apigw-id
IAnSyFXL4osF3ZQ=
content-length
4367
x-amz-cf-id
eLMbRBSWpNtnUe2N9IF8WzArN3bVevnE0J5cOxnpHPeZy4nBsGcaoA==
access-control-allow-headers
*
/
www.facebook.com/tr/ Frame A813 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.fansfirst.ca
Referer
https://www.fansfirst.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.fansfirst.ca
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 15:59:01 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
major-league-baseball-introduces-new-rules-and-regulations-for-the-2023-season.json
json-blogs-bucket.s3.amazonaws.com/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://json-blogs-bucket.s3.amazonaws.com/major-league-baseball-introduces-new-rules-and-regulations-for-the-2023-season.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIATZSRZWLXKWD53G3G%2F20230713%2Fca-central-1%2Fs3%2Faws4_request&X-Amz-Date=20230713T155900Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEHgaDGNhLWNlbnRyYWwtMSJGMEQCIC0lsMVETJTjBgSHmdY27BQ6DTPY5oQYZz5EGkodtzltAiAkYanspApBUWzEz1QjtyJudyz5E7ftLsU0d5B%2BUKpTtirRAwjx%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BEAAaDDI2MTA5MDgxNjc1MCIMhDBL1hozQtpLSd%2FIKqUD3SCq%2B2Ig%2Bct4zvnTehAdq%2FhamBHTXsNoZDq5z%2BhTDhnjjlxBgT1ZZU5zJLs0TPWQ8fpXtpnXAFEt65IwJ2U72v8ffgbFqmIYMHlHQ2o0eJ6cOiFJBOPdbq%2BxMU5l1vbwg9EMfbvNUQ9CEewxCk%2FjMYQQ%2BrmraUM9GNLsI%2Bnxgjm5RQbSiHiWIRwofhbdTXOJJ%2BVYedjthemXChgzNAWiZGV28ns9oVuE7b2J%2B%2BNnowCwAKojz0e1CLUjXa3Cqg4nIdAvYoSP70%2Fybf0TuNW%2FXhf%2BoGFUHfrlub6UlouV3gL2wIIAixkYEhQgepYuDZFcvwMOvC7qmWpY8WLwWdOtm1S0VXzUxeeQxzwpN9k9zfPEaWR5%2FfkmKxutAau2PgbyLmFwEM6T2OaN5SdncL6UPHhHmxirQcU45rf9tbudpcwVu3a%2BFWUJmB9Vlj9vRZlxxVvdCwDPkFMGCCSk6pz18ttCBVeMUf1QuaKYun5%2BlKSlbipROj%2BhmS1Z2ZMc4S%2FULa26hyVOHhPMBphuBmjXwjGeeeO6iyFQ5zyXdZbXtPGTJ7ejvDCmvcClBjqfATirejTYrslhGreKFHVzj5Wisug5q6JdPn%2BXwTMJifgA50ER%2FtuozY0blNmw7mE2qO9o2lUmUPGayfa4%2FDCVnPYp13eVv6t2Hae6k%2FEeVUF5suOtoao4jSgIWLgtKj8q3LurBYcKFZlVbBPCwZc8WkRqnOC93QSqd38yQPBT%2B9WKdduVV8uAeZlLxbpPzXu4ysCD4AHh1HyyBdKRG%2FLEdg%3D%3D&X-Amz-Signature=4b2fc4098bd3b82563daf354d0092dc403bbf5b2f2c0ddd89e478aef52b7d976
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.4.36 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
19d247f87d6d00bbbad76fed4d18aaf586cd50a492352d79cb9f80d2cbaf4416

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 15:59:02 GMT
Last-Modified
Thu, 22 Jun 2023 23:19:42 GMT
Server
AmazonS3
x-amz-request-id
4YH6PRWQ1319H3WD
ETag
"0071cdf9339f82353ea171d703a2330b"
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
POST, GET, PUT, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
3833
x-amz-id-2
XHEFVa6z1MAA1yYNZyHvBNHA5DYd0bgdu/rlaPte/SZy5zM7gsIgdHy2Jf6BvzLpruu5yFJ8CRE=
history-of-the-winnipeg-blue-bombers.json
json-blogs-bucket.s3.amazonaws.com/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://json-blogs-bucket.s3.amazonaws.com/history-of-the-winnipeg-blue-bombers.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIATZSRZWLXKWD53G3G%2F20230713%2Fca-central-1%2Fs3%2Faws4_request&X-Amz-Date=20230713T155900Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEHgaDGNhLWNlbnRyYWwtMSJGMEQCIC0lsMVETJTjBgSHmdY27BQ6DTPY5oQYZz5EGkodtzltAiAkYanspApBUWzEz1QjtyJudyz5E7ftLsU0d5B%2BUKpTtirRAwjx%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BEAAaDDI2MTA5MDgxNjc1MCIMhDBL1hozQtpLSd%2FIKqUD3SCq%2B2Ig%2Bct4zvnTehAdq%2FhamBHTXsNoZDq5z%2BhTDhnjjlxBgT1ZZU5zJLs0TPWQ8fpXtpnXAFEt65IwJ2U72v8ffgbFqmIYMHlHQ2o0eJ6cOiFJBOPdbq%2BxMU5l1vbwg9EMfbvNUQ9CEewxCk%2FjMYQQ%2BrmraUM9GNLsI%2Bnxgjm5RQbSiHiWIRwofhbdTXOJJ%2BVYedjthemXChgzNAWiZGV28ns9oVuE7b2J%2B%2BNnowCwAKojz0e1CLUjXa3Cqg4nIdAvYoSP70%2Fybf0TuNW%2FXhf%2BoGFUHfrlub6UlouV3gL2wIIAixkYEhQgepYuDZFcvwMOvC7qmWpY8WLwWdOtm1S0VXzUxeeQxzwpN9k9zfPEaWR5%2FfkmKxutAau2PgbyLmFwEM6T2OaN5SdncL6UPHhHmxirQcU45rf9tbudpcwVu3a%2BFWUJmB9Vlj9vRZlxxVvdCwDPkFMGCCSk6pz18ttCBVeMUf1QuaKYun5%2BlKSlbipROj%2BhmS1Z2ZMc4S%2FULa26hyVOHhPMBphuBmjXwjGeeeO6iyFQ5zyXdZbXtPGTJ7ejvDCmvcClBjqfATirejTYrslhGreKFHVzj5Wisug5q6JdPn%2BXwTMJifgA50ER%2FtuozY0blNmw7mE2qO9o2lUmUPGayfa4%2FDCVnPYp13eVv6t2Hae6k%2FEeVUF5suOtoao4jSgIWLgtKj8q3LurBYcKFZlVbBPCwZc8WkRqnOC93QSqd38yQPBT%2B9WKdduVV8uAeZlLxbpPzXu4ysCD4AHh1HyyBdKRG%2FLEdg%3D%3D&X-Amz-Signature=dcaaed70381511a0f1727ac03569038d77e53216f11f7bf37f91aa468c18d265
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.4.36 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e9d7e8718078619f525383c3027acaa31c2ac5b02dff4c78c6bcdb93f49bf735

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 15:59:02 GMT
Last-Modified
Thu, 22 Jun 2023 23:19:41 GMT
Server
AmazonS3
x-amz-request-id
4YHDGCZ4HTGCG5V3
ETag
"40f7342c58c50fda8f8724ed39152a24"
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
POST, GET, PUT, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
4709
x-amz-id-2
tsTbbt+LaRS9tTZ3yfV4WSoDnBBCrTnJbXOQOzDbUjW8TOC3fepZWDLy5pPJVoFoI/FaIDyAFu0=
bc-lions-at-bc-place-what-to-expect.json
json-blogs-bucket.s3.amazonaws.com/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://json-blogs-bucket.s3.amazonaws.com/bc-lions-at-bc-place-what-to-expect.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIATZSRZWLXKWD53G3G%2F20230713%2Fca-central-1%2Fs3%2Faws4_request&X-Amz-Date=20230713T155900Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEHgaDGNhLWNlbnRyYWwtMSJGMEQCIC0lsMVETJTjBgSHmdY27BQ6DTPY5oQYZz5EGkodtzltAiAkYanspApBUWzEz1QjtyJudyz5E7ftLsU0d5B%2BUKpTtirRAwjx%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BEAAaDDI2MTA5MDgxNjc1MCIMhDBL1hozQtpLSd%2FIKqUD3SCq%2B2Ig%2Bct4zvnTehAdq%2FhamBHTXsNoZDq5z%2BhTDhnjjlxBgT1ZZU5zJLs0TPWQ8fpXtpnXAFEt65IwJ2U72v8ffgbFqmIYMHlHQ2o0eJ6cOiFJBOPdbq%2BxMU5l1vbwg9EMfbvNUQ9CEewxCk%2FjMYQQ%2BrmraUM9GNLsI%2Bnxgjm5RQbSiHiWIRwofhbdTXOJJ%2BVYedjthemXChgzNAWiZGV28ns9oVuE7b2J%2B%2BNnowCwAKojz0e1CLUjXa3Cqg4nIdAvYoSP70%2Fybf0TuNW%2FXhf%2BoGFUHfrlub6UlouV3gL2wIIAixkYEhQgepYuDZFcvwMOvC7qmWpY8WLwWdOtm1S0VXzUxeeQxzwpN9k9zfPEaWR5%2FfkmKxutAau2PgbyLmFwEM6T2OaN5SdncL6UPHhHmxirQcU45rf9tbudpcwVu3a%2BFWUJmB9Vlj9vRZlxxVvdCwDPkFMGCCSk6pz18ttCBVeMUf1QuaKYun5%2BlKSlbipROj%2BhmS1Z2ZMc4S%2FULa26hyVOHhPMBphuBmjXwjGeeeO6iyFQ5zyXdZbXtPGTJ7ejvDCmvcClBjqfATirejTYrslhGreKFHVzj5Wisug5q6JdPn%2BXwTMJifgA50ER%2FtuozY0blNmw7mE2qO9o2lUmUPGayfa4%2FDCVnPYp13eVv6t2Hae6k%2FEeVUF5suOtoao4jSgIWLgtKj8q3LurBYcKFZlVbBPCwZc8WkRqnOC93QSqd38yQPBT%2B9WKdduVV8uAeZlLxbpPzXu4ysCD4AHh1HyyBdKRG%2FLEdg%3D%3D&X-Amz-Signature=3a209e48159ec48e500c854ad902e42bdf0461a90bdd200d2191330f2df97203
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.4.36 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d813db56823ebffaf03bedc63ad39a0d4586eef30aa2f0f1ea18c860b16af4f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 15:59:02 GMT
Last-Modified
Thu, 22 Jun 2023 23:19:39 GMT
Server
AmazonS3
x-amz-request-id
4YHCFFGX92DBG95D
ETag
"72f38c3987ea68289163e6ddd46967bb"
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
POST, GET, PUT, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
4663
x-amz-id-2
HJ8/wBqLYqhcmMAYZ3DlS7OtgLUvCJVaqzcEonou3LvvyfUvaRUBIpVWqaAtShbnr7FoInZux0o=
major-league-baseball-introduces-new-rules-and-regulations-for-the-2023-season.png
blogs-images-bucket.s3.ca-central-1.amazonaws.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs-images-bucket.s3.ca-central-1.amazonaws.com/major-league-baseball-introduces-new-rules-and-regulations-for-the-2023-season.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.146.144 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c465e0ca8a6edab24d03175993b11afecb13513291b922e0ae917e53e916f440

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 15:59:02 GMT
Last-Modified
Thu, 22 Jun 2023 03:16:08 GMT
Server
AmazonS3
x-amz-request-id
4YH8TE07QCT0CR2M
ETag
"ca52cd011405bff64aad0b642759af2b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1140793
x-amz-id-2
eWN6NiCaLBqN2zXw7Q0SFwfQurDkNXKKQUOgh+8epbYBt8JVmyFqslha3j+HLwGtTiwV4V95YvE=
history-of-the-winnipeg-blue-bombers.png
blogs-images-bucket.s3.ca-central-1.amazonaws.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs-images-bucket.s3.ca-central-1.amazonaws.com/history-of-the-winnipeg-blue-bombers.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.146.144 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3267258f94f48e43c85e465e3e33b691ce23157355326f5c4201fd73972d45ba

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 15:59:02 GMT
Last-Modified
Thu, 22 Jun 2023 03:23:19 GMT
Server
AmazonS3
x-amz-request-id
4YH76DS3Z61B6BVS
ETag
"41b0e69b04e9cfd271a80a3613447755"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1861072
x-amz-id-2
Hjd2xkoHkEa47M7MP6CSPrEpDx5pUzDnVwgmsEkfgMkITNMWPelaRh6lSTP73KuVjmy8lGm1LLE=
bc-lions-at-bc-place-what-to-expect.png
blogs-images-bucket.s3.ca-central-1.amazonaws.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs-images-bucket.s3.ca-central-1.amazonaws.com/bc-lions-at-bc-place-what-to-expect.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.146.144 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
97d3a3263369c7042c2427bb0c7569971599703059fd7c9cb75bd24622cf4137

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 15:59:02 GMT
Last-Modified
Thu, 22 Jun 2023 01:48:33 GMT
Server
AmazonS3
x-amz-request-id
4YHFAFE9NG0W1FF2
ETag
"c16932a8e440d6e493b9ddc9f036dc4b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1463274
x-amz-id-2
bZIqBglSU0kHjpQFxTjKNo6wUe0A7eJeDdNeCnUJ2rfUDP3sGpveEb8cxiMtZGJd2KnVIdU7iA0=

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend function| _local_$ function| _local_jQuery object| ConvergeEmbeddedPayment function| gtag object| dataLayer function| hj object| _hjSettings function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| regeneratorRuntime function| Elavon3DSWebSDK object| webpackJsonp function| setImmediate function| clearImmediate object| AWS object| __SENTRY__ number| __MUI_GENERATOR_COUNTER__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| eve object| __SECRET_EMOTION__ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

10 Cookies

Domain/Path Name / Value
.fansfirst.ca/ Name: _gid
Value: GA1.2.2048011340.1689263940
.fansfirst.ca/ Name: _gat_gtag_UA_128361305_1
Value: 1
.fansfirst.ca/ Name: _ga_NDX9XPC0BZ
Value: GS1.1.1689263940.1.0.1689263940.0.0.0
.fansfirst.ca/ Name: _ga
Value: GA1.1.552720158.1689263940
.fansfirst.ca/ Name: _fbp
Value: fb.1.1689263940596.905014227
.fansfirst.ca/ Name: _hjSessionUser_1120382
Value: eyJpZCI6IjI5NjE0YWJiLTVjNWYtNWIyZC05Zjk2LWMzNTc1M2U0NTE5MCIsImNyZWF0ZWQiOjE2ODkyNjM5NDA2OTAsImV4aXN0aW5nIjpmYWxzZX0=
.fansfirst.ca/ Name: _hjFirstSeen
Value: 1
.fansfirst.ca/ Name: _hjIncludedInSessionSample_1120382
Value: 1
.fansfirst.ca/ Name: _hjSession_1120382
Value: eyJpZCI6ImEzZjkxNGEwLTY4ZDItNDg4OC1iMzc3LWFkZmQ3YzhkMzJlZCIsImNyZWF0ZWQiOjE2ODkyNjM5NDA3MDMsImluU2FtcGxlIjp0cnVlfQ==
.fansfirst.ca/ Name: _hjAbsoluteSessionInProgress
Value: 0

7 Console Messages

Source Level URL
Text
other warning URL: https://www.fansfirst.ca/static/js/2.b9fecd25.chunk.js
Message:
Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-v2.fansfirst.ca
api.convergepay.com
blogs-images-bucket.s3.ca-central-1.amazonaws.com
cognito-identity.ca-central-1.amazonaws.com
connect.facebook.net
dev.libs.fraud.eu.elavonaws.com
fonts.googleapis.com
fonts.gstatic.com
json-blogs-bucket.s3.amazonaws.com
scontent-yyz1-1.xx.fbcdn.net
script.hotjar.com
static.hotjar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.fansfirst.ca
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
108.138.106.124
108.138.106.34
16.12.4.36
18.164.124.16
18.164.96.46
2001:4860:4802:38::178
23.54.177.249
2600:1f11:f61:e402:db85:66b2:2371:2572
2600:9000:2140:9a00:10:181f:fdc0:93a1
2606:4700:e2::ac40:850f
2607:f8b0:4004:c19::9c
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
52.95.146.144
1295ed6d1f54a9b3add4a5706431f2bf27cfc80aaa1c78c7b472e5c34c20569e
134002928a608c114396af6024cef9a2577fac2fc3916b99f6f70c1f691cb875
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
19d247f87d6d00bbbad76fed4d18aaf586cd50a492352d79cb9f80d2cbaf4416
1b223e4a4bd543b4b786c1c035c144be2cfa15b9d5310c8e6c143e9b6f1786d9
1c5f2fc4a7d1ddd45d3f965b175b70973260f079bbe0fbc6eb5feee59d41a70e
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
293ed6f883b8e1aefbd62e0644bd876b853441cacada9d8ac30215bf45d28b48
2b10f2438a074a9a49aa6f08cb88d14e1e52c0abb4db14f9871a7f255fac2d46
2b2fbff77273ec2235f8509d58772d1d39092526dbf136de0df57a55da179ac4
2b3c69664d06183eaf9a3250d7542260c93404ceef72e56d2027850a8ae209b5
2be3a95941ba61bf82ae9f3b8998bbd11b446ab3e65d8d9f1d5cb65384af39bb
2d8be915e12a35def0ce3186371ce9cc0dd9bb8534178cdcd4716049bc9731f7
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
3267258f94f48e43c85e465e3e33b691ce23157355326f5c4201fd73972d45ba
3ca5f10edff78f262743d7845ff6dda9e70c88820bea65b22d2f92e8c54e9584
474636e9d608d3c7986eff2386a948630d4a1c7f2c09c70f622213633b6b18b0
4a1dce6eeb6dbe84c403811768b526312e32e76a422d0f01bf4a198ca916cd62
4d57407026de0c85d57a222f5faf7ad6a98addb8adb255e018a81fe541cdef51
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
50ffc1e935017863ef0292a76e27a485c54b26c778e171b9a325b37fdf490dd9
51371c1924bc32f162643d55e2194f9a550b18699a2c61bfb973f69e879be0ca
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bed9a7a0311f3db571d726b0b15e8d69c54f01a2b7616fdb46766a6f58d121f
74d306ea8c489bfe35c2c3f01d682f68c567b49d9ec591d073f8155beb595b31
799f5f3fa3add7212fea31eed9c16e0813ed24ac2c8ba1b60c7ebcbfd1ba6936
7cf9b76cd440587765597688eb37ddfaa2072910aba24f0b245a692aadf3a615
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
87ce0086c738750c485f4bfa8f87f78013b611ffd9ef8df8e5158429c531529c
8da053334f1a7da64d578604b19e301e8e7809c980be1707d7f17bde814eb27e
91e972fb4cd498d0b06453d5a13a471e44e36a836a3798ff5def6f70f1d03f02
92cdee1c640de35eac37dbc7b031c3d56280dbf92c21986ac31a8920fe4453d0
93e2f17b8866506ecdbe2a6eb6a4d3e9fc7f9b185c8b5e109171d236e7fc5fb3
97d3a3263369c7042c2427bb0c7569971599703059fd7c9cb75bd24622cf4137
983e587b4c572eeb76bb85059aafd765d4e4cb61e6a7b4eb2cc87b31ba76f56b
9cc567139f4cb99775ea84aa7505e13baaf3198bfa2b5fc7b3e8f0b2ac01392d
a1a78bcd2d3beb760b890da4e94d89221f1d5e0c5be50b20ebda819b32a55c61
a42e05091bd51eeddf4efc615439a8a2e9ea683cfce239c6a84f26b53c9e4991
a54b2ed84e5961b52306b9b48b4989a073362d35c4084c9467a27e504595861a
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
b9b0b6b67f7c4f8b849b8de53c1e4692e72a2aaf61c3076a99de85e9fe337713
c465e0ca8a6edab24d03175993b11afecb13513291b922e0ae917e53e916f440
cea17e0b05e3e6ace77ec2d13b5870803ef957ad160f289cca6a3a4a826d20af
d813db56823ebffaf03bedc63ad39a0d4586eef30aa2f0f1ea18c860b16af4f1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cf8439c665571e7b56c2e300e6e87280362de0a1f8b6eca3751ee8dbc67e91
e5d8f3420a45050a14ed90d14477356f27bc05f331c764e2689ae6a950202cab
e80ca679ad465ada41d362c2de7d0bb7ec243d51af4d80309254192ef40c0711
e9d7e8718078619f525383c3027acaa31c2ac5b02dff4c78c6bcdb93f49bf735
ececd30b13956872441d17b03b9de4c032b5983f0932051e763a0a6d0250842b
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e
f0c2c7876010d8975f0c9a3359cd74b91bf7884ddf3ee0545516eb5b66ceba96
f40d9b3f79eb25d3ccc600d910ac25cc8c4ce9d15a601ff44faef68c54ce0c18
fa5cac77038ffd9683e0e6e9760890533b8d61c727361957723b7c745fff4741
fc69e413e34a59bda98649364aea071ffac64754973971029f32ce8769a168fe