urlscan.io logo urlscan.io
SecurityTrails logo

www.fansfirst.ca Open in urlscan Pro
3.162.3.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fansfirst.ca/
Effective URL: https://www.fansfirst.ca/
Submission: On December 11 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 62 HTTP transactions. The main IP is 3.162.3.30, located in United States and belongs to AMAZON-02, US. The main domain is www.fansfirst.ca.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 24th 2023. Valid for: a year.
This is the only time www.fansfirst.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.162.3.29 16509 (AMAZON-02)
1 9 3.162.3.30 16509 (AMAZON-02)
1 23.0.16.38 16625 (AKAMAI-AS)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 3.162.3.77 16509 (AMAZON-02)
11 2a03:2880:f07... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
4 2600:1f11:f61... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 3.162.3.117 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
8 3.162.3.83 16509 (AMAZON-02)
3 52.95.190.36 16509 (AMAZON-02)
3 52.95.145.48 16509 (AMAZON-02)
62 22
1    3.162.3.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-29.yul62.r.cloudfront.net
fansfirst.ca
9    3.162.3.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-30.yul62.r.cloudfront.net
fansfirst.ca
www.fansfirst.ca
1    23.0.16.38 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-16-38.deploy.static.akamaitechnologies.com
api.convergepay.com
2    2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:215f:6200:15:dbf7:4c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
libs.fraud.elavon.com
1    3.162.3.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-77.yul62.r.cloudfront.net
static.hotjar.com
11    2a03:2880:f07d:0:face:b00c:0:3 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    2607:f8b0:4004:c0b::63 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2a03:2880:f171:81:face:b00c:0:25de (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2600:1f11:f61:e402:9a4a:a5f5:7fa8:699b (Montreal, Canada)

ASN16509 (AMAZON-02, US)
cognito-identity.ca-central-1.amazonaws.com
1    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4004:c06::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    3.162.3.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-117.yul62.r.cloudfront.net
script.hotjar.com
1    2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f082:108:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)
scontent-ord5-2.xx.fbcdn.net
1    2a03:2880:f082:9:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)
scontent-ord5-1.xx.fbcdn.net
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    3.162.3.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-83.yul62.r.cloudfront.net
api-v2.fansfirst.ca
3    52.95.190.36 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-w.ca-central-1.amazonaws.com
json-blogs-bucket.s3.amazonaws.com
3    52.95.145.48 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com
blogs-images-bucket.s3.ca-central-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
18 fansfirst.ca
fansfirst.ca
www.fansfirst.ca
api-v2.fansfirst.ca
1 MB
12 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent-ord5-2.xx.fbcdn.net — Cisco Umbrella Rank: 3512
scontent-ord5-1.xx.fbcdn.net — Cisco Umbrella Rank: 3765
580 KB
10 amazonaws.com
cognito-identity.ca-central-1.amazonaws.com — Cisco Umbrella Rank: 450720
json-blogs-bucket.s3.amazonaws.com
blogs-images-bucket.s3.ca-central-1.amazonaws.com
4 MB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
66 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
189 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
232 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700
script.hotjar.com — Cisco Umbrella Rank: 933
59 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
48 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
347 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 elavon.com
libs.fraud.elavon.com
130 KB
1 convergepay.com
api.convergepay.com — Cisco Umbrella Rank: 106496
98 KB
62 15
Domain Requested by
9 static.xx.fbcdn.net www.facebook.com
8 api-v2.fansfirst.ca www.fansfirst.ca
8 www.fansfirst.ca www.fansfirst.ca
4 cognito-identity.ca-central-1.amazonaws.com www.fansfirst.ca
4 www.facebook.com www.fansfirst.ca
3 blogs-images-bucket.s3.ca-central-1.amazonaws.com
3 json-blogs-bucket.s3.amazonaws.com www.fansfirst.ca
3 www.google-analytics.com www.googletagmanager.com
www.fansfirst.ca
3 www.googletagmanager.com www.fansfirst.ca
www.googletagmanager.com
2 scontent-ord5-2.xx.fbcdn.net www.facebook.com
2 connect.facebook.net www.fansfirst.ca
connect.facebook.net
2 fonts.googleapis.com www.fansfirst.ca
2 use.fontawesome.com www.fansfirst.ca
use.fontawesome.com
2 fansfirst.ca 2 redirects
1 stats.g.doubleclick.net www.fansfirst.ca
1 scontent-ord5-1.xx.fbcdn.net www.facebook.com
1 www.gstatic.com www.google.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.google.com www.fansfirst.ca
1 static.hotjar.com www.fansfirst.ca
1 libs.fraud.elavon.com www.fansfirst.ca
1 api.convergepay.com www.fansfirst.ca
62 23

This site contains links to these domains. Also see Links.

Domain
www.scotiabankarena.com
www.facebook.com
www.instagram.com
www.x.com
Subject Issuer Validity Valid
*.fansfirst.ca
Amazon RSA 2048 M03		 2023-11-24 -
2024-12-23		 a year crt.sh
convergepay.com
Entrust Certification Authority - L1M		 2023-06-08 -
2024-06-07		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
libs.fraud.elavon.com
Entrust Certification Authority - L1K		 2023-04-13 -
2024-05-13		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-19 -
2023-12-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cognito-identity.ca-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-04-19 -
2024-05-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.s3.ca-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-12 -
2024-06-16		 8 months crt.sh

This page contains 4 frames:

Primary Page: https://www.fansfirst.ca/
Frame ID: 33BBADDE1EA42E86FFE81646568E5763
Requests: 50 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fbrock.mansoff%2Fposts%2Fpfbid02c6dchkGQhD44uxhqdD7Ahq4kLVmGxCe19ZSRBz2Fvux6WrGF25BVvaKYSLJrTZZl&show_text=true&width=auto&height=150
Frame ID: 9EA8B7F496EA573C780175E48E517448
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Falexander.bell.7906%2Fposts%2Fpfbid02X1RSNXGaWDsbBTj7maAowzuXMHu3GF55XBNx7H8RoidQwRwGf4E4D8JmfySJ5Tkil&show_text=true&width=auto&height=150
Frame ID: 0F03FA675CA7B2E48A4D024FD47C2F43
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Frame ID: 782233EFE6ED5CD4CF0A53DEFCFC2EB7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FansFirst - Buy Cheap NHL/NBA/MLB/CFL Tickets

Page URL History Show full URLs

  1. http://fansfirst.ca/ HTTP 301
    https://fansfirst.ca/ HTTP 302
    https://www.fansfirst.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

62
Requests

100 %
HTTPS

64 %
IPv6

15
Domains

23
Subdomains

22
IPs

3
Countries

7058 kB
Transfer

13018 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fansfirst.ca/ HTTP 301
    https://fansfirst.ca/ HTTP 302
    https://www.fansfirst.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fansfirst.ca/
Redirect Chain
  • http://fansfirst.ca/
  • https://fansfirst.ca/
  • https://www.fansfirst.ca/
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-30.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74a9e53cdd490ac8a2e3d6b12801297d15b64e85b9bcb899f3d44dc358d00cdc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Mon, 11 Dec 2023 03:17:01 GMT
etag
W/"801dc86e612cc8c1e75d16d8ce4fc211"
last-modified
Wed, 06 Dec 2023 08:18:15 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
x-amz-cf-id
8dQ4skrvh0ZvKiqHGK5kdmrUb_ecQh9uqqpWd2Pn54XzK_Ptw_dnwA==
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

content-length
0
date
Mon, 11 Dec 2023 03:16:59 GMT
location
https://www.fansfirst.ca/
server
CloudFront
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
x-amz-cf-id
FPc2nDc-7p6xl_R-PZU3JTXeYHQUzVeAVHHLVo8ki57HP3m8Ov9SCw==
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
Checkout.js
api.convergepay.com/hosted-payments/ 		97 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.convergepay.com/hosted-payments/Checkout.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.16.38 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-16-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86753878977725b5ab53711ce41b885eb912306b4ea74ff4ead9d099464f1777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 11 Dec 2023 03:17:00 GMT
Last-Modified
Wed, 04 Oct 2023 20:02:56 GMT
Server
Apache
Client-IP-Seen-by-Edge
70.28.97.150
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
X-Cnection
close
Cache-Control
no-store
Debug-XFF-Seen-by-Edge
70.28.97.150
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99401
all.css
use.fontawesome.com/releases/v5.0.7/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.7/css/all.css
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
938465
etag
W/"16f4f6797931e43125885e1741f125a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0mB1YP6GZBzGCe1FI2nzWKLQ0QhLj5pQxIreW5Yj%2F4u9XV%2FoKMjSre69HCmOt63IzgedqvPhHV7o6HdO9nMHpLvSTkyna7f6FR93NPQQuno5h%2FURGlIwHRHkR3LrA33o7io6dLEIKerlrO1k1T40PnV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
833a92765b8e115e-ORD
alt-svc
h3=":443"; ma=86400
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Dec 2023 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 03:17:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Dec 2023 03:17:00 GMT
2.e2e1102c.chunk.css
www.fansfirst.ca/static/css/ 		3 KB
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/static/css/2.e2e1102c.chunk.css
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-30.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a320d8b5c455f83f784dcf2e60e596832d4db80c2cc6e3d2d00cf09b7ae5950

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
content-encoding
gzip
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 08:18:15 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
etag
W/"3ef01b5854406b7dc097b2aab2ee8e11"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
2CCWvlUfnxZqqq7bZBpGuzXFzdOO69q7YHteruprJUtgiZ23_jVltw==
main.888a0b0a.chunk.css
www.fansfirst.ca/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/static/css/main.888a0b0a.chunk.css
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-30.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f35c05aa144ba399df3b38b212a1292d9070bbbb857caedae5ae8bdc7ece3072

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
content-encoding
gzip
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 08:18:15 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
etag
W/"e8a804c2ea513c75622ee15354033062"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
2G6PQKajmR07F01hLGLoSaQL-H0_MDwLOAm9yVedMF773aZBEVeuUw==
js
www.googletagmanager.com/gtag/ 		132 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128361305-1
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cda7d07d52c42e059d1f7a39523274c06e756526ac8e99914b965ccb163b6512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51551
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Dec 2023 03:17:01 GMT
3ds2-web-sdk.min.js
libs.fraud.elavon.com/sdk-web-js/1.2.0/ 		130 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.fraud.elavon.com/sdk-web-js/1.2.0/3ds2-web-sdk.min.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:6200:15:dbf7:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a1dce6eeb6dbe84c403811768b526312e32e76a422d0f01bf4a198ca916cd62

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
uk9c0FmyFsNDfzuXcwnHwOzPRNvKWsGV
date
Mon, 11 Dec 2023 02:38:36 GMT
via
1.1 0012c469abc357ca0c936faaf17aa31a.cloudfront.net (CloudFront)
last-modified
Tue, 28 Feb 2023 14:28:05 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
2687
x-amz-server-side-encryption
AES256
etag
"85cf8ea2d0a3d1827495cf96302056be"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
132770
x-amz-cf-id
UZkBKaX7eNIYAQZe8cwVaxs3MiNeEb2PyKeeTRe9dLjyVLcR1bCvLA==
2.0daf34e6.chunk.js
www.fansfirst.ca/static/js/ 		2 MB
577 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-30.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52e4b4846afb6ae2169b4411dd1b731036ce7b4453b7d347821cbe1207abddbb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
content-encoding
gzip
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 08:18:16 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
etag
W/"98c45a128cd25f2b5a93dd31b2b8b27e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
a0N_SAwXFTmSeJfJKKyewazLmeNjXlHDa0vA18xoLk8eDTZpsQF4Hw==
main.79d486a6.chunk.js
www.fansfirst.ca/static/js/ 		2 MB
340 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fansfirst.ca/static/js/main.79d486a6.chunk.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-30.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31e0b8ad891f3bce792b372ea72936e87b845894367b1251ae4ffea7dbfe9124

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
content-encoding
gzip
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 08:18:16 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
etag
W/"dafbaac1f7384580db6159dfd1649356"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
JZTstQ5zLQbcQlChNcjnI3OGWDi99khQAB4UCqXhiADNgxbgQTymiQ==
css2
fonts.googleapis.com/ 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito&family=Nunito+Sans:wght@400;800;900&display=swap
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/css/main.888a0b0a.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1ed9fbdc5be8f34da31534c62573b2b7b7662308edb2bbf8ca0ed6540c5d9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Dec 2023 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 03:17:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Dec 2023 03:17:00 GMT
hotjar-1120382.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1120382.js?sv=6
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-77.yul62.r.cloudfront.net
Software
/
Resource Hash
ad3fb7c0eb7d1ed8b5a20f6de65103699639bb55445b28e492d3b4c9723ea688
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Dec 2023 03:16:41 GMT
via
1.1 1f0f1388abc5c7a2f1935aa322216120.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
20
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/91ce34292f2a1ad9b898e2b567c2f3e0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
tX7WdtfVZgjQN75llqsLx3tda5bRkA2cJGn354VapXyxLWd9lPSPEA==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 11 Dec 2023 03:17:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
c98HQtBGCmUuilBVYCjsKigjy8+9RNcN+5KqhEY1IXQqrPUz2X/V70Wu8NGyXmI0+t8Esn2HYk4I02zoi69FUQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		129 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQM7TN8&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
489eb96b40c010bac11db2279069e1187041ad0a8273837477efa6ab385ece6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49586
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Dec 2023 03:17:01 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::63 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b311ac29f8d7837679d637891db9bbcc84ab0fa8652196d3605de190dc6a6857
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 11 Dec 2023 03:17:01 GMT
post.php
www.facebook.com/plugins/ Frame 9EA8 		72 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fbrock.mansoff%2Fposts%2Fpfbid02c6dchkGQhD44uxhqdD7Ahq4kLVmGxCe19ZSRBz2Fvux6WrGF25BVvaKYSLJrTZZl&show_text=true&width=auto&height=150
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e4a1846c8bfb1c0418be1cb80dee1a88d7aed03738970858a39ce68f8d1cb65
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fansfirst.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 03:17:01 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
GVmAJmnAFleShGWU6/Njx4cN+xFRpKrjitRSFBhDwdUJWsBa4gEFgEyEVkrZV0PhbKCzV0hR04BNuYqNNUrP1g==
x-xss-protection
0
post.php
www.facebook.com/plugins/ Frame 0F03 		72 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Falexander.bell.7906%2Fposts%2Fpfbid02X1RSNXGaWDsbBTj7maAowzuXMHu3GF55XBNx7H8RoidQwRwGf4E4D8JmfySJ5Tkil&show_text=true&width=auto&height=150
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5047bf2ba0bda0b48b400628df7def7f8f9458571e3adfda13118e49b7b74856
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fansfirst.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 03:17:01 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
4iXrH9OupOvlItqMLjFZFJ4lgW47qG9xdDch2WYKw1oE97szliF4bE7CcEKxj3KEdS87MoMI3xNyC5GF17qV9A==
x-xss-protection
0
post.php
www.facebook.com/plugins/ Frame 7822 		72 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c2ec885ba6c9852aa580648f949721d21d4ceaa96f761674bbe0b81ae11574c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fansfirst.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 03:17:01 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
T5Ym3zaf1sAt2xDU3CMLuQ8UCJkLbwdgvaiJpHzzLF9zC7AECDOVxhYSptubh/QEsbyepfgrO5ph3Hb0mlY0CA==
x-xss-protection
0
/
cognito-identity.ca-central-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.ca-central-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f11:f61:e402:9a4a:a5f5:7fa8:699b Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Mon, 11 Dec 2023 03:17:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
b5a0bfcc-9349-4093-9686-3884da6844b9
logo.165f4bb7.png
www.fansfirst.ca/static/media/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fansfirst.ca/static/media/logo.165f4bb7.png
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-30.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5d8f3420a45050a14ed90d14477356f27bc05f331c764e2689ae6a950202cab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 08:18:17 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
etag
"165f4bb7c3757def24345061271bd954"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
68470
x-amz-cf-id
tSXcV2PJhdJaAtncVc2_A1IuevoPCNrvcNpRLphC5MqO8kaGaY7mqQ==
illustration.53c4a5a4.png
www.fansfirst.ca/static/media/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fansfirst.ca/static/media/illustration.53c4a5a4.png
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-30.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca5f10edff78f262743d7845ff6dda9e70c88820bea65b22d2f92e8c54e9584

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 08:18:16 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
etag
"53c4a5a48e1e9788aa601d49fce58e39"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
183846
x-amz-cf-id
sipI__tcCiI6jXl00WPLfNr4PqcodpasKYmrjHuaAWzU3s6muFgrpw==
buyertrust-seal.afcd0ff7.svg
www.fansfirst.ca/static/media/ 		740 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fansfirst.ca/static/media/buyertrust-seal.afcd0ff7.svg
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-30.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91e972fb4cd498d0b06453d5a13a471e44e36a836a3798ff5def6f70f1d03f02

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 08:18:15 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
etag
"afcd0ff7ff13431ee325546f11c02228"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
740
x-amz-cf-id
M5xjUr9f_0pmMUKJ_UxDkp8T33-BuDhVlXt5tHT-sA94-GF8Ctuh4Q==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a42e05091bd51eeddf4efc615439a8a2e9ea683cfce239c6a84f26b53c9e4991

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bed9a7a0311f3db571d726b0b15e8d69c54f01a2b7616fdb46766a6f58d121f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cc567139f4cb99775ea84aa7505e13baaf3198bfa2b5fc7b3e8f0b2ac01392d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		863 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b10f2438a074a9a49aa6f08cb88d14e1e52c0abb4db14f9871a7f255fac2d46

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f40d9b3f79eb25d3ccc600d910ac25cc8c4ce9d15a601ff44faef68c54ce0c18

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50ffc1e935017863ef0292a76e27a485c54b26c778e171b9a325b37fdf490dd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		771 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1295ed6d1f54a9b3add4a5706431f2bf27cfc80aaa1c78c7b472e5c34c20569e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b2fbff77273ec2235f8509d58772d1d39092526dbf136de0df57a55da179ac4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53cec264b1f52982b43052fed9d94205ef7cae9dde6cd5b92740e3b9487002f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/jpeg
/
cognito-identity.ca-central-1.amazonaws.com/ 		66 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.ca-central-1.amazonaws.com/
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f11:f61:e402:9a4a:a5f5:7fa8:699b Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6654d0d2a2b8a4d495a19bcd8186ecac4e0f06c1acfd735cc1f38d4dcc4f90f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Amz-Content-Sha256
6f20e6439c1be362c795c2c46f95b5067215173363b4a47ca1de626cbed41a16
Referer
https://www.fansfirst.ca/
X-Amz-Target
AWSCognitoIdentityService.GetId
accept-language
en-CA,en;q=0.9
X-Amz-User-Agent
aws-amplify/1.0.23 js aws-amplify/1.0.23 js callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Mon, 11 Dec 2023 03:17:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
7de8e02e-cb06-411e-9103-bee78e7aa4b7
content-length
66
content-type
application/x-amz-json-1.1
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito&family=Nunito+Sans:wght@400;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fansfirst.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:18:41 GMT
x-content-type-options
nosniff
age
291500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 18:18:41 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.7/webfonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.7/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.7/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ececd30b13956872441d17b03b9de4c032b5983f0932051e763a0a6d0250842b

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.7/css/all.css
Origin
https://www.fansfirst.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
902454
alt-svc
h3=":443"; ma=86400
content-length
40244
last-modified
Fri, 22 Sep 2023 01:44:11 GMT
server
cloudflare
etag
"64f88ebe25c54a12320f42f0b229961b"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMrWlcvj1PYN55B3vrS3oteN0rX5uQHHIYP31Rfd86E%2BPCYUh41vw40xP4leElXIEQM5%2BQNCCtNE9pHJf8jcrf6JYlHwobijeZoHN%2B8y9KrwHSzeyt4NTNUrJJwIjEsrGUO3hKrxRXLAwz5zcCeW9igb"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
833a927d3c72870a-ORD
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NDX9XPC0BZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128361305-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7d1c558bde2c709d1bd539a0ef783951fae245830f5d716f2dcaf8a5db11eee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91864
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Dec 2023 03:17:01 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128361305-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Dec 2023 02:09:17 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4064
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 11 Dec 2023 04:09:17 GMT
modules.0ef46a83101151841364.js
script.hotjar.com/ 		218 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0ef46a83101151841364.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1120382.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-117.yul62.r.cloudfront.net
Software
/
Resource Hash
72d0e968a2bc13b2b3af3a39d1aa6f240e37b3054feaf1ca31b18399974111fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
300774
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55456
last-modified
Thu, 07 Dec 2023 15:44:01 GMT
etag
"4f152a0a4d20e1d992c5c15c49e98463"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
TOZlfk-1xXxpMrv4dyJgAV4YAJEr5lCgvQX0KhxNMWnifJq7OnuYLA==
collect
www.google-analytics.com/g/ 		0
172 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NDX9XPC0BZ&gtm=45je3bt0v867967753&_p=1702264620936&gcd=11l1l1l1l1&dma=0&cid=1045466290.1702264622&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702264621&sct=1&seg=0&dl=https%3A%2F%2Fwww.fansfirst.ca%2F&dt=FansFirst%20-%20Buy%20Cheap%20NHL%2FNBA%2FMLB%2FCFL%20Tickets&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2533
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NDX9XPC0BZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 03:17:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fansfirst.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 		501 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fansfirst.ca/
Origin
https://www.fansfirst.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 02:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204921
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 02:57:38 GMT
2400582773457225
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2400582773457225?v=2.9.138&r=stable&domain=www.fansfirst.ca
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1dbfa78f0ff5b721b0a0bdc774ef7518d0fe2c71720ced5e2eeceb1c216ad382
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 11 Dec 2023 03:17:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
RzGZJ+LpQ7EFdGG2MderYCt85zFUduen3skyltzql1IACqW3KqXWAMl+2pbFDvBmdeyZ943Ry+kd+ZDLAdMHoQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1714955655&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fansfirst.ca%2F&ul=en-us&de=UTF-8&dt=FansFirst%20-%20Buy%20Cheap%20NHL%2FNBA%2FMLB%2FCFL%20Tickets&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=763730480&gjid=1458104634&cid=1045466290.1702264622&tid=UA-128361305-1&_gid=1538270113.1702264622&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1771472666
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 03:17:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fansfirst.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cognito-identity.ca-central-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.ca-central-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f11:f61:e402:9a4a:a5f5:7fa8:699b Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Mon, 11 Dec 2023 03:17:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
d5f878d9-9cbd-4de2-9acd-ce99c9f4740c
/
cognito-identity.ca-central-1.amazonaws.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.ca-central-1.amazonaws.com/
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f11:f61:e402:9a4a:a5f5:7fa8:699b Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9f2da5dea09e34b763027700bdbbc0d350b59f4f0a7b0c8e63bed1daf6a51282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Amz-Content-Sha256
6654d0d2a2b8a4d495a19bcd8186ecac4e0f06c1acfd735cc1f38d4dcc4f90f1
Referer
https://www.fansfirst.ca/
X-Amz-Target
AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language
en-CA,en;q=0.9
X-Amz-User-Agent
aws-amplify/1.0.23 js aws-amplify/1.0.23 js callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Mon, 11 Dec 2023 03:17:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
73de6bca-3d3b-434a-88dd-21bfc269e695
content-length
1819
content-type
application/x-amz-json-1.1
/
www.facebook.com/tr/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2400582773457225&ev=PageView&dl=https%3A%2F%2Fwww.fansfirst.ca%2F&rl=&if=false&ts=1702264622091&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702264622090.675823658&ler=empty&it=1702264621822&coo=false&rqm=GET
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Dec 2023 03:17:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
Cx_2zPMFxd6.js
static.xx.fbcdn.net/rsrc.php/v3i4yZ4/yn/l/en_US/ Frame 0F03 		751 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i4yZ4/yn/l/en_US/Cx_2zPMFxd6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Falexander.bell.7906%2Fposts%2Fpfbid02X1RSNXGaWDsbBTj7maAowzuXMHu3GF55XBNx7H8RoidQwRwGf4E4D8JmfySJ5Tkil&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
703beefc6c6007813777747245147fe18236041eba6cbfe9be89673b1d031672
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oy30lcBqsDdcIDTuuruHFQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
192594
reporting-endpoints
x-fb-debug
vYGIioBdRLZKgWfL+r/kiHYZhZWkImwxCt+iY352MX2oM3o26dp1FsJ6iPrnr9Mwe8borHjg+LxSy63f9vvFRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 02:16:18 GMT
289455291_10159872243790610_5770676891581630828_n.jpg
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 0F03 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/289455291_10159872243790610_5770676891581630828_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=4da83f&_nc_ohc=y5l0wDvcEFkAX8wta5n&_nc_ht=scontent-ord5-2.xx&edm=AN6CN6oEAAAA&oh=00_AfDg0eNiIUyh8xhW4uDDcwe6DXxPvA_g9kojQDWFT9ci3Q&oe=657A9B50
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Falexander.bell.7906%2Fposts%2Fpfbid02X1RSNXGaWDsbBTj7maAowzuXMHu3GF55XBNx7H8RoidQwRwGf4E4D8JmfySJ5Tkil&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
704b68104ce2d5f9ebd8b65b2ffbca32e4206fe3eecea67ff796d0ff6d141d8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:02 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 27 Jun 2022 23:13:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3844293630
thrift_fmhk
GBDQ2jSxl76m6LvUYaAlg94mFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1795567999
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1690
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 0F03 		522 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Falexander.bell.7906%2Fposts%2Fpfbid02X1RSNXGaWDsbBTj7maAowzuXMHu3GF55XBNx7H8RoidQwRwGf4E4D8JmfySJ5Tkil&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
x-content-type-options
nosniff
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
522
reporting-endpoints
x-fb-debug
CqDAXj5XFOgFnUb1k+nSfAubn8NE+/us7RoXAgTf9glyFcxy2U2pLAChj1RHABxz+TRx0meFSH0XsiFEJ4D2AQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 10:06:08 GMT
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 0F03 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Falexander.bell.7906%2Fposts%2Fpfbid02X1RSNXGaWDsbBTj7maAowzuXMHu3GF55XBNx7H8RoidQwRwGf4E4D8JmfySJ5Tkil&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2023
reporting-endpoints
x-fb-debug
5RgAZj6rSjNR80Boeorf/tWXhHsBD+noUa8aalgdswkcmBl7zt7FhoG3tQVVGGBA6rAP1JVPkYhAK4JO6pF2GQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 08:00:53 GMT
Cx_2zPMFxd6.js
static.xx.fbcdn.net/rsrc.php/v3i4yZ4/yn/l/en_US/ Frame 7822 		751 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i4yZ4/yn/l/en_US/Cx_2zPMFxd6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
703beefc6c6007813777747245147fe18236041eba6cbfe9be89673b1d031672
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oy30lcBqsDdcIDTuuruHFQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
192594
reporting-endpoints
x-fb-debug
vYGIioBdRLZKgWfL+r/kiHYZhZWkImwxCt+iY352MX2oM3o26dp1FsJ6iPrnr9Mwe8borHjg+LxSy63f9vvFRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 02:16:18 GMT
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 7822 		522 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
x-content-type-options
nosniff
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
522
reporting-endpoints
x-fb-debug
CqDAXj5XFOgFnUb1k+nSfAubn8NE+/us7RoXAgTf9glyFcxy2U2pLAChj1RHABxz+TRx0meFSH0XsiFEJ4D2AQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 10:06:08 GMT
28336514_10101302550391575_4706732070745642440_o.jpg
scontent-ord5-1.xx.fbcdn.net/v/t31.18172-1/ Frame 7822 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ord5-1.xx.fbcdn.net/v/t31.18172-1/28336514_10101302550391575_4706732070745642440_o.jpg?stp=c461.123.889.889a_cp0_dst-jpg_s50x50&_nc_cat=108&ccb=1-7&_nc_sid=db1b99&_nc_ohc=Hs1tyfI9WIgAX_jVY3S&_nc_ht=scontent-ord5-1.xx&edm=AN6CN6oEAAAA&oh=00_AfAz6_HQF-0B4NIxJFZtBGNzLVokKX8QNxdSx4v2pKjMqw&oe=659DE30B
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1a78bcd2d3beb760b890da4e94d89221f1d5e0c5be50b20ebda819b32a55c61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:02 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 26 Feb 2018 08:06:16 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=648681203
thrift_fmhk
GBCMDTVr+76z4k1vnCy30pBzFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2839943436
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1585
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 7822 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fchrisle9%2Fposts%2Fpfbid0rUSHqgyjagHRtkKjXPFSv1fXc7DjGyk6wxEzjh7wKXhNB3AobLkz5XsU5dfX1Nnsl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2023
reporting-endpoints
x-fb-debug
5RgAZj6rSjNR80Boeorf/tWXhHsBD+noUa8aalgdswkcmBl7zt7FhoG3tQVVGGBA6rAP1JVPkYhAK4JO6pF2GQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 08:00:53 GMT
Cx_2zPMFxd6.js
static.xx.fbcdn.net/rsrc.php/v3i4yZ4/yn/l/en_US/ Frame 9EA8 		751 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i4yZ4/yn/l/en_US/Cx_2zPMFxd6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fbrock.mansoff%2Fposts%2Fpfbid02c6dchkGQhD44uxhqdD7Ahq4kLVmGxCe19ZSRBz2Fvux6WrGF25BVvaKYSLJrTZZl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
703beefc6c6007813777747245147fe18236041eba6cbfe9be89673b1d031672
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oy30lcBqsDdcIDTuuruHFQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
192594
reporting-endpoints
x-fb-debug
vYGIioBdRLZKgWfL+r/kiHYZhZWkImwxCt+iY352MX2oM3o26dp1FsJ6iPrnr9Mwe8borHjg+LxSy63f9vvFRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 02:16:18 GMT
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 9EA8 		522 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fbrock.mansoff%2Fposts%2Fpfbid02c6dchkGQhD44uxhqdD7Ahq4kLVmGxCe19ZSRBz2Fvux6WrGF25BVvaKYSLJrTZZl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
x-content-type-options
nosniff
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
522
reporting-endpoints
x-fb-debug
CqDAXj5XFOgFnUb1k+nSfAubn8NE+/us7RoXAgTf9glyFcxy2U2pLAChj1RHABxz+TRx0meFSH0XsiFEJ4D2AQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 10:06:08 GMT
319181510_3452259581764772_8720354734378568082_n.jpg
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 9EA8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/319181510_3452259581764772_8720354734378568082_n.jpg?stp=c8.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=4da83f&_nc_ohc=Xel3BhcYMlAAX_K203m&_nc_ht=scontent-ord5-2.xx&edm=AN6CN6oEAAAA&oh=00_AfBuQjjEJR9abl8UDbOZkxov4pni604bY7qsvFARCnblkQ&oe=657B6518
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fbrock.mansoff%2Fposts%2Fpfbid02c6dchkGQhD44uxhqdD7Ahq4kLVmGxCe19ZSRBz2Fvux6WrGF25BVvaKYSLJrTZZl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be2c5216bddec816ecdc139b2a94e821724e2cbd16ef5b7c19b71f0c1b265870

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:02 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Tue, 13 Dec 2022 01:44:52 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1631173369
thrift_fmhk
GBDEWyprMC+3jmcC/6OW/vCfFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
71447644
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1967
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 9EA8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fbrock.mansoff%2Fposts%2Fpfbid02c6dchkGQhD44uxhqdD7Ahq4kLVmGxCe19ZSRBz2Fvux6WrGF25BVvaKYSLJrTZZl&show_text=true&width=auto&height=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 03:17:02 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2023
reporting-endpoints
x-fb-debug
5RgAZj6rSjNR80Boeorf/tWXhHsBD+noUa8aalgdswkcmBl7zt7FhoG3tQVVGGBA6rAP1JVPkYhAK4JO6pF2GQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 08:00:53 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-128361305-1&cid=1045466290.1702264622&jid=763730480&gjid=1458104634&_gid=1538270113.1702264622&_u=YADAAUAAAAAAACAAI~&z=1179752826
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 11 Dec 2023 03:17:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fansfirst.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
calgary-flames
api-v2.fansfirst.ca/marketplace/events/homepage/by/homeTeamSlug/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/events/homepage/by/homeTeamSlug/calgary-flames?includeMinPrices=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-83.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
3
content-type
application/json
date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-apigw-id
PwjPVEHw4osEtCw=
x-amz-cf-id
cJabQjIjWKNWujn3LOkQIxXZEWyALaQFkoue2PKqesfDHhkWQqoXAw==
x-amz-cf-pop
YUL62-P2
x-amzn-requestid
50b55790-8cb4-46cd-9c73-050d8bacf837
x-cache
Miss from cloudfront
currencyRate
api-v2.fansfirst.ca/marketplace/ticketEvo/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/ticketEvo/currencyRate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-83.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
3
content-type
application/json
date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-apigw-id
PwjPVGaU4osEXjg=
x-amz-cf-id
YTkv-gLyaPGBJ-94qaaunMokJh5pBNIyI-0tGj29lKD8v52H4LutJQ==
x-amz-cf-pop
YUL62-P2
x-amzn-requestid
98be448a-e3ed-4c0e-af1e-f09fa7400b4b
x-cache
Miss from cloudfront
get-emergency-mode
api-v2.fansfirst.ca/marketplace/emergencyMode/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/emergencyMode/get-emergency-mode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-83.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
3
content-type
application/json
date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-apigw-id
PwjPVECgYosEdxQ=
x-amz-cf-id
X8-px3m88U1wMCgA8Jx_DX9kojunY7DEBD1LqhHQay1Kz2eWkFgGxw==
x-amz-cf-pop
YUL62-P2
x-amzn-requestid
769c1edf-3298-4c73-9e9a-7a51f313033f
x-cache
Miss from cloudfront
latest
api-v2.fansfirst.ca/blogs/get/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/blogs/get/latest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-83.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.fansfirst.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
3
content-type
application/json
date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-apigw-id
PwjPVEJnYosEk-A=
x-amz-cf-id
aZt7_SshstNFoJbuD9luOtVqpxia091vnxIAOpX4VLJ5rPSnd1sKcQ==
x-amz-cf-pop
YUL62-P2
x-amzn-requestid
323b9db5-9f5a-44d9-a9e3-621a336ba633
x-cache
Miss from cloudfront
calgary-flames
api-v2.fansfirst.ca/marketplace/events/homepage/by/homeTeamSlug/ 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/events/homepage/by/homeTeamSlug/calgary-flames?includeMinPrices=true
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-83.yul62.r.cloudfront.net
Software
/
Resource Hash
c5c333d16d7c0a1530fe9081d41e3e31f4a8c51d9735d6b948de7251b66012ed

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEJP//////////wEaDGNhLWNlbnRyYWwtMSJGMEQCIDw2FU23JJ7Wyo0DRedcJJcIFokI2FY60wi0BXF0cIs/AiBUbqUiGpkMKu0qbkbuanKCV6Bawxew1kCvZFOljV9+DSrTBQj8//////////8BEAAaDDI2MTA5MDgxNjc1MCIM2gKCxHR9gmpECed7KqcFT7REodPb7pJCsoJ83ieZwgW2hZAXt4BS3nHZF+BCtfu1gY4byb7gvBBxCbT/tFs5atYMwmJ+BjDxFUSaHlXoAwEHKI0JvneD0q1nLld+az50Ec1e9a/Q6MkkhcxAzOOTPFUR+KC/BJAKrx3OX76sPTvn6xp/rTlBsByGX5b1xUJHgATZeMgq5WBUxN4hYXRQjHjbChpI0HYwprHNBczztZP1eeRqfXmkv9pfvz8Kb+1kDe8HnW8/UGf16G7jG/J9FBibtIU7qGoEJHbmYmAnmKaHh6m3LvFuJn9S2X98kXNIRNLyx8vMmoSBX6eUZtNW1MjbXbCC4nz52y2bd4yBhEWuup8j/HeQzaHN/7th+LbR2x01MmVwvPTOqBuCHXjuq5USbHyYEbXOxX53pTwOqiUaQyCql4sJTM+wzVYG5d+f8z4sL/5sfqwEQmc+5ezaJvPBTZKIGtlMuih8D+sznx3XzFx24Qxn0loyP8Dhjd2YGGZOmiRZModUj9nU2uFxqKAaBw9ghbUIeMIUdASWpnw842phoHfsfvGGdazrs3X4kluVY6QS4/jRR1HycCo8qybCUNeAal++bhdiYCToCx4CLc8dubNMUbkaO9Z/L4fIGpCmFy3lmDciqPhh6yiJv9IPLBvy0P+L+3hkoq3hqAqmCbmXKqJTQw3VVLZMQS9wSLv2XGTuEzHGNfAAp/p2fetOFrdFbQm9NGt2Gh7y36MsBI33Ot72IwuBz1e0z5ZmJcUjpxedepntvLmfb8oNSoa/1tP+e0fXpRi8CU4KsqWrM85LE1W2dhm7vxzSgx1bbooB9zBrfLIwHVoC9p9o1FdGAcUPfWuogeaIjyl+CpR0QFcY1/ICtWoZCCtGbYBMMJOgl9A6ba1L0S/PfyC4bN8qRE6bsTCu/tmrBjrjAn6NwiUOFRln4nC5BbZrTgFiomcOzVhEfaydcZSGUh/lgBsbGmH9i7dmWA5mh8dwsuPxuvT02L2vflMm8hWW5pIMF1lWQKuE20FRmb6K9ZpJxUwQo10aT8LEBs9VE+Z2UzOD38sw8UB9OqryLGyOi28T8/YRQt+AUhCh0yBLjhsPSYXKBaWHvYbkduymB729h/gPghH6ZX37sjmfuMWZtSkfBln8U885kak1YHwuUCI4VMcWh7woTOEfxwCoKeLztUUa9leGSoRj5nLksRBRHryqWktZcAYp1qOHonuMFXbXrKKjP5zxWMP0rGdkkb3/hsMsuk5l/bzYhhwCiWcW63DwVk2ltGY2/5nwIL9whGihiGqPbpXNtIHsLaqyym7umvni3ggb5YehRxhWdpf6wu+T0IdK15KJPpHF1hoqb7cQtRuYUl74fZl92gqgtQXs0NQFOv23hEuglxT6ZyZb3zuZp6c=
Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
x-amz-date
20231211T031702Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIATZSRZWLXGKZI3JUR/20231211/ca-central-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=607a551a6b58b1dbf6d3a27da4c596912073c391426fac3576dde9a5f72b8e8d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:04 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-amzn-requestid
a238baa7-048f-44cf-a2e4-0f29b2cf0629
x-amzn-trace-id
Root=1-65767f2e-0bc03e492f4d237475409cde;Sampled=0;lineage=b59959b0:0
access-control-max-age
600
access-control-allow-methods
GET, HEAD, POST, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
*
x-amz-apigw-id
PwjPWF1xYosEDlg=
content-length
16436
x-amz-cf-id
tvirrxW5lC6--MxtNarR9V3iG5gh1cCA-YmFgQmOzKncSK4roUGq9Q==
access-control-allow-headers
*
currencyRate
api-v2.fansfirst.ca/marketplace/ticketEvo/ 		61 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/ticketEvo/currencyRate
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-83.yul62.r.cloudfront.net
Software
/
Resource Hash
f9a0ff0913b1250f8478a7d536f30aaad2591f6bcb7557871f08a38be2c88cb5

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEJP//////////wEaDGNhLWNlbnRyYWwtMSJGMEQCIDw2FU23JJ7Wyo0DRedcJJcIFokI2FY60wi0BXF0cIs/AiBUbqUiGpkMKu0qbkbuanKCV6Bawxew1kCvZFOljV9+DSrTBQj8//////////8BEAAaDDI2MTA5MDgxNjc1MCIM2gKCxHR9gmpECed7KqcFT7REodPb7pJCsoJ83ieZwgW2hZAXt4BS3nHZF+BCtfu1gY4byb7gvBBxCbT/tFs5atYMwmJ+BjDxFUSaHlXoAwEHKI0JvneD0q1nLld+az50Ec1e9a/Q6MkkhcxAzOOTPFUR+KC/BJAKrx3OX76sPTvn6xp/rTlBsByGX5b1xUJHgATZeMgq5WBUxN4hYXRQjHjbChpI0HYwprHNBczztZP1eeRqfXmkv9pfvz8Kb+1kDe8HnW8/UGf16G7jG/J9FBibtIU7qGoEJHbmYmAnmKaHh6m3LvFuJn9S2X98kXNIRNLyx8vMmoSBX6eUZtNW1MjbXbCC4nz52y2bd4yBhEWuup8j/HeQzaHN/7th+LbR2x01MmVwvPTOqBuCHXjuq5USbHyYEbXOxX53pTwOqiUaQyCql4sJTM+wzVYG5d+f8z4sL/5sfqwEQmc+5ezaJvPBTZKIGtlMuih8D+sznx3XzFx24Qxn0loyP8Dhjd2YGGZOmiRZModUj9nU2uFxqKAaBw9ghbUIeMIUdASWpnw842phoHfsfvGGdazrs3X4kluVY6QS4/jRR1HycCo8qybCUNeAal++bhdiYCToCx4CLc8dubNMUbkaO9Z/L4fIGpCmFy3lmDciqPhh6yiJv9IPLBvy0P+L+3hkoq3hqAqmCbmXKqJTQw3VVLZMQS9wSLv2XGTuEzHGNfAAp/p2fetOFrdFbQm9NGt2Gh7y36MsBI33Ot72IwuBz1e0z5ZmJcUjpxedepntvLmfb8oNSoa/1tP+e0fXpRi8CU4KsqWrM85LE1W2dhm7vxzSgx1bbooB9zBrfLIwHVoC9p9o1FdGAcUPfWuogeaIjyl+CpR0QFcY1/ICtWoZCCtGbYBMMJOgl9A6ba1L0S/PfyC4bN8qRE6bsTCu/tmrBjrjAn6NwiUOFRln4nC5BbZrTgFiomcOzVhEfaydcZSGUh/lgBsbGmH9i7dmWA5mh8dwsuPxuvT02L2vflMm8hWW5pIMF1lWQKuE20FRmb6K9ZpJxUwQo10aT8LEBs9VE+Z2UzOD38sw8UB9OqryLGyOi28T8/YRQt+AUhCh0yBLjhsPSYXKBaWHvYbkduymB729h/gPghH6ZX37sjmfuMWZtSkfBln8U885kak1YHwuUCI4VMcWh7woTOEfxwCoKeLztUUa9leGSoRj5nLksRBRHryqWktZcAYp1qOHonuMFXbXrKKjP5zxWMP0rGdkkb3/hsMsuk5l/bzYhhwCiWcW63DwVk2ltGY2/5nwIL9whGihiGqPbpXNtIHsLaqyym7umvni3ggb5YehRxhWdpf6wu+T0IdK15KJPpHF1hoqb7cQtRuYUl74fZl92gqgtQXs0NQFOv23hEuglxT6ZyZb3zuZp6c=
Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
x-amz-date
20231211T031702Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIATZSRZWLXGKZI3JUR/20231211/ca-central-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=02229a1e90b0b980bdf5c806ea7c628e7117a7ed2b1e87daff80d740a7f6bbfb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-amzn-requestid
93917ea0-3828-465c-bc17-2c6a6047c082
x-amzn-trace-id
Root=1-65767f2e-369b16f823592b602385c2e6;Sampled=0;lineage=edb250dd:0
access-control-max-age
600
access-control-allow-methods
GET, HEAD, POST, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
*
x-amz-apigw-id
PwjPWGlh4osEBpw=
content-length
61
x-amz-cf-id
U1JLvn9IoeJfOZWwqR6wCydl8f6OLnV-Q1qwxrPlXw7jE1cEmwvqAQ==
access-control-allow-headers
*
get-emergency-mode
api-v2.fansfirst.ca/marketplace/emergencyMode/ 		7 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/marketplace/emergencyMode/get-emergency-mode
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-83.yul62.r.cloudfront.net
Software
/
Resource Hash
cea17e0b05e3e6ace77ec2d13b5870803ef957ad160f289cca6a3a4a826d20af

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEJP//////////wEaDGNhLWNlbnRyYWwtMSJGMEQCIDw2FU23JJ7Wyo0DRedcJJcIFokI2FY60wi0BXF0cIs/AiBUbqUiGpkMKu0qbkbuanKCV6Bawxew1kCvZFOljV9+DSrTBQj8//////////8BEAAaDDI2MTA5MDgxNjc1MCIM2gKCxHR9gmpECed7KqcFT7REodPb7pJCsoJ83ieZwgW2hZAXt4BS3nHZF+BCtfu1gY4byb7gvBBxCbT/tFs5atYMwmJ+BjDxFUSaHlXoAwEHKI0JvneD0q1nLld+az50Ec1e9a/Q6MkkhcxAzOOTPFUR+KC/BJAKrx3OX76sPTvn6xp/rTlBsByGX5b1xUJHgATZeMgq5WBUxN4hYXRQjHjbChpI0HYwprHNBczztZP1eeRqfXmkv9pfvz8Kb+1kDe8HnW8/UGf16G7jG/J9FBibtIU7qGoEJHbmYmAnmKaHh6m3LvFuJn9S2X98kXNIRNLyx8vMmoSBX6eUZtNW1MjbXbCC4nz52y2bd4yBhEWuup8j/HeQzaHN/7th+LbR2x01MmVwvPTOqBuCHXjuq5USbHyYEbXOxX53pTwOqiUaQyCql4sJTM+wzVYG5d+f8z4sL/5sfqwEQmc+5ezaJvPBTZKIGtlMuih8D+sznx3XzFx24Qxn0loyP8Dhjd2YGGZOmiRZModUj9nU2uFxqKAaBw9ghbUIeMIUdASWpnw842phoHfsfvGGdazrs3X4kluVY6QS4/jRR1HycCo8qybCUNeAal++bhdiYCToCx4CLc8dubNMUbkaO9Z/L4fIGpCmFy3lmDciqPhh6yiJv9IPLBvy0P+L+3hkoq3hqAqmCbmXKqJTQw3VVLZMQS9wSLv2XGTuEzHGNfAAp/p2fetOFrdFbQm9NGt2Gh7y36MsBI33Ot72IwuBz1e0z5ZmJcUjpxedepntvLmfb8oNSoa/1tP+e0fXpRi8CU4KsqWrM85LE1W2dhm7vxzSgx1bbooB9zBrfLIwHVoC9p9o1FdGAcUPfWuogeaIjyl+CpR0QFcY1/ICtWoZCCtGbYBMMJOgl9A6ba1L0S/PfyC4bN8qRE6bsTCu/tmrBjrjAn6NwiUOFRln4nC5BbZrTgFiomcOzVhEfaydcZSGUh/lgBsbGmH9i7dmWA5mh8dwsuPxuvT02L2vflMm8hWW5pIMF1lWQKuE20FRmb6K9ZpJxUwQo10aT8LEBs9VE+Z2UzOD38sw8UB9OqryLGyOi28T8/YRQt+AUhCh0yBLjhsPSYXKBaWHvYbkduymB729h/gPghH6ZX37sjmfuMWZtSkfBln8U885kak1YHwuUCI4VMcWh7woTOEfxwCoKeLztUUa9leGSoRj5nLksRBRHryqWktZcAYp1qOHonuMFXbXrKKjP5zxWMP0rGdkkb3/hsMsuk5l/bzYhhwCiWcW63DwVk2ltGY2/5nwIL9whGihiGqPbpXNtIHsLaqyym7umvni3ggb5YehRxhWdpf6wu+T0IdK15KJPpHF1hoqb7cQtRuYUl74fZl92gqgtQXs0NQFOv23hEuglxT6ZyZb3zuZp6c=
Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
x-amz-date
20231211T031702Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIATZSRZWLXGKZI3JUR/20231211/ca-central-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=3e9373898dc03bb0573fd34ad8536c3f9aa7936a49a9246de412c3243927d79c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:02 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-amzn-requestid
690a62d9-61b5-4663-b58a-402e7ecf6a4d
x-amzn-trace-id
Root=1-65767f2e-5337027221fd321a1575f0c1;Sampled=0;lineage=60f2ce9c:0
access-control-max-age
600
access-control-allow-methods
GET, HEAD, POST, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
*
x-amz-apigw-id
PwjPWF1x4osEDlg=
content-length
7
x-amz-cf-id
I1gx8EbRyBzzUoITcz88LdMgcmc1EtQzHdjtt32HyLS6pI5FL3IH1g==
access-control-allow-headers
*
latest
api-v2.fansfirst.ca/blogs/get/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.fansfirst.ca/blogs/get/latest
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-83.yul62.r.cloudfront.net
Software
/
Resource Hash
8e8e2882e30b7819a426325b74c9afc57ae4506c70b7f230a52cf618a6b668f7

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEJP//////////wEaDGNhLWNlbnRyYWwtMSJGMEQCIDw2FU23JJ7Wyo0DRedcJJcIFokI2FY60wi0BXF0cIs/AiBUbqUiGpkMKu0qbkbuanKCV6Bawxew1kCvZFOljV9+DSrTBQj8//////////8BEAAaDDI2MTA5MDgxNjc1MCIM2gKCxHR9gmpECed7KqcFT7REodPb7pJCsoJ83ieZwgW2hZAXt4BS3nHZF+BCtfu1gY4byb7gvBBxCbT/tFs5atYMwmJ+BjDxFUSaHlXoAwEHKI0JvneD0q1nLld+az50Ec1e9a/Q6MkkhcxAzOOTPFUR+KC/BJAKrx3OX76sPTvn6xp/rTlBsByGX5b1xUJHgATZeMgq5WBUxN4hYXRQjHjbChpI0HYwprHNBczztZP1eeRqfXmkv9pfvz8Kb+1kDe8HnW8/UGf16G7jG/J9FBibtIU7qGoEJHbmYmAnmKaHh6m3LvFuJn9S2X98kXNIRNLyx8vMmoSBX6eUZtNW1MjbXbCC4nz52y2bd4yBhEWuup8j/HeQzaHN/7th+LbR2x01MmVwvPTOqBuCHXjuq5USbHyYEbXOxX53pTwOqiUaQyCql4sJTM+wzVYG5d+f8z4sL/5sfqwEQmc+5ezaJvPBTZKIGtlMuih8D+sznx3XzFx24Qxn0loyP8Dhjd2YGGZOmiRZModUj9nU2uFxqKAaBw9ghbUIeMIUdASWpnw842phoHfsfvGGdazrs3X4kluVY6QS4/jRR1HycCo8qybCUNeAal++bhdiYCToCx4CLc8dubNMUbkaO9Z/L4fIGpCmFy3lmDciqPhh6yiJv9IPLBvy0P+L+3hkoq3hqAqmCbmXKqJTQw3VVLZMQS9wSLv2XGTuEzHGNfAAp/p2fetOFrdFbQm9NGt2Gh7y36MsBI33Ot72IwuBz1e0z5ZmJcUjpxedepntvLmfb8oNSoa/1tP+e0fXpRi8CU4KsqWrM85LE1W2dhm7vxzSgx1bbooB9zBrfLIwHVoC9p9o1FdGAcUPfWuogeaIjyl+CpR0QFcY1/ICtWoZCCtGbYBMMJOgl9A6ba1L0S/PfyC4bN8qRE6bsTCu/tmrBjrjAn6NwiUOFRln4nC5BbZrTgFiomcOzVhEfaydcZSGUh/lgBsbGmH9i7dmWA5mh8dwsuPxuvT02L2vflMm8hWW5pIMF1lWQKuE20FRmb6K9ZpJxUwQo10aT8LEBs9VE+Z2UzOD38sw8UB9OqryLGyOi28T8/YRQt+AUhCh0yBLjhsPSYXKBaWHvYbkduymB729h/gPghH6ZX37sjmfuMWZtSkfBln8U885kak1YHwuUCI4VMcWh7woTOEfxwCoKeLztUUa9leGSoRj5nLksRBRHryqWktZcAYp1qOHonuMFXbXrKKjP5zxWMP0rGdkkb3/hsMsuk5l/bzYhhwCiWcW63DwVk2ltGY2/5nwIL9whGihiGqPbpXNtIHsLaqyym7umvni3ggb5YehRxhWdpf6wu+T0IdK15KJPpHF1hoqb7cQtRuYUl74fZl92gqgtQXs0NQFOv23hEuglxT6ZyZb3zuZp6c=
Referer
https://www.fansfirst.ca/
accept-language
en-CA,en;q=0.9
x-amz-date
20231211T031702Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIATZSRZWLXGKZI3JUR/20231211/ca-central-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=9f54fbf0b738dd3b51640c1df5aeca0a9690f719ac9277909a065e4762313631
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:17:03 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-amzn-requestid
466228d8-ad4b-4de5-a23c-56d8659787d8
x-amzn-trace-id
Root=1-65767f2e-6ae0058e1f722e6e2cfaee78;Sampled=0;lineage=c7248993:0
access-control-max-age
600
access-control-allow-methods
GET, HEAD, POST, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
*
x-amz-apigw-id
PwjPWF7aYosEOPw=
content-length
4450
x-amz-cf-id
M67k0NR0ylNJvkkLIOGSvY_vzEmP7RRpJmyEM7Hbt_ib9GALG11mug==
access-control-allow-headers
*
grey-cup-game-tickets-on-november-19.json
json-blogs-bucket.s3.amazonaws.com/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://json-blogs-bucket.s3.amazonaws.com/grey-cup-game-tickets-on-november-19.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIATZSRZWLXGS3MEOMN%2F20231211%2Fca-central-1%2Fs3%2Faws4_request&X-Amz-Date=20231211T031702Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaDGNhLWNlbnRyYWwtMSJHMEUCIQCGROtE4lwn3LW%2BpgltfkjLCWgYp6mru8CXpjni2TPWJAIgWdvZ6UdNvQwbSDcPQBhIuMSocZgDzWIDiwYtkz9l5HMq0QMI%2FP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgwyNjEwOTA4MTY3NTAiDHUvXUSbARIkN0KaiSqlA5N7kEnCZVfmg5Y1yaPBxXiiLCcx3AZH0pTA2UgfjRdgcR9MkveH9bI%2B%2BlyJbXyUhtMwVYBG7Ok9o%2FInlcutkRr%2BVVEmd9034F7xQDM5Ad%2F2wbWAzb8TM9JN%2BFOntBeB71hAzvOG8JlLyd4g7i5TZsaFkWWXOykF5H6MeiPU6kTIyHbHnFPelsAmWVqyWReBHJyVCOeFlYpShnyT3uGF5bjixConjWMVgcy8ACT8gM8XW%2B9%2BC4EODKn0nYRM2lbxLzqJaPflKDEM4b6C3PsfzMsaJAGvyYKqcoLeM3L%2B%2FHVFA12p6uDfTwqpTZ8ZA0hFDdPc%2BKJUiv9JejQ86R4ct3GfMqTUuDQJ551kOZPBoI1FDGRr3zwwnDbk6oj%2FXwRrYlD63Db1cwrF3LoRUcZlu1xdz8wY%2F0PDfWOkbVGCPQoGNFJKWd4ABNM77b26hbmwfme%2FUprlq%2BUMsA%2F%2BhWjsEkyoZM6YUKsxeLkdyaItvJhNYbIPampPq0P3EQ9Cgt8Jx5ae3WEhMdXp%2BU5iH%2BbBVbNQcD%2FyrC4I1ixrJQy52xrTYeFDB8MwsP3ZqwY6ngE0euQ5UwrTXJfi0iktgchg50liTeZIDGO8n7QDe%2BmAKXcSUBe9w7AQGQ74SwEN5St444h%2Bke4mZE%2FZloMK612Eavfeb6c3YUq15ESli%2B4%2Bu95Wfh6iUTJN43kRPju%2F8gQkyizBT3M6MGeMfUK2Kecy66bJyZUKJLAMhJMJuDShXoHwyvCTkN7EbDPZ1mo8LpwGM1jTGwpwoy%2BhB9rJjA%3D%3D&X-Amz-Signature=052514143df8ff3c7284c630fcc6b0ebab4a6020b4378ca0ba853680bb66fc4c
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.190.36 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6201a1403867c4b995c11ca53fcff90153e70c11ba74aeaff89843d477cc78d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Mon, 11 Dec 2023 03:17:05 GMT
Last-Modified
Wed, 01 Nov 2023 08:44:57 GMT
Server
AmazonS3
x-amz-request-id
7279E12GSVH0K0K2
ETag
"39bdbfb7d9c53967258978bd678b1b0c"
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
POST, GET, PUT, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
3393
x-amz-id-2
nTuBlMrSq7CwmkkvmmbdNr7mUpJYraUa45Sc1Bi/znyrH2JwJJcYJR4yBof15gBc5/Nsb0kfW7k=
regular-season-tickets-with-the-toronto-raptors.json
json-blogs-bucket.s3.amazonaws.com/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://json-blogs-bucket.s3.amazonaws.com/regular-season-tickets-with-the-toronto-raptors.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIATZSRZWLXGS3MEOMN%2F20231211%2Fca-central-1%2Fs3%2Faws4_request&X-Amz-Date=20231211T031702Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaDGNhLWNlbnRyYWwtMSJHMEUCIQCGROtE4lwn3LW%2BpgltfkjLCWgYp6mru8CXpjni2TPWJAIgWdvZ6UdNvQwbSDcPQBhIuMSocZgDzWIDiwYtkz9l5HMq0QMI%2FP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgwyNjEwOTA4MTY3NTAiDHUvXUSbARIkN0KaiSqlA5N7kEnCZVfmg5Y1yaPBxXiiLCcx3AZH0pTA2UgfjRdgcR9MkveH9bI%2B%2BlyJbXyUhtMwVYBG7Ok9o%2FInlcutkRr%2BVVEmd9034F7xQDM5Ad%2F2wbWAzb8TM9JN%2BFOntBeB71hAzvOG8JlLyd4g7i5TZsaFkWWXOykF5H6MeiPU6kTIyHbHnFPelsAmWVqyWReBHJyVCOeFlYpShnyT3uGF5bjixConjWMVgcy8ACT8gM8XW%2B9%2BC4EODKn0nYRM2lbxLzqJaPflKDEM4b6C3PsfzMsaJAGvyYKqcoLeM3L%2B%2FHVFA12p6uDfTwqpTZ8ZA0hFDdPc%2BKJUiv9JejQ86R4ct3GfMqTUuDQJ551kOZPBoI1FDGRr3zwwnDbk6oj%2FXwRrYlD63Db1cwrF3LoRUcZlu1xdz8wY%2F0PDfWOkbVGCPQoGNFJKWd4ABNM77b26hbmwfme%2FUprlq%2BUMsA%2F%2BhWjsEkyoZM6YUKsxeLkdyaItvJhNYbIPampPq0P3EQ9Cgt8Jx5ae3WEhMdXp%2BU5iH%2BbBVbNQcD%2FyrC4I1ixrJQy52xrTYeFDB8MwsP3ZqwY6ngE0euQ5UwrTXJfi0iktgchg50liTeZIDGO8n7QDe%2BmAKXcSUBe9w7AQGQ74SwEN5St444h%2Bke4mZE%2FZloMK612Eavfeb6c3YUq15ESli%2B4%2Bu95Wfh6iUTJN43kRPju%2F8gQkyizBT3M6MGeMfUK2Kecy66bJyZUKJLAMhJMJuDShXoHwyvCTkN7EbDPZ1mo8LpwGM1jTGwpwoy%2BhB9rJjA%3D%3D&X-Amz-Signature=565ceb115f0ec7bbc7b8e5211e35c174908601ae10f6277e877494ba7d6b0269
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.190.36 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4283c3c5a4ed2413178bdcc75061229111a34099d6eb6995352cbf7f7c6ae42f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Mon, 11 Dec 2023 03:17:05 GMT
Last-Modified
Wed, 01 Nov 2023 08:44:55 GMT
Server
AmazonS3
x-amz-request-id
727FQZK9SFWVBGNJ
ETag
"a89fbed34cb604884e7c653c2e8285c2"
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
POST, GET, PUT, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
3918
x-amz-id-2
K3lMMQhgseAt3xEWOJQU1qjICjU47GF4uSzpTpRoqRtMViPbv0EWIBgiQlpfdIFios4MY8IAKNo=
who-will-win-the-grey-cup-this-cfl-season.json
json-blogs-bucket.s3.amazonaws.com/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://json-blogs-bucket.s3.amazonaws.com/who-will-win-the-grey-cup-this-cfl-season.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIATZSRZWLXGS3MEOMN%2F20231211%2Fca-central-1%2Fs3%2Faws4_request&X-Amz-Date=20231211T031702Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaDGNhLWNlbnRyYWwtMSJHMEUCIQCGROtE4lwn3LW%2BpgltfkjLCWgYp6mru8CXpjni2TPWJAIgWdvZ6UdNvQwbSDcPQBhIuMSocZgDzWIDiwYtkz9l5HMq0QMI%2FP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgwyNjEwOTA4MTY3NTAiDHUvXUSbARIkN0KaiSqlA5N7kEnCZVfmg5Y1yaPBxXiiLCcx3AZH0pTA2UgfjRdgcR9MkveH9bI%2B%2BlyJbXyUhtMwVYBG7Ok9o%2FInlcutkRr%2BVVEmd9034F7xQDM5Ad%2F2wbWAzb8TM9JN%2BFOntBeB71hAzvOG8JlLyd4g7i5TZsaFkWWXOykF5H6MeiPU6kTIyHbHnFPelsAmWVqyWReBHJyVCOeFlYpShnyT3uGF5bjixConjWMVgcy8ACT8gM8XW%2B9%2BC4EODKn0nYRM2lbxLzqJaPflKDEM4b6C3PsfzMsaJAGvyYKqcoLeM3L%2B%2FHVFA12p6uDfTwqpTZ8ZA0hFDdPc%2BKJUiv9JejQ86R4ct3GfMqTUuDQJ551kOZPBoI1FDGRr3zwwnDbk6oj%2FXwRrYlD63Db1cwrF3LoRUcZlu1xdz8wY%2F0PDfWOkbVGCPQoGNFJKWd4ABNM77b26hbmwfme%2FUprlq%2BUMsA%2F%2BhWjsEkyoZM6YUKsxeLkdyaItvJhNYbIPampPq0P3EQ9Cgt8Jx5ae3WEhMdXp%2BU5iH%2BbBVbNQcD%2FyrC4I1ixrJQy52xrTYeFDB8MwsP3ZqwY6ngE0euQ5UwrTXJfi0iktgchg50liTeZIDGO8n7QDe%2BmAKXcSUBe9w7AQGQ74SwEN5St444h%2Bke4mZE%2FZloMK612Eavfeb6c3YUq15ESli%2B4%2Bu95Wfh6iUTJN43kRPju%2F8gQkyizBT3M6MGeMfUK2Kecy66bJyZUKJLAMhJMJuDShXoHwyvCTkN7EbDPZ1mo8LpwGM1jTGwpwoy%2BhB9rJjA%3D%3D&X-Amz-Signature=f4ca0d9ebc706fb8e42ed75e278b1be1284affb48743a0d4bf11aacca036910f
Requested by
Host: www.fansfirst.ca
URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.190.36 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f4526c4106388ae96590c2382ba563bc2f34f92eae5b9c5d95896a1daf4d0393

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Mon, 11 Dec 2023 03:17:05 GMT
Last-Modified
Wed, 01 Nov 2023 08:44:53 GMT
Server
AmazonS3
x-amz-request-id
727D8W3VS1NEKTH8
ETag
"40e190a0e975d98b7f32c556375f97c4"
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
POST, GET, PUT, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
4007
x-amz-id-2
jnZxM7vVLxEGIo0XDzkU2fZtniGvbKNNP7SHPMlCjsQ08sbWXTKTZgn999nF6tCdR4YVQ9acd/k=
grey-cup-game-tickets-on-november-19.png
blogs-images-bucket.s3.ca-central-1.amazonaws.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs-images-bucket.s3.ca-central-1.amazonaws.com/grey-cup-game-tickets-on-november-19.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.145.48 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cc52b122c6719e2200f9f1fef734f2a0819c73cf93e5350c0d20747d6eda14ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Mon, 11 Dec 2023 03:17:05 GMT
Last-Modified
Wed, 01 Nov 2023 06:54:57 GMT
Server
AmazonS3
x-amz-request-id
7272ZYCRCGA5SC16
ETag
"e5ba7953b1c65c6245e1b392d1f595de"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1571663
x-amz-id-2
nboNtIrhKTVyCUIgrhQEkU1qaKsa+z9NThAypDppCXMoe5RWHHWJBpMWMsv73Gp33181h6LlFPk=
regular-season-tickets-with-the-toronto-raptors.png
blogs-images-bucket.s3.ca-central-1.amazonaws.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs-images-bucket.s3.ca-central-1.amazonaws.com/regular-season-tickets-with-the-toronto-raptors.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.145.48 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f59e4f8ea566571c1fb6d165e87a6f55e43d940d8de465f8e54ca9c3e7fb49de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Mon, 11 Dec 2023 03:17:05 GMT
Last-Modified
Wed, 01 Nov 2023 06:34:57 GMT
Server
AmazonS3
x-amz-request-id
727BW2FZGNJAGXA8
ETag
"e7a97685d0ce0926255a31da79900a0d"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1081385
x-amz-id-2
EvRW0LDXz1ld5LrvdCbFz5M4PsWZcHLOlbjdWSCi6Gm+IY3Pdm6c3dt6Z7Q1qf3973ipmiJGGqA=
who-will-win-the-grey-cup-this-cfl-season.png
blogs-images-bucket.s3.ca-central-1.amazonaws.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs-images-bucket.s3.ca-central-1.amazonaws.com/who-will-win-the-grey-cup-this-cfl-season.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.145.48 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6b3a7aa431c09f45f0f6bb1da033f49fa836b55ed3f4c7894dfd14c32f6ef0d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.fansfirst.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Mon, 11 Dec 2023 03:17:05 GMT
Last-Modified
Wed, 01 Nov 2023 03:52:44 GMT
Server
AmazonS3
x-amz-request-id
7274CV4DQZWRPMEG
ETag
"a77653fcc28c57acf2ae6985dec0b5d8"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1786198
x-amz-id-2
nbiSZ8U19Mb0bj1D3pTABl8QYaPfIJf86cfrVMcqFsHT9D7Vw/F29AmeLC8y/sF+R4wRWeGiRjs=

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| _local_$ function| _local_jQuery object| ConvergeEmbeddedPayment function| gtag object| dataLayer function| hj object| _hjSettings function| fbq function| _fbq object| regeneratorRuntime function| Elavon3DSWebSDK object| webpackJsonp function| setImmediate function| clearImmediate object| AWS object| __SENTRY__ number| __MUI_GENERATOR_COUNTER__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| eve object| __SECRET_EMOTION__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| onYouTubeIframeAPIReady object| gaGlobal object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaplugins object| gaData object| recaptcha

10 Cookies

Domain/Path Name / Value
.fansfirst.ca/ Name: _ga_NDX9XPC0BZ
Value: GS1.1.1702264621.1.0.1702264621.0.0.0
.fansfirst.ca/ Name: _hjFirstSeen
Value: 1
.fansfirst.ca/ Name: _hjIncludedInSessionSample_1120382
Value: 1
.fansfirst.ca/ Name: _hjSession_1120382
Value: eyJpZCI6IjQyNDEyMWRlLThjNjItNDRlOS1iNTI0LWM5ODA5ZTI4NzdlMCIsImNyZWF0ZWQiOjE3MDIyNjQ2MjE4NzIsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.fansfirst.ca/ Name: _hjSessionUser_1120382
Value: eyJpZCI6IjcwMzJlOGRlLThiNTctNTliOS05NzUwLWEzOWY4NDk3ZDhhNSIsImNyZWF0ZWQiOjE3MDIyNjQ2MjE4NzEsImV4aXN0aW5nIjp0cnVlfQ==
.fansfirst.ca/ Name: _hjAbsoluteSessionInProgress
Value: 0
.fansfirst.ca/ Name: _ga
Value: GA1.2.1045466290.1702264622
.fansfirst.ca/ Name: _gid
Value: GA1.2.1538270113.1702264622
.fansfirst.ca/ Name: _gat_gtag_UA_128361305_1
Value: 1
.fansfirst.ca/ Name: _fbp
Value: fb.1.1702264622090.675823658

10 Console Messages

Source Level URL
Text
other warning URL: https://www.fansfirst.ca/static/js/2.0daf34e6.chunk.js
Message:
Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-v2.fansfirst.ca
api.convergepay.com
blogs-images-bucket.s3.ca-central-1.amazonaws.com
cognito-identity.ca-central-1.amazonaws.com
connect.facebook.net
fansfirst.ca
fonts.googleapis.com
fonts.gstatic.com
json-blogs-bucket.s3.amazonaws.com
libs.fraud.elavon.com
scontent-ord5-1.xx.fbcdn.net
scontent-ord5-2.xx.fbcdn.net
script.hotjar.com
static.hotjar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.fansfirst.ca
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
23.0.16.38
2600:1f11:f61:e402:9a4a:a5f5:7fa8:699b
2600:9000:215f:6200:15:dbf7:4c80:93a1
2606:4700:e2::ac40:8d0d
2607:f8b0:4004:c06::66
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c0b::63
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1b::61
2a03:2880:f07d:0:face:b00c:0:3
2a03:2880:f082:108:face:b00c:0:3
2a03:2880:f082:9:face:b00c:0:3
2a03:2880:f171:81:face:b00c:0:25de
3.162.3.117
3.162.3.29
3.162.3.30
3.162.3.77
3.162.3.83
52.95.145.48
52.95.190.36
1295ed6d1f54a9b3add4a5706431f2bf27cfc80aaa1c78c7b472e5c34c20569e
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
1dbfa78f0ff5b721b0a0bdc774ef7518d0fe2c71720ced5e2eeceb1c216ad382
2a320d8b5c455f83f784dcf2e60e596832d4db80c2cc6e3d2d00cf09b7ae5950
2b10f2438a074a9a49aa6f08cb88d14e1e52c0abb4db14f9871a7f255fac2d46
2b2fbff77273ec2235f8509d58772d1d39092526dbf136de0df57a55da179ac4
31e0b8ad891f3bce792b372ea72936e87b845894367b1251ae4ffea7dbfe9124
3ca5f10edff78f262743d7845ff6dda9e70c88820bea65b22d2f92e8c54e9584
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4283c3c5a4ed2413178bdcc75061229111a34099d6eb6995352cbf7f7c6ae42f
489eb96b40c010bac11db2279069e1187041ad0a8273837477efa6ab385ece6b
4a1dce6eeb6dbe84c403811768b526312e32e76a422d0f01bf4a198ca916cd62
5047bf2ba0bda0b48b400628df7def7f8f9458571e3adfda13118e49b7b74856
50ffc1e935017863ef0292a76e27a485c54b26c778e171b9a325b37fdf490dd9
52e4b4846afb6ae2169b4411dd1b731036ce7b4453b7d347821cbe1207abddbb
53cec264b1f52982b43052fed9d94205ef7cae9dde6cd5b92740e3b9487002f4
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
6654d0d2a2b8a4d495a19bcd8186ecac4e0f06c1acfd735cc1f38d4dcc4f90f1
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
6b3a7aa431c09f45f0f6bb1da033f49fa836b55ed3f4c7894dfd14c32f6ef0d7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bed9a7a0311f3db571d726b0b15e8d69c54f01a2b7616fdb46766a6f58d121f
6c2ec885ba6c9852aa580648f949721d21d4ceaa96f761674bbe0b81ae11574c
703beefc6c6007813777747245147fe18236041eba6cbfe9be89673b1d031672
704b68104ce2d5f9ebd8b65b2ffbca32e4206fe3eecea67ff796d0ff6d141d8f
72d0e968a2bc13b2b3af3a39d1aa6f240e37b3054feaf1ca31b18399974111fb
74a9e53cdd490ac8a2e3d6b12801297d15b64e85b9bcb899f3d44dc358d00cdc
86753878977725b5ab53711ce41b885eb912306b4ea74ff4ead9d099464f1777
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
8e8e2882e30b7819a426325b74c9afc57ae4506c70b7f230a52cf618a6b668f7
91e972fb4cd498d0b06453d5a13a471e44e36a836a3798ff5def6f70f1d03f02
9cc567139f4cb99775ea84aa7505e13baaf3198bfa2b5fc7b3e8f0b2ac01392d
9e4a1846c8bfb1c0418be1cb80dee1a88d7aed03738970858a39ce68f8d1cb65
9f2da5dea09e34b763027700bdbbc0d350b59f4f0a7b0c8e63bed1daf6a51282
a1a78bcd2d3beb760b890da4e94d89221f1d5e0c5be50b20ebda819b32a55c61
a1ed9fbdc5be8f34da31534c62573b2b7b7662308edb2bbf8ca0ed6540c5d9cf
a42e05091bd51eeddf4efc615439a8a2e9ea683cfce239c6a84f26b53c9e4991
a7d1c558bde2c709d1bd539a0ef783951fae245830f5d716f2dcaf8a5db11eee
ad3fb7c0eb7d1ed8b5a20f6de65103699639bb55445b28e492d3b4c9723ea688
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
b311ac29f8d7837679d637891db9bbcc84ab0fa8652196d3605de190dc6a6857
be2c5216bddec816ecdc139b2a94e821724e2cbd16ef5b7c19b71f0c1b265870
c5c333d16d7c0a1530fe9081d41e3e31f4a8c51d9735d6b948de7251b66012ed
cc52b122c6719e2200f9f1fef734f2a0819c73cf93e5350c0d20747d6eda14ac
cda7d07d52c42e059d1f7a39523274c06e756526ac8e99914b965ccb163b6512
cea17e0b05e3e6ace77ec2d13b5870803ef957ad160f289cca6a3a4a826d20af
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d8f3420a45050a14ed90d14477356f27bc05f331c764e2689ae6a950202cab
e6201a1403867c4b995c11ca53fcff90153e70c11ba74aeaff89843d477cc78d
ececd30b13956872441d17b03b9de4c032b5983f0932051e763a0a6d0250842b
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e
f35c05aa144ba399df3b38b212a1292d9070bbbb857caedae5ae8bdc7ece3072
f40d9b3f79eb25d3ccc600d910ac25cc8c4ce9d15a601ff44faef68c54ce0c18
f4526c4106388ae96590c2382ba563bc2f34f92eae5b9c5d95896a1daf4d0393
f59e4f8ea566571c1fb6d165e87a6f55e43d940d8de465f8e54ca9c3e7fb49de
f9a0ff0913b1250f8478a7d536f30aaad2591f6bcb7557871f08a38be2c88cb5