login.athleterms.com Open in urlscan Pro
45.60.240.51  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://app.nhl-uat.athleterms.com/ Page URL
2. https://login.athleterms.com/as/authorization.oauth2?PartnerIdpId=armsnhlidp&client_id=nhl_uat&redirect_uri=https%3A%2F%2Fapp.nhl-uat.athleterms.com%2Fauth%2Fsignin-callback&response_type=code&scope=api%20nhl%20openid%20profile&state=f23f21e68c4c41fdb508f798b60dfaca&code_challenge=Fg0qbxY4kFo2gb93NpfSNFOwk6_cu0qB_9lcAo4Dnyc&code_challenge_method=S256&response_mode=query Page URL
3. https://login.athleterms.com/idp/SSO.saml2 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response app.nhl-uat.athleterms.com/	2 KB 3 KB	86ms 23ms	Document text/html	64.187.182.51 FIBRENOIRE-INTERNET
General Check archive.org Show headers Download Go to Full URL https://app.nhl-uat.athleterms.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.187.182.51 Montreal, Canada, ASN22652 (FIBRENOIRE-INTERNET, CA), Reverse DNS IP-64-187-182-51.static.fibrenoire.ca Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3e81e4785e58845ff8ea70387652f576ccc94cd5af933b4315ab0f5a77441af5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers content-type text/html last-modified Fri, 29 Oct 2021 23:23:20 GMT accept-ranges bytes etag "475deaf51bcdd71:0" server Microsoft-IIS/10.0 x-powered-by ASP.NET date Mon, 01 Nov 2021 13:31:58 GMT content-length 2497
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	92ms 36ms	Stylesheet text/css	2607:f8b0:4006:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rubik Requested by Host: app.nhl-uat.athleterms.com URL: https://app.nhl-uat.athleterms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5dc3e0c4d1a1295bc10626e93066afc50910175182d11181ceedbb853c64beb2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.nhl-uat.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 01 Nov 2021 13:06:31 GMT server ESF date Mon, 01 Nov 2021 13:32:48 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Mon, 01 Nov 2021 13:32:48 GMT
GET H2	200	scanner.js Show response cdn.asprise.com/scannerjs/	47 KB 15 KB	272ms 89ms	Script application/javascript	2600:9000:208d:3000:4:5cb1:e880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.asprise.com/scannerjs/scanner.js Requested by Host: app.nhl-uat.athleterms.com URL: https://app.nhl-uat.athleterms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:208d:3000:4:5cb1:e880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash b1b6cde17c94c4fef3a0d0da087c64526994ec626cb72bbd86a908b884850bb0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.nhl-uat.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 09:04:47 GMT content-encoding gzip age 16081 x-cache Hit from cloudfront content-length 15310 access-control-allow-origin * last-modified Sat, 09 Oct 2021 16:39:18 GMT server Apache etag "bdd6-5cdee23145980-gzip" vary Accept-Encoding access-control-allow-methods PUT, GET, POST, OPTIONS content-type application/javascript via 1.1 1d9f29e61668bcad29dce8b08a48e09c.cloudfront.net (CloudFront) cache-control max-age=86400, public, must-revalidate x-amz-cf-pop PHX50-C1 accept-ranges bytes access-control-allow-headers origin, x-requested-with, content-type x-amz-cf-id BQ7XHdh-SB-xu7zu9fIRGSGXB1gXwa53skcpzgPJXCpYb4xMKMsIsQ==
GET H2	200	2.18bc26e7.chunk.css app.nhl-uat.athleterms.com/static/css/	165 KB 165 KB	74ms 72ms	Stylesheet text/css	64.187.182.51 FIBRENOIRE-INTERNET
General Check archive.org Show headers Download Go to Full URL https://app.nhl-uat.athleterms.com/static/css/2.18bc26e7.chunk.css Requested by Host: app.nhl-uat.athleterms.com URL: https://app.nhl-uat.athleterms.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.187.182.51 Montreal, Canada, ASN22652 (FIBRENOIRE-INTERNET, CA), Reverse DNS IP-64-187-182-51.static.fibrenoire.ca Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2126dae87cefe872af14fb703f9a0e79d0e757df5f6375197b7bfd7e3bb3a30a Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.nhl-uat.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:31:58 GMT last-modified Fri, 29 Oct 2021 23:23:20 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "8141edf51bcdd71:0" content-type text/css accept-ranges bytes content-length 168826
GET H2	200	main.a00cf437.chunk.css app.nhl-uat.athleterms.com/static/css/	53 KB 54 KB	588ms 587ms	Stylesheet text/css	64.187.182.51 FIBRENOIRE-INTERNET
General Check archive.org Show headers Download Go to Full URL https://app.nhl-uat.athleterms.com/static/css/main.a00cf437.chunk.css Requested by Host: app.nhl-uat.athleterms.com URL: https://app.nhl-uat.athleterms.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.187.182.51 Montreal, Canada, ASN22652 (FIBRENOIRE-INTERNET, CA), Reverse DNS IP-64-187-182-51.static.fibrenoire.ca Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 98566f05722a5fcf967a301e2e4899023ac0c8e191c022cdb3520465733dfef3 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.nhl-uat.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:31:58 GMT last-modified Fri, 29 Oct 2021 23:23:20 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "36abeaf51bcdd71:0" content-type text/css accept-ranges bytes content-length 54720
GET H2	200	2.2298575d.chunk.js Show response app.nhl-uat.athleterms.com/static/js/	986 KB 988 KB	597ms 596ms	Script application/javascript	64.187.182.51 FIBRENOIRE-INTERNET
General Check archive.org Show headers Download Go to Full URL https://app.nhl-uat.athleterms.com/static/js/2.2298575d.chunk.js Requested by Host: app.nhl-uat.athleterms.com URL: https://app.nhl-uat.athleterms.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.187.182.51 Montreal, Canada, ASN22652 (FIBRENOIRE-INTERNET, CA), Reverse DNS IP-64-187-182-51.static.fibrenoire.ca Software Microsoft-IIS/10.0 / ASP.NET Resource Hash f8a645d2b0689a47d67d0b434d3ab8f861332ce5996e83183ad7953240013b3d Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.nhl-uat.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:31:58 GMT last-modified Fri, 29 Oct 2021 23:23:20 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "7968edf51bcdd71:0" content-type application/javascript accept-ranges bytes content-length 1009829
GET H2	200	main.b28bfb3b.chunk.js Show response app.nhl-uat.athleterms.com/static/js/	772 KB 773 KB	1159ms 1159ms	Script application/javascript	64.187.182.51 FIBRENOIRE-INTERNET
General Check archive.org Show headers Download Go to Full URL https://app.nhl-uat.athleterms.com/static/js/main.b28bfb3b.chunk.js Requested by Host: app.nhl-uat.athleterms.com URL: https://app.nhl-uat.athleterms.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.187.182.51 Montreal, Canada, ASN22652 (FIBRENOIRE-INTERNET, CA), Reverse DNS IP-64-187-182-51.static.fibrenoire.ca Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 1a7b7fda75fd55f0452177ee95f20ce2ef6fa7ea909c5bb6b13a2457a38a8f52 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.nhl-uat.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:31:58 GMT last-modified Fri, 29 Oct 2021 23:23:20 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "8141edf51bcdd71:0" content-type application/javascript accept-ranges bytes content-length 790061
OPTIONS H2	204	club nhl-uat.athleterms.com/ahmsapi/api/	0 0	264ms 180ms	Preflight	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://nhl-uat.athleterms.com/ahmsapi/api/club Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type Origin https://app.nhl-uat.athleterms.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-headers authorization,content-type access-control-allow-methods GET access-control-allow-origin * date Mon, 01 Nov 2021 13:32:01 GMT x-cdn Imperva x-iinfo 9-2366842-2366843 NNNN CT(31 80 0) RT(1635773570906 0) q(0 0 1 1) r(1 1) U6
GET H2	401	club nhl-uat.athleterms.com/ahmsapi/api/	94 B 450 B	135ms 134ms	Fetch application/json	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://nhl-uat.athleterms.com/ahmsapi/api/club Requested by Host: app.nhl-uat.athleterms.com URL: https://app.nhl-uat.athleterms.com/static/js/main.b28bfb3b.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Referer https://app.nhl-uat.athleterms.com/ Accept-Language en-CA,en;q=0.9 authorization Bearer undefined content-type application/json Response headers pragma no-cache date Mon, 01 Nov 2021 13:32:01 GMT content-encoding gzip x-cdn Imperva content-type application/json access-control-allow-origin * x-iinfo 9-2366882-2366843 PNYN RT(1635773571088 0) q(0 1 1 58) r(1 1) U16 cache-control no-cache expires -1
GET H2	200	scanner.css cdn.asprise.com/scannerjs/	11 KB 4 KB	81ms 81ms	Stylesheet text/css	2600:9000:208d:3000:4:5cb1:e880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.asprise.com/scannerjs/scanner.css Requested by Host: cdn.asprise.com URL: https://cdn.asprise.com/scannerjs/scanner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:208d:3000:4:5cb1:e880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.nhl-uat.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 08:47:18 GMT content-encoding gzip age 17132 x-cache Hit from cloudfront content-length 3865 access-control-allow-origin * last-modified Fri, 08 Oct 2021 22:22:38 GMT server Apache etag "2c4d-5cdded1180780-gzip" vary Accept-Encoding access-control-allow-methods PUT, GET, POST, OPTIONS content-type text/css via 1.1 1d9f29e61668bcad29dce8b08a48e09c.cloudfront.net (CloudFront) cache-control max-age=86400, public, must-revalidate x-amz-cf-pop PHX50-C1 accept-ranges bytes access-control-allow-headers origin, x-requested-with, content-type x-amz-cf-id -xyyGD7bMSr4_TT0XPSbrMqFO3od2ahJ8MgM0NqcWXLxd7GRQPtqpQ==
GET H2	200	authorization.oauth2 Show response login.athleterms.com/as/	1 KB 2 KB	463ms 381ms	Document text/html	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://login.athleterms.com/as/authorization.oauth2?PartnerIdpId=armsnhlidp&client_id=nhl_uat&redirect_uri=https%3A%2F%2Fapp.nhl-uat.athleterms.com%2Fauth%2Fsignin-callback&response_type=code&scope=api%20nhl%20openid%20profile&state=f23f21e68c4c41fdb508f798b60dfaca&code_challenge=Fg0qbxY4kFo2gb93NpfSNFOwk6_cu0qB_9lcAo4Dnyc&code_challenge_method=S256&response_mode=query Requested by Host: app.nhl-uat.athleterms.com URL: https://app.nhl-uat.athleterms.com/static/js/2.2298575d.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash f7fe3d0f2b1add8b3843d0135cc42af880687ff58e49a58ba3c336641b1eec14 Security Headers Name Value Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.athleterms.com https://*.ahmscloud.com; Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://app.nhl-uat.athleterms.com/ Response headers date Mon, 01 Nov 2021 13:32:51 GMT referrer-policy origin content-security-policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.athleterms.com https://*.ahmscloud.com; cache-control no-cache, no-store pragma no-cache expires Thu, 01 Jan 1970 00:00:00 GMT content-type text/html;charset=utf-8 strict-transport-security max-age=31536000 x-cdn Imperva content-encoding gzip x-iinfo 8-1677958-1456592 pNYN RT(1635773570936 0) q(0 0 0 1) r(3 3) U12
GET H2	200	_Incapsula_Resource Show response login.athleterms.com/	145 KB 20 KB	95ms 95ms	Script application/javascript	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://login.athleterms.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1892589059 Requested by Host: login.athleterms.com URL: https://login.athleterms.com/as/authorization.oauth2?PartnerIdpId=armsnhlidp&client_id=nhl_uat&redirect_uri=https%3A%2F%2Fapp.nhl-uat.athleterms.com%2Fauth%2Fsignin-callback&response_type=code&scope=api%20nhl%20openid%20profile&state=f23f21e68c4c41fdb508f798b60dfaca&code_challenge=Fg0qbxY4kFo2gb93NpfSNFOwk6_cu0qB_9lcAo4Dnyc&code_challenge_method=S256&response_mode=query Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash ff4b43c69e2dfe3ed4aed2e9701261c504ff1ed767c1eb3a3c06a2f6955666c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip cache-control no-cache, no-store x-robots-tag noindex content-length 20807 content-type application/javascript
GET H2	200	_Incapsula_Resource login.athleterms.com/	1 B 36 B	28ms 27ms	Image text/plain	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://login.athleterms.com/_Incapsula_Resource?SWKMTFSR=1&e=0.08293865448823423 Requested by Host: login.athleterms.com URL: https://login.athleterms.com/as/authorization.oauth2?PartnerIdpId=armsnhlidp&client_id=nhl_uat&redirect_uri=https%3A%2F%2Fapp.nhl-uat.athleterms.com%2Fauth%2Fsignin-callback&response_type=code&scope=api%20nhl%20openid%20profile&state=f23f21e68c4c41fdb508f798b60dfaca&code_challenge=Fg0qbxY4kFo2gb93NpfSNFOwk6_cu0qB_9lcAo4Dnyc&code_challenge_method=S256&response_mode=query Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 cache-control no-cache, no-store x-robots-tag noindex content-length 1 content-type text/plain
POST H2	200	Primary Request SSO.saml2 Show response login.athleterms.com/idp/	11 KB 4 KB	1057ms 1057ms	Document text/html	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 135ea2bc1388e7c172b68066f4e65f06f6ec2b65dd13bacf66c26ab4e161abec Security Headers Name Value Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.athleterms.com https://*.ahmscloud.com; Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 Origin https://login.athleterms.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ Response headers date Mon, 01 Nov 2021 13:32:51 GMT referrer-policy origin content-security-policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.athleterms.com https://*.ahmscloud.com; cache-control no-cache, no-store pragma no-cache expires Thu, 01 Jan 1970 00:00:00 GMT content-type text/html;charset=utf-8 strict-transport-security max-age=31536000 x-cdn Imperva content-encoding gzip x-iinfo 8-1678068-1456592 pNYN RT(1635773571534 0) q(0 0 0 -1) r(10 10) U6
GET H2	200	normalize.min.css login.athleterms.com/arms-assets/css/	2 KB 881 B	131ms 130ms	Stylesheet text/css	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://login.athleterms.com/arms-assets/css/normalize.min.css Requested by Host: login.athleterms.com URL: https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 09ba75e6ebf66deddedc677311ff8ecc7a4d305c59122d1dde290e7c103a5a85 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:32:52 GMT content-encoding gzip last-modified Tue, 15 Sep 2020 13:12:20 GMT x-cdn Imperva etag W/"91cqGKd4LVU91crbDadIJM" strict-transport-security max-age=31536000 content-type text/css x-iinfo 8-1678258-1674060 2VNN RT(1635773572603 0) q(0 0 0 -1) r(1 1) U18 cache-control max-age=0 content-length 771
GET H2	200	main.css login.athleterms.com/arms-assets/css/	5 KB 2 KB	41ms 40ms	Stylesheet text/css	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://login.athleterms.com/arms-assets/css/main.css Requested by Host: login.athleterms.com URL: https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash b11ee359415f75d4b948dc37660d7fde4718a8d83413b482f2353137241cd899 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:32:52 GMT content-encoding gzip last-modified Thu, 17 Sep 2020 13:26:36 GMT x-cdn Imperva etag W/"vuqRlALk6ZgvuqQ4J7aLdU" strict-transport-security max-age=31536000 content-type text/css x-iinfo 8-1678259-1676354 2CNN RT(1635773572605 0) q(0 0 0 -1) r(0 0) cache-control max-age=0 content-length 1374
GET H2	200	arms.svg login.athleterms.com/arms-assets/images/	6 KB 3 KB	49ms 48ms	Image image/svg+xml	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://login.athleterms.com/arms-assets/images/arms.svg Requested by Host: login.athleterms.com URL: https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 3c36f143585e4f1f829d71724775c3be782024b9f534e3fd2a0209b0930383d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:32:52 GMT content-encoding gzip last-modified Tue, 15 Sep 2020 13:12:20 GMT x-cdn Imperva etag W/"pM3cKJtBBKEpM3dXAqkFtU" strict-transport-security max-age=31536000 content-type image/svg+xml x-iinfo 8-1678262-1678263 2CNN RT(1635773572613 0) q(0 0 0 -1) r(0 0) cache-control max-age=0 content-length 2667
GET H2	200	close.svg login.athleterms.com/arms-assets/images/	597 B 394 B	47ms 46ms	Image image/svg+xml	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://login.athleterms.com/arms-assets/images/close.svg Requested by Host: login.athleterms.com URL: https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 7e4c266482442f43f6253510fbbff771b23b44f83dcb6577918227f660b22908 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:32:52 GMT content-encoding gzip last-modified Tue, 15 Sep 2020 13:12:20 GMT x-cdn Imperva etag W/"9O3O+P42ous9O3PjG/TqkY" strict-transport-security max-age=31536000 content-type image/svg+xml x-iinfo 8-1678265-1676367 2CNN RT(1635773572619 0) q(0 0 0 -1) r(0 0) cache-control max-age=0 content-length 251
GET H2	200	rsa-fob.jpg login.athleterms.com/arms-assets/images/	27 KB 28 KB	169ms 168ms	Image image/jpeg	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://login.athleterms.com/arms-assets/images/rsa-fob.jpg Requested by Host: login.athleterms.com URL: https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash c7077cbff6d3782691e252be4a6592fd8cf57bdfaa176bdb45fa3268dc8a1b9b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:32:52 GMT last-modified Tue, 15 Sep 2020 13:12:21 GMT x-cdn Imperva etag W/"cORm6MGGPw0cORnnFBjWeQ" strict-transport-security max-age=31536000 content-type image/jpeg x-iinfo 8-1678266-1676324 2VNN RT(1635773572622 0) q(0 0 0 -1) r(1 1) U18 cache-control max-age=0 content-length 28128
GET H2	200	main.js Show response login.athleterms.com/arms-assets/js/	6 KB 2 KB	162ms 162ms	Script application/javascript	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://login.athleterms.com/arms-assets/js/main.js Requested by Host: login.athleterms.com URL: https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 0a25e77158a826ebab595b626cc43816a6295195bcd708f1c49fba0c66c4d650 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:32:52 GMT content-encoding gzip last-modified Mon, 14 Dec 2020 18:08:48 GMT x-cdn Imperva etag W/"IghazA6k6RoIghbuGzUMS4" strict-transport-security max-age=31536000 content-type application/javascript x-iinfo 8-1678260-1677864 2VNN RT(1635773572607 0) q(0 0 0 -1) r(1 1) U18 cache-control max-age=0 content-length 1629
GET		css2 fonts.googleapis.com/	0 0
GET H2	200	logo.svg login.athleterms.com/arms-assets/images/nhl/	12 KB 4 KB	43ms 42ms	Image image/svg+xml	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://login.athleterms.com/arms-assets/images/nhl/logo.svg Requested by Host: login.athleterms.com URL: https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash c0e3a82e9bfdfce7b8dd17f3c7362b063409fbc280524995e00732c9e682fff9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:32:52 GMT content-encoding gzip last-modified Tue, 15 Sep 2020 13:12:21 GMT x-cdn Imperva etag W/"qiCcqPuMRhcqiCd3GppfJ8" strict-transport-security max-age=31536000 content-type image/svg+xml x-iinfo 8-1678302-1677864 2CNN RT(1635773572782 0) q(0 0 0 -1) r(0 0) cache-control max-age=0 content-length 4187
GET H2	200	background.png login.athleterms.com/arms-assets/images/nhl/	200 KB 200 KB	44ms 44ms	Image image/png	45.60.240.51 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://login.athleterms.com/arms-assets/images/nhl/background.png Requested by Host: login.athleterms.com URL: https://login.athleterms.com/idp/SSO.saml2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.240.51 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash a9b2b68ef10682adb3e23782590aaead21c35ee1cdff4327350c31d820025507 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://login.athleterms.com/idp/SSO.saml2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 13:32:52 GMT last-modified Tue, 15 Sep 2020 13:12:21 GMT x-cdn Imperva etag W/"4wWwbOdHnA84wWxGHahic4" strict-transport-security max-age=31536000 content-type image/png x-iinfo 8-1678304-1678263 2CNN RT(1635773572785 0) q(0 0 0 -1) r(0 0) cache-control max-age=0 content-length 204352

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.googleapis.com

URL

https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;700&display=swap

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| config function| init function| submitSoft function| submitHard function| submit function| showRequired function| hideRequired function| validateForm

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.athleterms.com/	1970-01-20 07:08:14	Name: visid_incap_2387398 Value: drmiagMgSkm+KWj/348DSYLsf2EAAAAAQUIPAAAAAAB1PfZZ1aE5Qup2yzpYhOYe
			.athleterms.com/	1969-12-31 23:59:59	Name: incap_ses_1353_2387398 Value: wnAPG1NjeQnaTwpfn9LGEoPsf2EAAAAAZUZU2bhYJVsdBefop6/auw==
			login.athleterms.com/	1969-12-31 23:59:59	Name: PF Value: 3ho6ULjU3kOeyd5M3zLfUWuuGU5t8DjffN7KfjlMGTHo

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nhl-uat.athleterms.com/ahmsapi/api/club Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://login.athleterms.com/idp/SSO.saml2(Line 16) Message: Refused to load the stylesheet 'https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;700&display=swap' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.nhl-uat.athleterms.com
cdn.asprise.com
fonts.googleapis.com
login.athleterms.com
nhl-uat.athleterms.com
fonts.googleapis.com
2600:9000:208d:3000:4:5cb1:e880:93a1
2607:f8b0:4006:80c::200a
45.60.240.51
64.187.182.51
09ba75e6ebf66deddedc677311ff8ecc7a4d305c59122d1dde290e7c103a5a85
0a25e77158a826ebab595b626cc43816a6295195bcd708f1c49fba0c66c4d650
135ea2bc1388e7c172b68066f4e65f06f6ec2b65dd13bacf66c26ab4e161abec
1a7b7fda75fd55f0452177ee95f20ce2ef6fa7ea909c5bb6b13a2457a38a8f52
2126dae87cefe872af14fb703f9a0e79d0e757df5f6375197b7bfd7e3bb3a30a
3c36f143585e4f1f829d71724775c3be782024b9f534e3fd2a0209b0930383d9
3e81e4785e58845ff8ea70387652f576ccc94cd5af933b4315ab0f5a77441af5
5dc3e0c4d1a1295bc10626e93066afc50910175182d11181ceedbb853c64beb2
7e4c266482442f43f6253510fbbff771b23b44f83dcb6577918227f660b22908
98566f05722a5fcf967a301e2e4899023ac0c8e191c022cdb3520465733dfef3
a9b2b68ef10682adb3e23782590aaead21c35ee1cdff4327350c31d820025507
b11ee359415f75d4b948dc37660d7fde4718a8d83413b482f2353137241cd899
b1b6cde17c94c4fef3a0d0da087c64526994ec626cb72bbd86a908b884850bb0
c0e3a82e9bfdfce7b8dd17f3c7362b063409fbc280524995e00732c9e682fff9
c7077cbff6d3782691e252be4a6592fd8cf57bdfaa176bdb45fa3268dc8a1b9b
f7fe3d0f2b1add8b3843d0135cc42af880687ff58e49a58ba3c336641b1eec14
f8a645d2b0689a47d67d0b434d3ab8f861332ce5996e83183ad7953240013b3d
ff4b43c69e2dfe3ed4aed2e9701261c504ff1ed767c1eb3a3c06a2f6955666c2