urlscan.io logo urlscan.io
SecurityTrails logo

secure.sportssystems.com Open in urlscan Pro
38.133.153.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://envisionblowup.ray-ban.com/
Effective URL: https://secure.sportssystems.com/events2/credapp.cfm
Submission: On October 10 via api from FI — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 38.133.153.163, located in United States and belongs to COGENT-174, US. The main domain is secure.sportssystems.com.
TLS certificate: Issued by Network Solutions OV Server CA 2 on September 15th 2020. Valid for: a year.
This is the only time secure.sportssystems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 195.110.124.188 39729 (REGISTER-AS)
2 8 38.133.153.163 174 (COGENT-174)
1 142.250.186.106 15169 (GOOGLE)
2 142.250.185.174 15169 (GOOGLE)
10 4
Domain Requested by
8 secure.sportssystems.com 2 redirects envisionblowup.ray-ban.com
secure.sportssystems.com
2 www.google-analytics.com secure.sportssystems.com
www.google-analytics.com
1 ajax.googleapis.com secure.sportssystems.com
1 envisionblowup.ray-ban.com
10 4

This site contains no links.

Subject Issuer Validity Valid
*.sportssystems.com
Network Solutions OV Server CA 2		 2020-09-15 -
2021-10-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.sportssystems.com/events2/credapp.cfm
Frame ID: F5845D86959B2D82C5CD2EA257592BC7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

System Error

Page URL History Show full URLs

  1. http://envisionblowup.ray-ban.com/ Page URL
  2. http://secure.sportssystems.com/events2/?eventKey=e844d116-2e68-47bc-ba7a-be0fc0ee2818 HTTP 302
    https://secure.sportssystems.com/events2/?eventKey=e844d116-2e68-47bc-ba7a-be0fc0ee2818 HTTP 302
    https://secure.sportssystems.com/events2/credapp.cfm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.cfm(?:$|\?)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

235 kB
Transfer

777 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://envisionblowup.ray-ban.com/ Page URL
  2. http://secure.sportssystems.com/events2/?eventKey=e844d116-2e68-47bc-ba7a-be0fc0ee2818 HTTP 302
    https://secure.sportssystems.com/events2/?eventKey=e844d116-2e68-47bc-ba7a-be0fc0ee2818 HTTP 302
    https://secure.sportssystems.com/events2/credapp.cfm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
envisionblowup.ray-ban.com/ 		147 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
http://envisionblowup.ray-ban.com/
Protocol
HTTP/1.1
Server
195.110.124.188 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
opus.register.it
Software
Apache /
Resource Hash

Request headers

Host
envisionblowup.ray-ban.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 10 Oct 2021 15:05:35 GMT
Server
Apache
Last-Modified
Mon, 02 Sep 2013 10:49:15 GMT
Accept-Ranges
bytes
Content-Length
147
Connection
close
Content-Type
text/html
Content-Language
it
Primary Request Cookie set credapp.cfm
secure.sportssystems.com/events2/
Redirect Chain
  • http://secure.sportssystems.com/events2/?eventKey=e844d116-2e68-47bc-ba7a-be0fc0ee2818
  • https://secure.sportssystems.com/events2/?eventKey=e844d116-2e68-47bc-ba7a-be0fc0ee2818
  • https://secure.sportssystems.com/events2/credapp.cfm
20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.sportssystems.com/events2/credapp.cfm
Requested by
Host: envisionblowup.ray-ban.com
URL: http://envisionblowup.ray-ban.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.153.163 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache /
Resource Hash
7f107bd85f4469dafd87fd2f72fb71a58660f4a2d17152e857ae1ff1f9484912
Security Headers
Name Value
Content-Security-Policy script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Host
secure.sportssystems.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://envisionblowup.ray-ban.com/
Accept-Encoding
gzip, deflate, br
Cookie
CFID=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-198099; CFTOKEN=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-6e41991e33564634-2B60DB51-D0B1-D2A4-842928A1BA0183BB; JSESSIONID=C2FDA99E6D7BD115CE0DF90DCB6461FB.cfusion; SS_LAST_HIT=%7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; CREDAPP_EVENTID=0; CREDAPP_SESSIONID=2B60DC28%2DFA85%2D2966%2D92E1C74D877CD6EE; CREDAPP_FRONTENDSESSIONAPPID=8996617; cookiesession1=2AD172D2TH8HGRPY1VV733CZS5BLE9BC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://envisionblowup.ray-ban.com/

Response headers

Date
Sun, 10 Oct 2021 15:05:36 GMT
Server
Apache
Set-Cookie
SS_LAST_HIT=%7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D; Path=/; Secure NEW_REQUEST=true; Path=/; Secure SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; Path=/; Secure; HttpOnly
expires
Sat, 09 Oct 2021 15:05:36 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
Vary
Accept-Encoding
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1;mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Security-Policy
script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8
content-length
5816

Redirect headers

Date
Sun, 10 Oct 2021 15:05:36 GMT
Server
Apache
Set-Cookie
CFID=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-198099; Domain=.sportssystems.com; Path=/; Secure; HttpOnly; SameSite=Lax CFTOKEN=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-6e41991e33564634-2B60DB51-D0B1-D2A4-842928A1BA0183BB; Domain=.sportssystems.com; Path=/; Secure; HttpOnly; SameSite=Lax JSESSIONID=C2FDA99E6D7BD115CE0DF90DCB6461FB.cfusion; Path=/; HttpOnly; SameSite=Lax SS_LAST_HIT=%7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D; Path=/; Secure NEW_REQUEST=true; Path=/; Secure SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; Path=/; Secure; HttpOnly CREDAPP_EVENTID=0; Expires=Mon, 11-Oct-2021 15:05:36 GMT; Path=/; Secure; HttpOnly CREDAPP_SESSIONID=2B60DC28%2DFA85%2D2966%2D92E1C74D877CD6EE; Path=/; Secure; HttpOnly CREDAPP_FRONTENDSESSIONAPPID=8996617; Path=/; Secure; HttpOnly cookiesession1=2AD172D2TH8HGRPY1VV733CZS5BLE9BC;Path=/;Secure;HttpOnly
expires
Sat, 09 Oct 2021 15:05:36 GMT
pragma
no-cache
cache-control
no-cache
location
credapp.cfm
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1;mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Security-Policy
script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
cfmessage.js
secure.sportssystems.com/CFJS/ajax/messages/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.sportssystems.com/CFJS/ajax/messages/cfmessage.js
Requested by
Host: secure.sportssystems.com
URL: https://secure.sportssystems.com/events2/credapp.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.153.163 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache /
Resource Hash
b5016e4129865d7768be4927696e39051d3ca0050c3b80d382ac7bcaa9f5dfb1
Security Headers
Name Value
Content-Security-Policy script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.sportssystems.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.sportssystems.com/events2/credapp.cfm
Cookie
CFID=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-198099; CFTOKEN=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-6e41991e33564634-2B60DB51-D0B1-D2A4-842928A1BA0183BB; JSESSIONID=C2FDA99E6D7BD115CE0DF90DCB6461FB.cfusion; SS_LAST_HIT=%7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; CREDAPP_EVENTID=0; CREDAPP_SESSIONID=2B60DC28%2DFA85%2D2966%2D92E1C74D877CD6EE; CREDAPP_FRONTENDSESSIONAPPID=8996617; cookiesession1=2AD172D2TH8HGRPY1VV733CZS5BLE9BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.sportssystems.com/events2/credapp.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 15:05:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
5988
X-XSS-Protection
1;mode=block
Last-Modified
Thu, 31 Jan 2019 18:25:52 GMT
Server
Apache
ETag
"7dda-580c52813ae46-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
application/javascript
Content-Security-Policy
script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
cfajax.js
secure.sportssystems.com/CFJS/ajax/package/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.sportssystems.com/CFJS/ajax/package/cfajax.js
Requested by
Host: secure.sportssystems.com
URL: https://secure.sportssystems.com/events2/credapp.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.153.163 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache /
Resource Hash
202bbe3bae3e520a7f7f0d9640ade1dda1cc306f20b1b4a23add16bbd53a021c
Security Headers
Name Value
Content-Security-Policy script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.sportssystems.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.sportssystems.com/events2/credapp.cfm
Cookie
CFID=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-198099; CFTOKEN=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-6e41991e33564634-2B60DB51-D0B1-D2A4-842928A1BA0183BB; JSESSIONID=C2FDA99E6D7BD115CE0DF90DCB6461FB.cfusion; SS_LAST_HIT=%7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; CREDAPP_EVENTID=0; CREDAPP_SESSIONID=2B60DC28%2DFA85%2D2966%2D92E1C74D877CD6EE; CREDAPP_FRONTENDSESSIONAPPID=8996617; cookiesession1=2AD172D2TH8HGRPY1VV733CZS5BLE9BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.sportssystems.com/events2/credapp.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 15:05:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
11711
X-XSS-Protection
1;mode=block
Last-Modified
Tue, 29 Sep 2020 00:01:12 GMT
Server
Apache
ETag
"9b84-5b0687b29e895-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
application/javascript
Content-Security-Policy
script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.min.css
Requested by
Host: secure.sportssystems.com
URL: https://secure.sportssystems.com/events2/credapp.cfm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
b0419faf03242236e04c1c062d52b7f011bf5f0222342fc4006f51cec7dd6ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.sportssystems.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 20:17:28 GMT
x-content-type-options
nosniff
age
499688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30724
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 20:17:28 GMT
jquery.ui.timepicker.css
secure.sportssystems.com/lib/jQuery/plugins/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.sportssystems.com/lib/jQuery/plugins/jquery.ui.timepicker.css?v=2.1.582
Requested by
Host: secure.sportssystems.com
URL: https://secure.sportssystems.com/events2/credapp.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.153.163 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache /
Resource Hash
8e12d7fb3ba0a01926ac111d2432e4af187b9c712e89f9ca57c33d683118c573
Security Headers
Name Value
Content-Security-Policy script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.sportssystems.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure.sportssystems.com/events2/credapp.cfm
Cookie
CFID=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-198099; CFTOKEN=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-6e41991e33564634-2B60DB51-D0B1-D2A4-842928A1BA0183BB; JSESSIONID=C2FDA99E6D7BD115CE0DF90DCB6461FB.cfusion; SS_LAST_HIT=%7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; CREDAPP_EVENTID=0; CREDAPP_SESSIONID=2B60DC28%2DFA85%2D2966%2D92E1C74D877CD6EE; CREDAPP_FRONTENDSESSIONAPPID=8996617; cookiesession1=2AD172D2TH8HGRPY1VV733CZS5BLE9BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.sportssystems.com/events2/credapp.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 15:05:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
650
X-XSS-Protection
1;mode=block
Last-Modified
Thu, 31 Jan 2019 17:56:27 GMT
Server
Apache
ETag
"6dd-580c4bed386ca-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
text/css
Content-Security-Policy
script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
webpackBundle_frontend.js
secure.sportssystems.com/events2/javascripts/webpack/dist/js/ 		605 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.sportssystems.com/events2/javascripts/webpack/dist/js/webpackBundle_frontend.js?v=2.1.582
Requested by
Host: secure.sportssystems.com
URL: https://secure.sportssystems.com/events2/credapp.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.153.163 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache /
Resource Hash
f0b48ed8e38b1820481121853ea9c665d0021a8640591ef5173697cef016cde1
Security Headers
Name Value
Content-Security-Policy script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.sportssystems.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.sportssystems.com/events2/credapp.cfm
Cookie
CFID=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-198099; CFTOKEN=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-6e41991e33564634-2B60DB51-D0B1-D2A4-842928A1BA0183BB; JSESSIONID=C2FDA99E6D7BD115CE0DF90DCB6461FB.cfusion; SS_LAST_HIT=%7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; CREDAPP_EVENTID=0; CREDAPP_SESSIONID=2B60DC28%2DFA85%2D2966%2D92E1C74D877CD6EE; CREDAPP_FRONTENDSESSIONAPPID=8996617; cookiesession1=2AD172D2TH8HGRPY1VV733CZS5BLE9BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.sportssystems.com/events2/credapp.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 15:05:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
content-length
157611
X-XSS-Protection
1;mode=block
Last-Modified
Mon, 13 Sep 2021 15:34:48 GMT
Server
Apache
ETag
"97568-5cbe2348fc4d6-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
application/javascript
Content-Security-Policy
script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
loading.gif
secure.sportssystems.com/events2/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.sportssystems.com/events2/images/loading.gif
Requested by
Host: secure.sportssystems.com
URL: https://secure.sportssystems.com/events2/credapp.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.153.163 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Apache /
Resource Hash
941b5b225c5cb473f6e9fa758eb22ed4cfb83885506f762e03d384bd5a4e1227
Security Headers
Name Value
Content-Security-Policy script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.sportssystems.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.sportssystems.com/events2/credapp.cfm
Cookie
CFID=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-198099; CFTOKEN=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-6e41991e33564634-2B60DB51-D0B1-D2A4-842928A1BA0183BB; JSESSIONID=C2FDA99E6D7BD115CE0DF90DCB6461FB.cfusion; SS_LAST_HIT=%7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; CREDAPP_EVENTID=0; CREDAPP_SESSIONID=2B60DC28%2DFA85%2D2966%2D92E1C74D877CD6EE; CREDAPP_FRONTENDSESSIONAPPID=8996617; cookiesession1=2AD172D2TH8HGRPY1VV733CZS5BLE9BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.sportssystems.com/events2/credapp.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 15:05:37 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 31 Jan 2019 18:02:48 GMT
Server
Apache
ETag
"4ff-580c4d595457e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Content-Security-Policy
script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.sportssystems.com bam.nr-data.net smart-ip.net seal.networksolutions.com *.google-analytics.com *.newrelic.com *.googleapis.com *.bootstrapcdn.com *.amazonaws.com cdnjs.cloudflare.com kit.fontawesome.com *.curator.io; report-uri /monitor/csp/csp-report.cfm
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1279
X-XSS-Protection
1;mode=block
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.sportssystems.com
URL: https://secure.sportssystems.com/events2/credapp.cfm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.sportssystems.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1120
date
Sun, 10 Oct 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 10 Oct 2021 16:46:57 GMT
collect
www.google-analytics.com/j/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1344512618&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.sportssystems.com%2Fevents2%2Fcredapp.cfm&dr=http%3A%2F%2Fenvisionblowup.ray-ban.com%2F&dp=SystemMessage&ul=en-us&de=UTF-8&dt=System%20Error&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&an=FrontEnd&_u=IEBAAAABCAAAAC~&jid=569860968&gjid=752658618&cid=710634409.1633878337&tid=UA-8898746-8&_gid=1332649042.1633878337&_r=1&_slc=1&cd1=0&z=1308645640
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.sportssystems.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 15:05:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.sportssystems.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| _cf_loadingtexthtml string| _cf_contextpath string| _cf_ajaxscriptsrc string| _cf_jsonprefix number| _cf_websocket_port number| _cf_flash_policy_port string| _cf_clientid object| CFMessage function| cfinitmsg function| cfinit object| ColdFusion function| _cf_ControllerProxy function| controller function| _cf_SessionTrackerProxy function| sessionTracker function| _cf_HeartbeatProxy function| heartbeat object| _toggleHighlightOptions number| _eventID string| _appName string| _formOutputType function| jQuery undefined| $ function| TP_jQuery_1633878337143 object| SSSI object| conditionalEvaluator function| handleTelNumberResult function| EXIF object| browserSupport object| sssiUtil function| initSessionTimeoutAlert object| pageFields string| GoogleAnalyticsObject function| _gaTracker object| sssitranslate object| google_tag_data object| gaplugins object| gaGlobal object| gaData

13 Cookies

Domain/Path Name / Value
.sportssystems.com/ Name: CFID
Value: Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-198099
.sportssystems.com/ Name: CFTOKEN
Value: Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-6e41991e33564634-2B60DB51-D0B1-D2A4-842928A1BA0183BB
secure.sportssystems.com/ Name: JSESSIONID
Value: C2FDA99E6D7BD115CE0DF90DCB6461FB.cfusion
secure.sportssystems.com/ Name: SS_LAST_HIT
Value: %7Bts%20%272021%2D10%2D10%2011%3A05%3A36%27%7D
secure.sportssystems.com/ Name: NEW_REQUEST
Value: true
secure.sportssystems.com/ Name: SSKM
Value: bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc
secure.sportssystems.com/ Name: CREDAPP_EVENTID
Value: 0
secure.sportssystems.com/ Name: CREDAPP_SESSIONID
Value: 2B60DC28%2DFA85%2D2966%2D92E1C74D877CD6EE
secure.sportssystems.com/ Name: CREDAPP_FRONTENDSESSIONAPPID
Value: 8996617
secure.sportssystems.com/ Name: cookiesession1
Value: 2AD172D2TH8HGRPY1VV733CZS5BLE9BC
.sportssystems.com/ Name: _ga
Value: GA1.2.710634409.1633878337
.sportssystems.com/ Name: _gid
Value: GA1.2.1332649042.1633878337
.sportssystems.com/ Name: _gat
Value: 1