urlscan.io logo urlscan.io
SecurityTrails logo

onlinejoining.highlifehighland.com Open in urlscan Pro
51.141.224.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hlh.scot/uhi
Effective URL: https://onlinejoining.highlifehighland.com/uhi
Submission: On November 24 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 27 HTTP transactions. The main IP is 51.141.224.129, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onlinejoining.highlifehighland.com.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.
This is the only time onlinejoining.highlifehighland.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    67.199.248.13 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com
hlh.scot
7    51.141.224.129 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
onlinejoining.highlifehighland.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    18.66.30.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-30-81.bom78.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:2057:3400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    52.34.194.100 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-194-100.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1334
q.stripe.com — Cisco Umbrella Rank: 9898
m.stripe.com — Cisco Umbrella Rank: 1299
101 KB
7 highlifehighland.com
onlinejoining.highlifehighland.com
162 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2118
www.google-analytics.com — Cisco Umbrella Rank: 40
20 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1422
16 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 67
118 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5405
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 94
455 B
1 gstatic.com
fonts.gstatic.com
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 400
9 KB
1 hlh.scot
hlh.scot
466 B
27 12
Domain Requested by
7 onlinejoining.highlifehighland.com onlinejoining.highlifehighland.com
3 q.stripe.com onlinejoining.highlifehighland.com
3 js.stripe.com onlinejoining.highlifehighland.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com onlinejoining.highlifehighland.com
www.googletagmanager.com
1 m.stripe.com m.stripe.network
1 www.google.de onlinejoining.highlifehighland.com
1 www.google.com onlinejoining.highlifehighland.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com onlinejoining.highlifehighland.com
1 cdn.jsdelivr.net onlinejoining.highlifehighland.com
1 hlh.scot 1 redirects
27 15

This site contains links to these domains. Also see Links.

Domain
surveys.highlifehighland.com
www.highlifehighland.com
Subject Issuer Validity Valid
onlinejoining.highlifehighland.com
R3		 2022-09-23 -
2022-12-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-01-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-03-09		 4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-15 -
2023-01-26		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://onlinejoining.highlifehighland.com/uhi
Frame ID: 211B4444D10C662DABB6C09A4F8B728B
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 79BF19C2A9C62CB866136179935EEEEF
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D3A1D76B3095B795E049E6D32040CEBD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Join High Life Highland

Page URL History Show full URLs

  1. http://hlh.scot/uhi HTTP 302
    https://onlinejoining.highlifehighland.com/uhi Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • livewire(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

27
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

443 kB
Transfer

1196 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hlh.scot/uhi HTTP 302
    https://onlinejoining.highlifehighland.com/uhi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request uhi
onlinejoining.highlifehighland.com/
Redirect Chain
  • http://hlh.scot/uhi
  • https://onlinejoining.highlifehighland.com/uhi
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.141.224.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
aa5f4a01408396163f27e5d2f85584d84b5d877ac0a23784a121e89b5e7ffcdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 15:18:56 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=90
Content-Length
133
Content-Security-Policy
referrer always;
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 15:18:55 GMT
Location
https://onlinejoining.highlifehighland.com/uhi
Referrer-Policy
unsafe-url
Server
nginx
Strict-Transport-Security
max-age=1209600
Via
1.1 google
vendor.c14144d4dd0e242ad84f.css
onlinejoining.highlifehighland.com/assets/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlinejoining.highlifehighland.com/assets/vendor.c14144d4dd0e242ad84f.css
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.141.224.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
87e76e76b474e0092d66afbff9ab69c4320bffc72cc884f134dd3968afce49c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/uhi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 Nov 2022 11:51:15 GMT
server
nginx
etag
W/"637771b3-5f81"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
admin.6425d54692b0208cb200.css
onlinejoining.highlifehighland.com/assets/ 		35 B
225 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlinejoining.highlifehighland.com/assets/admin.6425d54692b0208cb200.css
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.141.224.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
039f5bd96230e6c8ba180f372b5604a5b58d8eef31d9cf0c2272b0438e941962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/uhi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 16:06:58 GMT
server
nginx
etag
"5fbe8122-23"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
35
x-xss-protection
1; mode=block
alpine.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.7.3/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.7.3/dist/alpine.min.js
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11b72978f3f04621c2e130d92527099190788f5e08f4a5ef05c72a95fcfa707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onlinejoining.highlifehighland.com/
Origin
https://onlinejoining.highlifehighland.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21448608
x-jsd-version
2.7.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19164-FRA, cache-hhn4042-HHN
x-jsd-version-type
version
server
cloudflare
etag
W/"67a0-QHSi3e0DiRvXFXlgnmOPpqWDbjo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS%2BmDteIew71s07YseKiGfvezNzA4sUf%2BDOuQ%2B0TE6BN5SwH2D9KgaIxr02kdKVP%2FEdAuDDutNWqj71IyP59fNLzbYpfehshzVKkiwtLrOyhMVzRvSuCoyiBwRO2SAwQ3EfQg3xbFwvutnR%2Ba7s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
76f31eb90e2a9158-FRA
application.0a2519c4bee100e5037b.js
onlinejoining.highlifehighland.com/assets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinejoining.highlifehighland.com/assets/application.0a2519c4bee100e5037b.js
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.141.224.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
3066067e677630e359df281fce9bfdab03e5b5ed52cc2a503b4cdb90f5e5c8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/uhi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 Nov 2022 11:51:15 GMT
server
nginx
etag
W/"637771b3-b43"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
/
js.stripe.com/v3/ 		398 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-81.bom78.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 15:18:44 GMT
via
1.1 1c78559300107093ca4007ca361b8f00.cloudfront.net (CloudFront)
x-amz-cf-pop
BOM78-P1
age
26
x-cache
Hit from cloudfront
last-modified
Tue, 22 Nov 2022 04:35:53 GMT
server
Cloudfront
etag
W/"0811280c436e51c657484d591864732e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
uOW_SxyS1ut9n5hN9FWDsGlA6CULgfmpXlRTrlI-4OOzA8yp1S3rSA==
js
www.googletagmanager.com/gtag/ 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-500B9HFF17
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
690dcf64d8337bec84ab74aa3fa5ecd2d54c3a9c1ead8d538d4f28fbc9b681b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76897
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 24 Nov 2022 15:18:56 GMT
hlh-burst-with-white-text.png
onlinejoining.highlifehighland.com/branding/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinejoining.highlifehighland.com/branding/hlh-burst-with-white-text.png
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.141.224.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
d0297f0fc88a0b79dcdf615f3610ffd2d12da48aea9e44cb769f1227c12c24db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/uhi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 16:07:00 GMT
server
nginx
etag
"5fbe8124-16b30"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
92976
x-xss-protection
1; mode=block
logo.jpg
onlinejoining.highlifehighland.com/branding/schemes/uhi/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinejoining.highlifehighland.com/branding/schemes/uhi/logo.jpg
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.141.224.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
9c81c3ff0e6e917145e9b9fe30af370d8ca36b9713d44e8af0542971818e86d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/uhi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 17:24:41 GMT
server
nginx
etag
"631a2559-5058"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
20568
x-xss-protection
1; mode=block
livewire.js
onlinejoining.highlifehighland.com/vendor/livewire/ 		147 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinejoining.highlifehighland.com/vendor/livewire/livewire.js?id=1206b80829f080e0a454
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.141.224.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3a6265afe0d3a2a87c80272a47909d25621317517e13204a100a3db83963a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/uhi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 Nov 2022 11:51:22 GMT
server
nginx
etag
W/"637771ba-24b46"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito&display=swap
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c8de707408da9bc0d49a3960ddb9dab41b7577322867211c72614484eb8a991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 15:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 15:13:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 15:18:56 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onlinejoining.highlifehighland.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 17:14:49 GMT
x-content-type-options
nosniff
age
511448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 17:14:49 GMT
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 79BF 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-81.bom78.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onlinejoining.highlifehighland.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1714
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 14:50:24 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 1c78559300107093ca4007ca361b8f00.cloudfront.net (CloudFront)
x-amz-cf-id
_z5PMYHh-TqeiGDCMhmvHdzsHDAEX8DQ9-Zc7K3_E8nfbCS7UjG_JA==
x-amz-cf-pop
BOM78-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-27239131-5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-500B9HFF17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79cfe7f40d45cfedac6c4c3a40b3ad7c3fd70b68afe892812508c968e479a841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:18:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43660
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Nov 2022 15:18:57 GMT
collect
region1.google-analytics.com/g/ 		0
360 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-500B9HFF17&gtm=2oeb90&_p=1434644743&cid=449132655.1669303138&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669303137&sct=1&seg=0&dl=https%3A%2F%2Fonlinejoining.highlifehighland.com%2Fuhi&dt=Join%20High%20Life%20Highland&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-500B9HFF17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 15:18:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onlinejoining.highlifehighland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-27239131-5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 13:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6848
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 24 Nov 2022 15:24:49 GMT
csp-report
q.stripe.com/ Frame 79BF 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 24 Nov 2022 15:18:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 79BF 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 24 Nov 2022 15:18:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 79BF 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.30.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-30-81.bom78.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 24 Nov 2022 15:08:54 GMT
x-content-type-options
nosniff
via
1.1 1c78559300107093ca4007ca361b8f00.cloudfront.net (CloudFront)
x-amz-cf-pop
BOM78-P1
age
1801
x-cache
Hit from cloudfront
content-length
631
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
q9PxsBJ-66VQ0JEWzL6IvpmIPr5I6EoRqQAKdHs3vTllpxu5au9Pug==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1434644743&t=pageview&_s=1&dl=https%3A%2F%2Fonlinejoining.highlifehighland.com%2Fuhi&ul=en-us&de=UTF-8&dt=Join%20High%20Life%20Highland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1096033650&gjid=926014402&cid=449132655.1669303138&tid=UA-27239131-5&_gid=328128280.1669303138&_r=1&gtm=2oub90&z=56230664
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onlinejoining.highlifehighland.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 15:18:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onlinejoining.highlifehighland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-27239131-5&cid=449132655.1669303138&jid=1096033650&gjid=926014402&_gid=328128280.1669303138&_u=YADAAUAAAAAAACAAI~&z=394449604
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onlinejoining.highlifehighland.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 24 Nov 2022 15:18:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onlinejoining.highlifehighland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
inner.html
m.stripe.network/ Frame D3A1 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
295
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 15:14:05 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-id
vC6RatfJWu-T3ndK5HKrAmIUMnmGxZ0IHsLTSvBLkZm8in_nM34y7w==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-27239131-5&cid=449132655.1669303138&jid=1096033650&_u=YADAAUAAAAAAACAAI~&z=888492840
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 15:18:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-27239131-5&cid=449132655.1669303138&jid=1096033650&_u=YADAAUAAAAAAACAAI~&z=888492840
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlinejoining.highlifehighland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 15:18:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame D3A1 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: onlinejoining.highlifehighland.com
URL: https://onlinejoining.highlifehighland.com/uhi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 15:18:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame D3A1 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 15:17:42 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
80
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
Og60_bAdtfM82d5I-1jlwgvqwXsS4F02Y84yU8FCmGUmhmrxAP2-3Q==
6
m.stripe.com/ Frame D3A1 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.194.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-194-100.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5c4c072cf314c18c0533ed8df4e26efe7dc3d127eb71955ec9033d48f5458d26
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Nov 2022 15:18:58 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkStripeJSouter function| Stripe function| gtag object| dataLayer function| checkout object| Livewire object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine object| google_tag_manager object| google_tag_data object| Alpine function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

10 Cookies

Domain/Path Name / Value
.hlh.scot/ Name: _bit
Value: maofiT-dbea76e89cb2db3d7f-00x
onlinejoining.highlifehighland.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjdtSUxza01FV3E4QkloYTh1Z1Z4eGc9PSIsInZhbHVlIjoiUmhjU3VBMVZrdUJCYnhkaXVPTzdyQThaZDgrZ1NFZGxBeVczUldRZW9TYXc1ZURISjF6THc2M1h4VS9ScTFOTzI2SW4wK1pmV21ZK2Faak1oVUNlMG13OFBuTDZSQ1I1Tkd6N0tVOUZFYW1PaXhJYkx1ZVZwWnRkOElQa1dUNnoiLCJtYWMiOiI2MzM4OGU2NjVmYTc5OTkzYjNkM2FlMmNhOWYyZWZlY2YwMmFlMjMxZmVkOGRhNDZiZmZmOThiNDVkMTRkZjFkIiwidGFnIjoiIn0%3D
onlinejoining.highlifehighland.com/ Name: join_high_life_highland_session
Value: eyJpdiI6InE1ZC95dTdMVGdsOE5nK0h6WFZla1E9PSIsInZhbHVlIjoiQm9NYWRkOThmNXJhT0c3L2d5R282a0lleFJyWlNhT3kzZFVSdjVidEZUNmpIbkVMcXpsWTR4eFd0Tm5nSkF0Vis0cXpFQXhQYmpFUXQrSXRFcytRYlpUUmU1c2xlSXViZktQSzVQTE03b2FlS0pmZktvQUd1QllDWEVsMWh2dXciLCJtYWMiOiI5ZWE3NTU3MDljY2Y3YWQ3OTRmNzM5YzIzNThkYjA0OTYyMDI1ZWJlMjA1ZGU2ZWUwMTYxYmY2YWNjZjRmNmM3IiwidGFnIjoiIn0%3D
.highlifehighland.com/ Name: _ga_500B9HFF17
Value: GS1.1.1669303137.1.0.1669303137.0.0.0
.highlifehighland.com/ Name: _ga
Value: GA1.2.449132655.1669303138
.highlifehighland.com/ Name: _gid
Value: GA1.2.328128280.1669303138
.highlifehighland.com/ Name: _gat_gtag_UA_27239131_5
Value: 1
m.stripe.com/ Name: m
Value: 3be227c9-d650-44c2-ae88-039df21628e9a86ae7
.onlinejoining.highlifehighland.com/ Name: __stripe_mid
Value: 07ff5c86-e12c-4aa7-a31d-67078e33511c21658a
.onlinejoining.highlifehighland.com/ Name: __stripe_sid
Value: 5e75cdd3-8b85-4a27-96fb-ea27b8666c35cedaad

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
hlh.scot
js.stripe.com
m.stripe.com
m.stripe.network
onlinejoining.highlifehighland.com
q.stripe.com
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
18.66.30.81
2001:4860:4802:32::36
2600:9000:2057:3400:19:7d10:bd80:93a1
2606:4700::6810:5614
2a00:1450:4001:80e::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c1b::9d
51.141.224.129
52.34.194.100
54.187.159.182
67.199.248.13
039f5bd96230e6c8ba180f372b5604a5b58d8eef31d9cf0c2272b0438e941962
0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
3066067e677630e359df281fce9bfdab03e5b5ed52cc2a503b4cdb90f5e5c8dc
3c8de707408da9bc0d49a3960ddb9dab41b7577322867211c72614484eb8a991
5c4c072cf314c18c0533ed8df4e26efe7dc3d127eb71955ec9033d48f5458d26
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
690dcf64d8337bec84ab74aa3fa5ecd2d54c3a9c1ead8d538d4f28fbc9b681b1
79cfe7f40d45cfedac6c4c3a40b3ad7c3fd70b68afe892812508c968e479a841
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e76e76b474e0092d66afbff9ab69c4320bffc72cc884f134dd3968afce49c2
9c81c3ff0e6e917145e9b9fe30af370d8ca36b9713d44e8af0542971818e86d5
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa5f4a01408396163f27e5d2f85584d84b5d877ac0a23784a121e89b5e7ffcdc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
d0297f0fc88a0b79dcdf615f3610ffd2d12da48aea9e44cb769f1227c12c24db
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3a6265afe0d3a2a87c80272a47909d25621317517e13204a100a3db83963a06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11b72978f3f04621c2e130d92527099190788f5e08f4a5ef05c72a95fcfa707
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083