urlscan.io logo urlscan.io
SecurityTrails logo

berlin2023.rosterfy.eu Open in urlscan Pro
13.39.6.6  Public Scan

Go To Rescan Add Verdict Report
URL: https://berlin2023.rosterfy.eu/
Submission: On May 26 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 50 HTTP transactions. The main IP is 13.39.6.6, located in Paris, France and belongs to AMAZON-02, US. The main domain is berlin2023.rosterfy.eu.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 13th 2023. Valid for: 10 months.
This is the only time berlin2023.rosterfy.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    13.39.6.6 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
berlin2023.rosterfy.eu
1    18.66.112.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-78.fra56.r.cloudfront.net
usrwy.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)
fast.fonts.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
6    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
2    52.95.156.89 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-west-3.amazonaws.com
s3.eu-west-3.amazonaws.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.203.191.61 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-191-61.us-west-2.compute.amazonaws.com
api.userway.org
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 rosterfy.eu
berlin2023.rosterfy.eu
2 MB
8 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1352
ka-p.fontawesome.com — Cisco Umbrella Rank: 3288
307 KB
6 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 751
261 B
5 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4174
api.userway.org — Cisco Umbrella Rank: 4126
43 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
192 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 798
syndication.twitter.com — Cisco Umbrella Rank: 1074
132 KB
2 amazonaws.com
s3.eu-west-3.amazonaws.com
351 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
135 KB
1 fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3236
549 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
905 B
1 usrwy.com
usrwy.com — Cisco Umbrella Rank: 87921
1 KB
50 14
Domain Requested by
11 berlin2023.rosterfy.eu berlin2023.rosterfy.eu
7 ka-p.fontawesome.com kit.fontawesome.com
berlin2023.rosterfy.eu
6 sessions.bugsnag.com berlin2023.rosterfy.eu
4 cdn.userway.org usrwy.com
cdn.userway.org
3 www.google-analytics.com www.googletagmanager.com
berlin2023.rosterfy.eu
2 fonts.gstatic.com fonts.googleapis.com
2 s3.eu-west-3.amazonaws.com berlin2023.rosterfy.eu
2 fonts.googleapis.com client
berlin2023.rosterfy.eu
2 platform.twitter.com berlin2023.rosterfy.eu
platform.twitter.com
2 connect.facebook.net berlin2023.rosterfy.eu
connect.facebook.net
2 www.googletagmanager.com berlin2023.rosterfy.eu
www.googletagmanager.com
1 api.userway.org cdn.userway.org
1 syndication.twitter.com platform.twitter.com
1 www.gstatic.com www.google.com
1 fast.fonts.net client
1 www.google.com berlin2023.rosterfy.eu
1 kit.fontawesome.com berlin2023.rosterfy.eu
1 usrwy.com berlin2023.rosterfy.eu
50 18

This site contains no links.

Subject Issuer Validity Valid
*.rosterfy.eu
Amazon RSA 2048 M01		 2023-02-13 -
2023-12-02		 10 months crt.sh
usrwy.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-04		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-04 -
2023-06-02		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
1667503734.rsc.cdn77.org
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-01 -
2023-10-01		 a year crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-04-12		 a year crt.sh
*.s3.eu-west-3.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-15		 8 months crt.sh
api.userway.org
Amazon RSA 2048 M02		 2023-02-09 -
2023-10-31		 9 months crt.sh

This page contains 2 frames:

Primary Page: https://berlin2023.rosterfy.eu/
Frame ID: 89A2D24128F8311AF9CD330C1BD40219
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fberlin2023.rosterfy.eu
Frame ID: F3637D5598708B71CD3DDEAF0B2A37B5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Volunteer Management System Login > Special Olympics World Games Berlin 2023

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

50
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

18
Subdomains

17
IPs

3
Countries

3503 kB
Transfer

11629 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
berlin2023.rosterfy.eu/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
89cbc3419b981a6bb59bbb4575934569ac3cd44f035bcf1c82f84ca96c8dcdb4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 06:42:06 GMT
feature-policy
*
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
portal.css
berlin2023.rosterfy.eu/css/ 		494 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/css/portal.css?id=6400814d5704601b782809de9b1b1beb
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
85010d8c82b04d4f155aa67e8360f83c641b2f096930fe0219ec8400a192090d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
last-modified
Fri, 26 May 2023 06:20:09 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
content-encoding
gzip
etag
W/"64704f99-7b817"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=432000
feature-policy
*
x-xss-protection
1; mode=block
expires
Wed, 31 May 2023 06:42:06 GMT
widget.js
usrwy.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usrwy.com/widget.js
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-78.fra56.r.cloudfront.net
Software
CDN77-Turbo /
Resource Hash
a285192a5c6ca70b33b8a4a7c7669fb7ba3e0ed57834a6d70eaf7ca8ddeed22a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 06:39:54 GMT
via
1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront), 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
MUC50-P2, FRA56-P5
age
1392
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
Hit from cloudfront
x-age
148
x-accel-date
1685047763
x-77-nzt
AZySIYu0BBr/lAAAAA
last-modified
Tue, 23 May 2023 09:23:14 GMT
server
CDN77-Turbo
x-77-nzt-ray
cf8787273843be3d67ca6f64924f8734
etag
W/"0f75fd7d8d08d821f9a3b6bad63fd743"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
W3pOpzkV-V2ThwHfegEBAqZ4sAe8diVKHndxVZAXJgMqdhwN0FfOzQ==
js
www.googletagmanager.com/gtag/ 		204 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F4GLHLRMBE
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb74dfa85951b5ef800c12ecd7037a2ecc15e2de09cbf4d0ba6107e4c43d146d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74811
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 May 2023 06:42:06 GMT
d157437866.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/d157437866.js
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46956a74da479b33654882f98eea25429558788ec39bfe7d28d267a084f895ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://berlin2023.rosterfy.eu/
Origin
https://berlin2023.rosterfy.eu
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7cd409454f342a35-CDG
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F1BVH1As3bD-OtUATcYj
manifest.js
berlin2023.rosterfy.eu/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/js/manifest.js?id=2207e56c8568bc5b2a8c7c8d12ac4cd2
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
c88033897e0e92daed6700a3ef39a5c64b0141aea0d4e2b6eb0367cb9837b5d0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
last-modified
Fri, 26 May 2023 06:20:07 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
content-encoding
gzip
etag
W/"64704f97-6c4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=432000
feature-policy
*
x-xss-protection
1; mode=block
expires
Wed, 31 May 2023 06:42:06 GMT
vendor.js
berlin2023.rosterfy.eu/js/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
12b8a9da0bdcea046aeb19ab2e7c7f567163344fed3bad529275aa4f11ef2d27
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
last-modified
Fri, 26 May 2023 06:20:07 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
content-encoding
gzip
etag
W/"64704f97-6802c3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=432000
feature-policy
*
x-xss-protection
1; mode=block
expires
Wed, 31 May 2023 06:42:06 GMT
portal.js
berlin2023.rosterfy.eu/js/ 		1 MB
266 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/js/portal.js?id=371844baf9eb2cd1397fc803dd2e0bc0
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
aaff161bf463b221f844c44aab50212ca15d50555056fd1f686b3f54a7538e14
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
last-modified
Fri, 26 May 2023 06:20:07 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
content-encoding
gzip
etag
W/"64704f97-13fcde"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=432000
feature-policy
*
x-xss-protection
1; mode=block
expires
Wed, 31 May 2023 06:42:06 GMT
api.js
www.google.com/recaptcha/ 		916 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
212cc3547be3d9a40c9d76403b940774a07fe73f8cc3e8e8cc94ff22ebe67537
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
585
x-xss-protection
1; mode=block
expires
Fri, 26 May 2023 06:42:06 GMT
pro.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/ 		867 KB
196 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=d157437866
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d157437866.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 21:29:22 GMT
server
cloudflare
age
1164
etag
"641cc4b2-31000"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cd40945df962a35-CDG
content-length
200704
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/ 		27 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v4-shims.min.css?token=d157437866
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d157437866.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681f15f1dd66646e3c4be78f9c74962004cbc764f0fbb1da993f6937a3ac1e8a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
age
164351
etag
"641cc4b0-10e7"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cd40945df952a35-CDG
content-length
4327
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/ 		85 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v5-font-face.min.css?token=d157437866
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d157437866.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 21:29:21 GMT
server
cloudflare
age
3030696
etag
"641cc4b1-30f2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cd40945df972a35-CDG
content-length
12530
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/ 		12 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v4-font-face.min.css?token=d157437866
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d157437866.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5e287f0e60cc7efadd2bdf39ff53499de57249b69a3ae73497a187ff908e2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
age
1813368
etag
"641cc4b0-917"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cd40945df932a35-CDG
content-length
2327
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68ebcfdc2ad75e2862bdb8b38478785f03396c2b97966321ef2c5d31ca499815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 May 2023 06:42:06 GMT
content-md5
cTa/x+QLsluhbXjpBtn7nQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
3dzuN1bJo/eDisnV3mqxt4Dm/R2wOE6VmMblSd4U9XJ8AEDAJHpF42I2dHcpeuoXUmPYBnJaLKdsjeE9NRQIgw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
546ed6cdf44f25aaede93a6c555d37c2
cross-origin-opener-policy
same-origin-allow-popups
etag
"a606dbfc3328d924fd5346a3f89e2e26"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 26 May 2023 07:01:36 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA5) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 06:42:06 GMT
Content-Encoding
gzip
Age
560
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (pab/6FA5)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=543154c740ced3971c7c3fb2ca07f81c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa3b65137b46cfc245fabf8b3940a8d2980f8e816977c0c20a3403c507c78f58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://berlin2023.rosterfy.eu/
Origin
https://berlin2023.rosterfy.eu
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 May 2023 06:42:06 GMT
content-md5
maQXA1cuvNd7Chy3fbdOTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88620
x-fb-rlafr
0
x-fb-debug
76Wf9JMmvKERVlXkEGJvLWdhYXd4CsYVNJHkNCPunwyXdKgaj4e7hbywyZ0I2TlalKU2mwU2ZQRtFWINk9qPRQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4bb01f330f29e57ff8ad3691004b14ec
cross-origin-opener-policy
same-origin-allow-popups
etag
"434b1464760209f49f040a692ce9be0f"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 May 2024 05:10:42 GMT
css2
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Cardo&family=Comic+Neue&family=Dosis&family=EB+Garamond&family=Open+Sans:wght@300&family=Prociono&family=Quattrocento&family=Quicksand&family=Roboto:wght@300&family=Libre+Barcode+39+Text&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a944f3517d0b71dfa24be78cbb4d6e5a64a4dc605d11a906bbf307367336da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 May 2023 06:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 May 2023 06:42:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 May 2023 06:42:06 GMT
1.css
fast.fonts.net/lt/ 		0
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/lt/1.css?apiType=css&c=b5507177-32b7-4129-a8a8-ebf755940672&fontids=5164596,5165017,5184962,5185299,5207403,5223371,5227398,5316113,5321165,5332675,5336429,5350363,5364007,5364361,5366582,5686879
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:06 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
0KPSJSAXWGWYHPPK
age
210697
content-length
0
x-amz-id-2
uXALuYnYA0asC+ThjlRmCuibIZUByTfOM91Nr4yeQbuOAJPW9u+3zGd73yp1deNu9vtppl3hQ3o=
last-modified
Tue, 23 Mar 2021 12:59:56 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=0, s-maxage=604800
accept-ranges
bytes
cf-ray
7cd40948ecba00a6-CDG
x-amz-meta-mtime
1361983047
data
berlin2023.rosterfy.eu/api/v2/account/ 		16 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/api/v2/account/data?_locale=null
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
8f87764f2890408886af35ff3e6005755d968abbcccde348639b8fcced5b3771
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://berlin2023.rosterfy.eu/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, private
feature-policy
*
x-xss-protection
1; mode=block
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ 		411 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7045239aa5dadb2237de04c5b58d4de0a08d84f36b8ede7384c2f686398953da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berlin2023.rosterfy.eu/
Origin
https://berlin2023.rosterfy.eu
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 00:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168052
x-xss-protection
0
last-modified
Mon, 22 May 2023 20:58:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 00:45:00 GMT
widget_app_base_1684833599814.js
cdn.userway.org/widgetapp/2023-05-23/ 		133 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-05-23/widget_app_base_1684833599814.js
Requested by
Host: usrwy.com
URL: https://usrwy.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2a0c55bd407682809e5e04678dc8e2309923d806b0fa4b9c69fee63085390460

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 06:42:07 GMT
via
1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
MUC50-P2
age
46
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
249231
x-accel-date
1684834096
x-77-nzt
AcO1qhH2G0L/j80DAA
x-accel-expires
@1710754096
last-modified
Tue, 23 May 2023 09:23:10 GMT
server
CDN77-Turbo
etag
W/"13ec4e049bf049de527c239329aa287a"
x-77-nzt-ray
4c156224428d39afbf547064aa2a7b0e
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
pV0VGQKu7bAnYeti23Bx1z_6SLTntRsFLId0EIvhTfDvzP5tPI5JSg==
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame F363 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fberlin2023.rosterfy.eu
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FAE) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://berlin2023.rosterfy.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1215053
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Fri, 26 May 2023 06:42:07 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6FAE)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame F363 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=d0d6e9fd8df6b7f405f318a52d99ba3f559b45bd
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fberlin2023.rosterfy.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time
104
date
Fri, 26 May 2023 06:42:07 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 26 May 2023 06:42:07 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
1cb71849cd49b3a6
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
6e0f3facadca640fde500af5d289734a39e9d74c49ad365eea093e0cbe042bde
content-length
337
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://berlin2023.rosterfy.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 26 May 2023 06:42:07 GMT
via
1.1 google
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://berlin2023.rosterfy.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 26 May 2023 06:42:07 GMT
via
1.1 google
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://berlin2023.rosterfy.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 26 May 2023 06:42:07 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://berlin2023.rosterfy.eu/
Bugsnag-Sent-At
2023-05-26T06:42:07.263Z
accept-language
fr-FR,fr;q=0.9
Bugsnag-Api-Key
19dc17d426808dd0ea930fe888af980f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 26 May 2023 06:42:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
css
fonts.googleapis.com/ 		772 B
488 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Spartan%7CSpartan
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bca5e92fbad34510f75f0cb2825bdb9d33766182c15f41f2fd5a1a9cb6c4f2fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 May 2023 06:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 May 2023 06:42:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 May 2023 06:42:07 GMT
/
sessions.bugsnag.com/ 		21 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://berlin2023.rosterfy.eu/
Bugsnag-Sent-At
2023-05-26T06:42:07.268Z
accept-language
fr-FR,fr;q=0.9
Bugsnag-Api-Key
19dc17d426808dd0ea930fe888af980f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 26 May 2023 06:42:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
pqvQx3oEk00iqWuWjoggjIamj6SDkjZdeOK3Hcd9.JPG
s3.eu-west-3.amazonaws.com/storage.rosterfy.eu/misc/pqvQ/ 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-west-3.amazonaws.com/storage.rosterfy.eu/misc/pqvQ/pqvQx3oEk00iqWuWjoggjIamj6SDkjZdeOK3Hcd9.JPG
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/css/portal.css?id=6400814d5704601b782809de9b1b1beb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.156.89 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-west-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
98d0f09b45a20300d9203a9375306f6933c344b9c1b45dab4ec331ede9ee814b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 06:42:08 GMT
Last-Modified
Fri, 02 Sep 2022 13:08:24 GMT
Server
AmazonS3
x-amz-request-id
7CBQW9SN3NWNRTHR
ETag
"cc3b366751a9bef795b005f14d0a5b59"
Content-Type
image/jpeg
Cache-Control
private,max-age=3000,must-revalidate
Accept-Ranges
bytes
Content-Length
212057
x-amz-id-2
jTgn0BOW/AtjubP39vTieWFzMTbqfQYXCsXp4rXh7CXBhNAeHMTJO99F7XSq3FdaJXP64dS8XhE=
/
sessions.bugsnag.com/ 		21 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://berlin2023.rosterfy.eu/
Bugsnag-Sent-At
2023-05-26T06:42:07.333Z
accept-language
fr-FR,fr;q=0.9
Bugsnag-Api-Key
19dc17d426808dd0ea930fe888af980f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 26 May 2023 06:42:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
destination
www.googletagmanager.com/gtag/ 		168 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=UA-138251578-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F4GLHLRMBE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef57b60910eb97830a97acd9cf08d93b96a69845371a99b63c088a4431cc68a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
62843
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 May 2023 06:42:07 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cardo&family=Comic+Neue&family=Dosis&family=EB+Garamond&family=Open+Sans:wght@300&family=Prociono&family=Quattrocento&family=Quicksand&family=Roboto:wght@300&family=Libre+Barcode+39+Text&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://berlin2023.rosterfy.eu
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 23:14:12 GMT
x-content-type-options
nosniff
age
545275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 23:14:12 GMT
l7gAbjR61M69yt8Z8w6FZf9WoBxdBrGFuV6JABQ.woff2
fonts.gstatic.com/s/spartan/v18/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spartan/v18/l7gAbjR61M69yt8Z8w6FZf9WoBxdBrGFuV6JABQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spartan%7CSpartan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d3a5d19f251c58a6ffc34686f8c5449483347b4a3ea1d604d0082bfa052bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://berlin2023.rosterfy.eu
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:21:58 GMT
x-content-type-options
nosniff
age
480009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11884
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 22:41:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 17:21:58 GMT
QG0qu0OPw1
api.userway.org/api/tunings/ 		496 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/QG0qu0OPw1
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-23/widget_app_base_1684833599814.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.203.191.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-191-61.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fecb39d4a2a7bfac534ea077df98a6499607e36d87ca8205bdee5f94ac43dfb0

Request headers

Referer
https://berlin2023.rosterfy.eu/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 May 2023 06:42:08 GMT
etag
W/"1f0-RdMAj+0FfS6kX4/ex61g4xLwcZI"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr4e9d227d3760442
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
496
x-service-version
uw-pr
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=UA-138251578-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 May 2023 06:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
393
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 26 May 2023 08:35:34 GMT
footer:copyright
berlin2023.rosterfy.eu/api/v2/account/content/ 		167 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/api/v2/account/content/footer:copyright?&_locale=en-US
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
630f800a336590aa6bfb12682b4f9e604eb9109de48b0c78a518dc21313c35a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://berlin2023.rosterfy.eu/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, private
feature-policy
*
x-xss-protection
1; mode=block
cookie:warning
berlin2023.rosterfy.eu/api/v2/account/content/ 		207 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/api/v2/account/content/cookie:warning?_locale=null
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
feb57df4b2be158751e4cc021c87efcd3e22ce63552db7551abb60cc2c7e1eed
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://berlin2023.rosterfy.eu/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, private
feature-policy
*
x-xss-protection
1; mode=block
login:welcome
berlin2023.rosterfy.eu/api/v2/account/content/ 		39 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/api/v2/account/content/login:welcome?_locale=en-US
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
602aff57e1803c3c977ae2df5a038ffa2038118d298f83bf8788355ea3670c14
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://berlin2023.rosterfy.eu/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, private
feature-policy
*
x-xss-protection
1; mode=block
require-recaptcha
berlin2023.rosterfy.eu/api/v2/auth/ 		33 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/api/v2/auth/require-recaptcha
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
9e881f3ddd7816c148856ce785c5bf859b8fded4dc14d30a72e9e01661419579
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://berlin2023.rosterfy.eu/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, private
feature-policy
*
x-xss-protection
1; mode=block
footer:copyright
berlin2023.rosterfy.eu/api/v2/account/content/ 		167 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://berlin2023.rosterfy.eu/api/v2/account/content/footer:copyright?&_locale=en-US
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/js/vendor.js?id=f8e80f109ead51795bc59f10bbbc4eaa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.39.6.6 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-39-6-6.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
630f800a336590aa6bfb12682b4f9e604eb9109de48b0c78a518dc21313c35a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://berlin2023.rosterfy.eu/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, private
feature-policy
*
x-xss-protection
1; mode=block
DW1038fwsb8Y6fYfBcWgQt5ASRZHSec9nb8do1yh.png
s3.eu-west-3.amazonaws.com/storage.rosterfy.eu/misc/DW10/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-west-3.amazonaws.com/storage.rosterfy.eu/misc/DW10/DW1038fwsb8Y6fYfBcWgQt5ASRZHSec9nb8do1yh.png
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/css/portal.css?id=6400814d5704601b782809de9b1b1beb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.156.89 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-west-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
843a9276229f873a7e73af123f77a71a8c599aced7d920c5a0735aa5cb4f0988

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 06:42:08 GMT
Last-Modified
Sat, 09 Apr 2022 04:06:40 GMT
Server
AmazonS3
x-amz-request-id
7CBN71ZR4AZXGSHD
ETag
"4f1781629c271a1870621264e1120e84"
Content-Type
image/png
Cache-Control
private,max-age=3000,must-revalidate
Accept-Ranges
bytes
Content-Length
146101
x-amz-id-2
QCVc1eFfFRgpfwShnEELz87fNhERT/lqSNdm4yDacnM3rn2G62uxqKS0T22ZtYHTGI2ubg/2sPo=
pro-fa-brands-400-9a7529.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-brands-400-9a7529.woff2
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236fc2f5621e7ffa2d62218da380d67a9c0d6d3e498601b0d129e78651289130

Request headers

Referer
https://berlin2023.rosterfy.eu/
Origin
https://berlin2023.rosterfy.eu
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
cf-cache-status
HIT
last-modified
Fri, 24 Mar 2023 05:23:19 GMT
server
cloudflare
age
162613
etag
"641d33c7-b380"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cd4094d8e5e2a35-CDG
content-length
45952
pro-fa-solid-900-d5bbe9.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-solid-900-d5bbe9.woff2
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3503a42a883cfceb0c60b9d802aaf3538974a1ce1645e2c1a4e922eb53881c76

Request headers

Referer
https://berlin2023.rosterfy.eu/
Origin
https://berlin2023.rosterfy.eu
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
cf-cache-status
HIT
last-modified
Fri, 24 Mar 2023 05:31:29 GMT
server
cloudflare
age
3922264
etag
"641d35b1-5ea0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cd4094d8e5f2a35-CDG
content-length
24224
pro-fa-brands-400-f6b769.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-brands-400-f6b769.woff2
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe7a10434610e8494ce09ac2d4bc3d76621e425a6c448ac6001a1e1cd5c1d46

Request headers

Referer
https://berlin2023.rosterfy.eu/
Origin
https://berlin2023.rosterfy.eu
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:42:07 GMT
cf-cache-status
HIT
last-modified
Fri, 24 Mar 2023 05:23:19 GMT
server
cloudflare
age
2247237
etag
"641d33c7-4884"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cd4094d8e642a35-CDG
content-length
18564
collect
www.google-analytics.com/ 		35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1841302870&t=pageview&_s=1&dl=https%3A%2F%2Fberlin2023.rosterfy.eu%2Flogin&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Volunteer%20Management%20System%20Login%20%3E%20&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEAAAQABAAAAAAACIk~&cid=729876533.1685083328&tid=UA-138251578-1&_gid=1844152233.1685083328&gtm=457e35o0&gcs=G100&jsscut=1&z=1221621174
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 19:18:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41003
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1841302870&t=pageview&_s=2&dl=https%3A%2F%2Fberlin2023.rosterfy.eu%2Flogin&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Volunteer%20Management%20System%20Login%20%3E%20&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEAAAQABAAAAAAACIk~&cid=729876533.1685083328&tid=UA-138251578-1&_gid=1844152233.1685083328&gtm=457e35o0&gcs=G100&jsscut=1&z=443426372
Requested by
Host: berlin2023.rosterfy.eu
URL: https://berlin2023.rosterfy.eu/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 19:18:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41003
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
de.json
cdn.userway.org/widgetapp/2023-05-23/locales/ 		521 B
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-05-23/locales/de.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-23/widget_app_base_1684833599814.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
801a9dd44afa670dc4123699a9df20dd9a7c86a63dcb86763da52058a57a9106

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 06:42:08 GMT
via
1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
MUC50-P2
age
55
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
249154
x-accel-date
1684834174
x-77-nzt
AcO1qhFw/Df/Qs0DAA
x-accel-expires
@1710754174
last-modified
Tue, 23 May 2023 09:23:09 GMT
server
CDN77-Turbo
etag
W/"303cb9fe6669fde3a7001c15f5a2dfa4"
x-77-nzt-ray
4c156224db77d0c7c054706450d0650f
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
ca26jAmdWSrsvYUQZg05X3sEjWEsZEsRGXSV1d3NlNbvcdYqJQMkFA==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 06:42:08 GMT
via
1.1 60fdae524298443cc52e327d1b093408.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
261327
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
307210
x-accel-date
1684776118
x-77-nzt
AcO1qhG1zZD/CrAEAA
x-accel-expires
@1710696118
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray
4c156224428d39afc05470643b91802b
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
HFRxbJmcGDWqqmV3KNhD1G578_icDRq0f-5Agoz9DrxzH9b6rZQlCw==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://berlin2023.rosterfy.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 06:42:08 GMT
via
1.1 047bd08beb708919e51605064d34f6ec.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
272446
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
307211
x-accel-date
1684776117
x-77-nzt
AcO1qhE+hHz/C7AEAA
x-accel-expires
@1710696117
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
4c156224428d39afc0547064581d872b
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
G0xbiIpDp58l21ydbbV4L0GH5JbzPTjlff8uYhWSm3DBY9hrtSbk3Q==

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| UserWayWidgetApp function| gtag object| dataLayer object| FontAwesomeKitConfig object| twttr object| Rosterfy object| webpackChunk object| FB object| DD_RUM function| _ function| vueRecaptchaApiLoaded object| core object| fabric function| axios function| moment object| Luxon function| Pusher object| __twttrll object| __twttr object| google_tag_manager object| google_tag_data object| __buffer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaGlobal object| i18n function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| recaptcha string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| UserWay

1 Cookies

Domain/Path Name / Value
.fonts.net/ Name: __cf_bm
Value: gejhstEp75jNLWfoK2uVt84gplHW0ajkceUmUcrgcxA-1685083326-0-AU5LpfZORJLW7VNxRKgBuAVz/DRtXc9C5QDKZ96OUTWaskyAk7NoYfZhhUKHhzNyOC9OaKF3DT7aF7s0gWPjjgA=

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: '*'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.onetrust.com https://*.euc-freshbots.ai cdn.eye-able.com *.eye-able-cdn.com https://cdn.jsdelivr.net https://code.jquery.com *.cookielaw.org https://*.service-now.com *.googletagmanager.com *.nr-data.net *.zdassets.com js-agent.newrelic.com cdn.jsdelivr.net *.google.com *.gstatic.com *.googleapis.com *.google-analytics.com *.zendesk.com *.facebook.net usrwy.com *.userway.org *.fontawesome.com *.twitter.com js.stripe.com; style-src 'self' 'unsafe-inline' *.rosterfy.com *.rosterfy.co *.rosterfy.eu *.fontawesome.com https://*.euc-freshbots.ai https://cdn.jsdelivr.net *.eye-able-cdn.com https://fonts.googleapis.com https://maps.googleapis.com https://*.fonts.net *.twitter.com; img-src * blog: blob: data: *.google-analytics.com *.stripe.com; media-src *; font-src 'self' s3.eu-west-2.amazonaws.com *.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com ; connect-src 'self' *.browser-intake-datadoghq.com *.b2clogin.com googleads.g.doubleclick.net https://*.euc-freshbots.ai wss://rts-euc.freshworksapi.com cdn.eye-able.com ws-mt1.pusher.com rts-euc.freshworksapi.com *.service-now.com *.cookielaw.org maps.googleapis.com *.nr-data.net services.postcodeanywhere.co.uk *.onetrust.com privacyportal-eu.onetrust.com *.bugsnag.com *.zdassets.com *.amazonaws.com *.userway.org *.zendesk.com *.google.com *.googlesyndication.com *.google-analytics.com analytics.google.com stats.g.doubleclick.net *.fontawesome.com https://gg02.staging.givengain.com https://www.givengain.com *.pusher.com *.pusherapp.com wss://*.pusher.com; object-src 'none'; frame-src 'self' *.twitter.com *.service-now.com https://js.stripe.com *.safetyhub.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com *.userway.org *.youtube.com *.vimeo.com *.google.com *.amazonaws.com *.herbiz.art *.visiotalent.com; frame-ancestors 'self' *.youtube.com *.vimeo.com *.volunteer.fifa.com rosterfy.com *.service-now.com host.nxt.blackbaud.com trailwalker.oxfam.org.au *.herbiz.art *.visiotalent.com; worker-src blob:; child-src https://*.vimeo.com https://*.youtube.com https://cdn.cookielaw.org http://cdn.cookielaw.org *.fifa.com *.fifaplus.com *.herbiz.art *.visiotalent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
berlin2023.rosterfy.eu
cdn.userway.org
connect.facebook.net
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
platform.twitter.com
s3.eu-west-3.amazonaws.com
sessions.bugsnag.com
syndication.twitter.com
usrwy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.244.42.136
13.39.6.6
18.66.112.78
2600:1901:0:7a0b::
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:e14e
2606:4700::6812:1734
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a02:6ea0:c700::19
2a03:2880:f083:9:face:b00c:0:3
52.95.156.89
54.203.191.61
0a944f3517d0b71dfa24be78cbb4d6e5a64a4dc605d11a906bbf307367336da7
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
12b8a9da0bdcea046aeb19ab2e7c7f567163344fed3bad529275aa4f11ef2d27
212cc3547be3d9a40c9d76403b940774a07fe73f8cc3e8e8cc94ff22ebe67537
236fc2f5621e7ffa2d62218da380d67a9c0d6d3e498601b0d129e78651289130
2a0c55bd407682809e5e04678dc8e2309923d806b0fa4b9c69fee63085390460
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3503a42a883cfceb0c60b9d802aaf3538974a1ce1645e2c1a4e922eb53881c76
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
41d3a5d19f251c58a6ffc34686f8c5449483347b4a3ea1d604d0082bfa052bf9
46956a74da479b33654882f98eea25429558788ec39bfe7d28d267a084f895ed
4d5e287f0e60cc7efadd2bdf39ff53499de57249b69a3ae73497a187ff908e2a
5fe7a10434610e8494ce09ac2d4bc3d76621e425a6c448ac6001a1e1cd5c1d46
602aff57e1803c3c977ae2df5a038ffa2038118d298f83bf8788355ea3670c14
630f800a336590aa6bfb12682b4f9e604eb9109de48b0c78a518dc21313c35a9
681f15f1dd66646e3c4be78f9c74962004cbc764f0fbb1da993f6937a3ac1e8a
68ebcfdc2ad75e2862bdb8b38478785f03396c2b97966321ef2c5d31ca499815
7045239aa5dadb2237de04c5b58d4de0a08d84f36b8ede7384c2f686398953da
801a9dd44afa670dc4123699a9df20dd9a7c86a63dcb86763da52058a57a9106
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843a9276229f873a7e73af123f77a71a8c599aced7d920c5a0735aa5cb4f0988
85010d8c82b04d4f155aa67e8360f83c641b2f096930fe0219ec8400a192090d
89cbc3419b981a6bb59bbb4575934569ac3cd44f035bcf1c82f84ca96c8dcdb4
8f87764f2890408886af35ff3e6005755d968abbcccde348639b8fcced5b3771
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98d0f09b45a20300d9203a9375306f6933c344b9c1b45dab4ec331ede9ee814b
9e881f3ddd7816c148856ce785c5bf859b8fded4dc14d30a72e9e01661419579
a285192a5c6ca70b33b8a4a7c7669fb7ba3e0ed57834a6d70eaf7ca8ddeed22a
aa3b65137b46cfc245fabf8b3940a8d2980f8e816977c0c20a3403c507c78f58
aaff161bf463b221f844c44aab50212ca15d50555056fd1f686b3f54a7538e14
bb74dfa85951b5ef800c12ecd7037a2ecc15e2de09cbf4d0ba6107e4c43d146d
bca5e92fbad34510f75f0cb2825bdb9d33766182c15f41f2fd5a1a9cb6c4f2fd
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c88033897e0e92daed6700a3ef39a5c64b0141aea0d4e2b6eb0367cb9837b5d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef57b60910eb97830a97acd9cf08d93b96a69845371a99b63c088a4431cc68a2
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e
fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86
feb57df4b2be158751e4cc021c87efcd3e22ce63552db7551abb60cc2c7e1eed
fecb39d4a2a7bfac534ea077df98a6499607e36d87ca8205bdee5f94ac43dfb0