urlscan.io logo urlscan.io
SecurityTrails logo

rostermatch.xponex.com Open in urlscan Pro
66.23.233.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rostermatch.xponex.com/
Effective URL: https://rostermatch.xponex.com/
Submission: On August 23 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 66.23.233.93, located in United States and belongs to IS-AS-1, US. The main domain is rostermatch.xponex.com.
TLS certificate: Issued by R3 on August 15th 2021. Valid for: 3 months.
This is the only time rostermatch.xponex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    66.23.233.93 (United States)

ASN19318 (IS-AS-1, US)
PTR: rostermatch.xponex.com
rostermatch.xponex.com
www.rostermatch.org
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
6 rostermatch.xponex.com 1 redirects rostermatch.xponex.com
3 www.rostermatch.org rostermatch.xponex.com
2 www.facebook.com rostermatch.xponex.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net rostermatch.xponex.com
connect.facebook.net
2 www.googletagmanager.com rostermatch.xponex.com
www.googletagmanager.com
16 6

This site contains no links.

Subject Issuer Validity Valid
rostermatch.xponex.com
R3		 2021-08-15 -
2021-11-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
www.rostermatch.org
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rostermatch.xponex.com/
Frame ID: 19167BFA5F6091160BC1911EFBD2E76C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RosterMatch | Find Players or Teams In Your Area

Page URL History Show full URLs

  1. http://rostermatch.xponex.com/ HTTP 301
    https://rostermatch.xponex.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

16
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1334 kB
Transfer

4679 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rostermatch.xponex.com/ HTTP 301
    https://rostermatch.xponex.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rostermatch.xponex.com/
Redirect Chain
  • http://rostermatch.xponex.com/
  • https://rostermatch.xponex.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rostermatch.xponex.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.23.233.93 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rostermatch.xponex.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e4c416e4ae27cbdd4780bde176bba520c3a2f33993f8d11c0d1a5f52b47a84d6

Request headers

Host
rostermatch.xponex.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 23 Aug 2021 12:30:24 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
Accept-Ranges
bytes
ETag
W/"989-P67viprscsda87Emz4AmT37GKTo"
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 23 Aug 2021 12:30:24 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://rostermatch.xponex.com/
bundle.js
rostermatch.xponex.com/static/js/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rostermatch.xponex.com/static/js/bundle.js
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.23.233.93 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rostermatch.xponex.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
0b7ccf8ff9fb5a0eabbfe9aac0b97b8fba5d6671f717405bbafd6fe0837bcbae

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rostermatch.xponex.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://rostermatch.xponex.com/
Connection
keep-alive
Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:30:25 GMT
Content-Encoding
gzip
ETag
W/"8c20-RpKBIZR25Lt0Ct8vGzJB9Ro09P4"
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
vendors~main.chunk.js
rostermatch.xponex.com/static/js/ 		3 MB
685 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rostermatch.xponex.com/static/js/vendors~main.chunk.js
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.23.233.93 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rostermatch.xponex.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
1e9476c415886a8e4fb0960f4971b107837fcb8ac09baba84feb3512dce3656b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rostermatch.xponex.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://rostermatch.xponex.com/
Connection
keep-alive
Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:30:25 GMT
Content-Encoding
gzip
ETag
W/"35bd20-zt56gz8ymSxx4XiB01JraxIrG60"
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
main.chunk.js
rostermatch.xponex.com/static/js/ 		180 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rostermatch.xponex.com/static/js/main.chunk.js
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.23.233.93 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rostermatch.xponex.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
f721ba87712ceea8677145c87d9cd4532334c7def3201cd987485ba7ee059df8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rostermatch.xponex.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://rostermatch.xponex.com/
Connection
keep-alive
Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:30:25 GMT
Content-Encoding
gzip
ETag
W/"2cf22-Kev/rAJ/0Yty99sNF6uKRWFuUbg"
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5D7Q9NX
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2e081ad673206af9ecbac10ba3d9691eca900997bb14895750f0afb73452f12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:30:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39601
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Aug 2021 12:30:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25940
x-xss-protection
0
pragma
public
x-fb-debug
pog7dTPg70nqpNg8ty5/XRbVXDlH1Uqz5/DA5MqF8PFCezJK1TX3IxGc3eL/28hF8sQquQfuc/rtgtPqJV7wQQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 23 Aug 2021 12:30:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-202444456-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D7Q9NX
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8ef945e8bc07fb4673a3adc553b3b2c7f8f9677899341ff1e86901cdbf67c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:30:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41046
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Aug 2021 12:30:25 GMT
1203602679997163
connect.facebook.net/signals/config/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1203602679997163?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d9569ad0586fb928013029816431eccbf33d6d81eb2327f26e2bb6987c652c1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Myy2BCtkkUzBXLZv88BFgjcKYZnGoxCNKkngiAB9bw88lDkuNTt3RSlGEmFZdUn/MFaIszAqkKgJKkGFXjY0og==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 23 Aug 2021 12:30:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-202444456-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3231
date
Mon, 23 Aug 2021 11:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 23 Aug 2021 13:36:34 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=510657336&t=pageview&_s=1&dl=https%3A%2F%2Frostermatch.xponex.com%2F&ul=en-us&de=UTF-8&dt=RosterMatch%20%7C%20Find%20Players%20or%20Teams%20In%20Your%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=267682052&gjid=1340938428&cid=505916104.1629721825&tid=UA-202444456-1&_gid=465354405.1629721825&_r=1&gtm=2ou8i0&z=1441169495
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 12:30:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rostermatch.xponex.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1203602679997163&ev=PageView&dl=https%3A%2F%2Frostermatch.xponex.com%2F&rl=&if=false&ts=1629721825206&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629721825205.1501818698&it=1629721825051&coo=false&rqm=GET
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:30:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 23 Aug 2021 12:30:25 GMT
logo.1df7da5f.jpg
rostermatch.xponex.com/static/media/ 		414 KB
415 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rostermatch.xponex.com/static/media/logo.1df7da5f.jpg
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.23.233.93 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rostermatch.xponex.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
91f252336fb01c0af8fd988989379992a941b95401704bb5b5230cbeda20397d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rostermatch.xponex.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://rostermatch.xponex.com/
Connection
keep-alive
Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:30:25 GMT
ETag
W/"679a9-CRfNaE5TCgb62zro/8YWejX5QZs"
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
Content-Type
image/jpeg; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
424361
sport
www.rostermatch.org/api/v1/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rostermatch.org/api/v1/sport
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/static/js/vendors~main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.23.233.93 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rostermatch.xponex.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b76cd2a1f3959b0e54170f1e3db147cd7662cefa218c94ce28154e58831d8f65
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
1342
X-XSS-Protection
0
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 23 Aug 2021 12:30:26 GMT
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
ETag
W/"53e-0xUiKar2q+aCHm5TB3CwZNsVDcY"
post
www.rostermatch.org/api/v1/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rostermatch.org/api/v1/post
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/static/js/vendors~main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.23.233.93 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rostermatch.xponex.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
900d3b8210d6f18cf6e6065d5a139c35e2b4636d7abbd75d5e396a69cc34fcf0
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
6734
X-XSS-Protection
0
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 23 Aug 2021 12:30:26 GMT
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
ETag
W/"1a4e-h9EcIzRI98fbS/nhUolX7DCQwh0"
sport
www.rostermatch.org/api/v1/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rostermatch.org/api/v1/sport
Requested by
Host: rostermatch.xponex.com
URL: https://rostermatch.xponex.com/static/js/vendors~main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.23.233.93 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rostermatch.xponex.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b76cd2a1f3959b0e54170f1e3db147cd7662cefa218c94ce28154e58831d8f65
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
1342
X-XSS-Protection
0
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 23 Aug 2021 12:30:26 GMT
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
ETag
W/"53e-0xUiKar2q+aCHm5TB3CwZNsVDcY"
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1203602679997163&ev=Microdata&dl=https%3A%2F%2Frostermatch.xponex.com%2F&rl=&if=false&ts=1629721826709&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22RosterMatch%20%7C%20Find%20Players%20or%20Teams%20In%20Your%20Area%22%2C%22meta%3Adescription%22%3A%22Web%20site%20created%20using%20create-react-app%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629721826708.1054893732&it=1629721825051&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rostermatch.xponex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:30:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 23 Aug 2021 12:30:26 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager function| fbq function| _fbq function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga function| webpackHotUpdate object| webpackJsonpuser object| gaplugins object| gaGlobal object| gaData object| __REACT_DEVTOOLS_GLOBAL_HOOK__ boolean| __reactRefreshInjected object| regeneratorRuntime object| __REACT_ERROR_OVERLAY_GLOBAL_HOOK__ string| __react_router_build__ number| __styled-components-init__

0 Cookies

10 Console Messages

Source Level URL
Text
console-api log URL: https://rostermatch.xponex.com/static/js/vendors~main.chunk.js(Line 62697)
Message:
[HMR] Waiting for update signal from WDS...
console-api log URL: https://rostermatch.xponex.com/static/js/main.chunk.js(Line 459)
Message:
[object Object]
console-api error URL: https://rostermatch.xponex.com/static/js/vendors~main.chunk.js(Line 47035)
Message:
Warning: validateDOMNesting(...): %s cannot appear as a descendant of <%s>.%s <a> a at a at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:51075:23 at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:51123:31 at a at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:17150:22 at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:11326:21 at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:15925:23 at div at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:11193:22 at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:15720:96 at div at Transition (https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:54669:30) at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:13049:22 at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:16127:23 at nav at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:15996:96 at div at https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:13146:23 at div at O (https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:60968:6) at Navba (https://rostermatch.xponex.com/static/js/main.chunk.js:444:84) at Router (https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:51357:30) at BrowserRouter (https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:50977:35) at div at App
console-api log URL: https://rostermatch.xponex.com/static/js/main.chunk.js(Line 1633)
Message:
[object Object]
console-api log URL: https://rostermatch.xponex.com/static/js/main.chunk.js(Line 1605)
Message:
called
console-api warning URL: https://rostermatch.xponex.com/static/js/vendors~main.chunk.js(Line 19368)
Message:
src/App.js Line 3:25: 'Redirect' is defined but never used no-unused-vars Line 9:8: 'EditPost' is defined but never used no-unused-vars src/components/Navbar.js Line 2:9: 'Row' is defined but never used no-unused-vars Line 2:13: 'Button' is defined but never used no-unused-vars Line 2:21: 'Col' is defined but never used no-unused-vars Line 51:1: img elements must have an alt prop, either with meaningful text, or an empty string for decorative images jsx-a11y/alt-text src/components/PostCard.js Line 2:9: 'Button' is defined but never used no-unused-vars src/components/StripeButton.js Line 3:8: 'Roster' is defined but never used no-unused-vars src/config.js Line 1:7: 'API_URL' is assigned a value but never used no-unused-vars Line 3:2: Assign object to a variable before exporting as module default import/no-anonymous-default-export src/pages/CreatePost.js Line 2:30: 'Form' is defined but never used no-unused-vars Line 2:70: 'Textarea' is defined but never used no-unused-vars Line 3:10: 'Link' is defined but never used no-unused-vars Line 3:15: 'Redirect' is defined but never used no-unused-vars Line 3:24: 'useHistory' is defined but never used no-unused-vars Line 55:18: Expected '!==' and instead saw '!=' eqeqeq Line 89:19: 'data' is assigned a value but never used no-unused-vars Line 92:17: 'message' is assigned a value but never used no-unused-vars Line 119:73: Expected '===' and instead saw '==' eqeqeq src/pages/EmailSentPage.js Line 31:30: Expected '===' and instead saw '==' eqeqeq src/pages/Landing.js Line 2:16: 'Alert' is defined but never used no-unused-vars Line 2:22: 'Dropdown' is defined but never used no-unused-vars Line 2:32: 'DropdownButton' is defined but never used no-unused-vars Line 2:47: 'InputGroup' is defined but never used no-unused-vars Line 3:10: 'Link' is defined but never used no-unused-vars Line 4:8: 'Jumbotron' is defined but never used no-unused-vars Line 5:8: 'StripeButton' is defined but never used no-unused-vars Line 42:17: Expected '===' and instead saw '==' eqeqeq Line 45:28: Expected '===' and instead saw '==' eqeqeq Line 56:34: Expected '===' and instead saw '==' eqeqeq Line 95:7: 'total' is assigned a value but never used no-unused-vars src/pages/Posts.js Line 2:16: 'Container' is defined but never used no-unused-vars Line 2:34: 'Card' is defined but never used no-unused-vars Line 2:52: 'Dropdown' is defined but never used no-unused-vars Line 2:62: 'DropdownButton' is defined but never used no-unused-vars Line 6:10: 'Link' is defined but never used no-unused-vars Line 146:19: Expected '===' and instead saw '==' eqeqeq Line 166:16: Expected '===' and instead saw '==' eqeqeq Line 185:16: Expected '===' and instead saw '==' eqeqeq Line 202:19: Expected '===' and instead saw '==' eqeqeq Line 218:16: Expected '===' and instead saw '==' eqeqeq src/pages/ThankYoupage.js Line 2:8: 'Button' is defined but never used no-unused-vars Line 3:10: 'Link' is defined but never used no-unused-vars Line 107:36: Expected '===' and instead saw '==' eqeqeq Line 111:41: Expected '===' and instead saw '==' eqeqeq src/pages/VarificationPage.js Line 4:10: 'Link' is defined but never used no-unused-vars src/pages/contactus.js Line 2:30: 'Form' is defined but never used no-unused-vars Line 2:45: 'Textarea' is defined but never used no-unused-vars Line 3:10: 'Link' is defined but never used no-unused-vars Line 42:19: 'data' is assigned a value but never used no-unused-vars Line 45:17: 'message' is assigned a value but never used no-unused-vars Line 64:73: Expected '===' and instead saw '==' eqeqeq
console-api log URL: https://rostermatch.xponex.com/static/js/main.chunk.js(Line 2612)
Message:
[object Object],[object Object],[object Object],[object Object]
console-api error URL: https://rostermatch.xponex.com/static/js/vendors~main.chunk.js(Line 47035)
Message:
Warning: Each child in a list should have a unique "key" prop.%s%s See https://reactjs.org/link/warning-keys for more information.%s Check the render method of `Landing`. at option at Landing (https://rostermatch.xponex.com/static/js/main.chunk.js:2596:5) at Route (https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:51722:29) at Switch (https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:51924:29) at Router (https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:51357:30) at BrowserRouter (https://rostermatch.xponex.com/static/js/vendors~main.chunk.js:50977:35) at div at App
console-api log URL: https://rostermatch.xponex.com/static/js/main.chunk.js(Line 1624)
Message:
[object Object],[object Object],[object Object],[object Object]
console-api log URL: https://rostermatch.xponex.com/static/js/main.chunk.js(Line 1611)
Message:
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]