urlscan.io logo urlscan.io
SecurityTrails logo

www.highlandersfb.com Open in urlscan Pro
172.104.21.63  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://highlanders-test.footballshift.com/
Effective URL: https://www.highlandersfb.com/
Submission: On June 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 43 HTTP transactions. The main IP is 172.104.21.63, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.highlandersfb.com.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.
This is the only time www.highlandersfb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 173.230.149.130 63949 (AKAMAI-LI...)
2 172.104.21.63 63949 (AKAMAI-LI...)
3 2a00:1450:400... 15169 (GOOGLE)
22 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
6 45.79.17.106 63949 (AKAMAI-LI...)
1 2a00:1450:400... 15169 (GOOGLE)
43 11
1    173.230.149.130 (Fremont, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: rt1.digitalshift.ca
highlanders-test.footballshift.com
2    172.104.21.63 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: rt0.digitalshift.ca
www.highlandersfb.com
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
22    2606:4700:4400::ac40:911d (United States)

ASN13335 (CLOUDFLARENET, US)
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    45.79.17.106 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: lb1.digitalshift.ca
web.api.digitalshift.ca
static.digitalshift.ca
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
22 digitaloceanspaces.com
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 288276
925 KB
6 digitalshift.ca
web.api.digitalshift.ca — Cisco Umbrella Rank: 355962
static.digitalshift.ca — Cisco Umbrella Rank: 437991
4 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
417 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
90 KB
2 highlandersfb.com
www.highlandersfb.com
47 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
1 google.com
www.google.com — Cisco Umbrella Rank: 2
967 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
1 footballshift.com
highlanders-test.footballshift.com
107 B
43 10
Domain Requested by
22 digitalshift-assets.sfo2.cdn.digitaloceanspaces.com www.highlandersfb.com
5 web.api.digitalshift.ca digitalshift-assets.sfo2.cdn.digitaloceanspaces.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.highlandersfb.com
2 connect.facebook.net www.highlandersfb.com
connect.facebook.net
2 www.highlandersfb.com www.highlandersfb.com
1 static.digitalshift.ca www.highlandersfb.com
1 www.gstatic.com www.google.com
1 www.facebook.com connect.facebook.net
1 www.google.com www.highlandersfb.com
1 www.youtube.com www.highlandersfb.com
1 highlanders-test.footballshift.com 1 redirects
43 12
Subject Issuer Validity Valid
www.highlandersfb.com
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.sfo2.cdn.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-20 -
2025-05-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
web.api.digitalshift.ca
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
static.digitalshift.ca
R3		 2024-04-17 -
2024-07-16		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.highlandersfb.com/
Frame ID: 1C91ED457BD154B708883F27CB9BC772
Requests: 42 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fkuwXSz4EqY
Frame ID: E47A01B229CBCE2C7EB4ED0A6EBA0736
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v20.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdbe1a676c7ed10ce%26domain%3Dwww.highlandersfb.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.highlandersfb.com%252Ffa67f58cd9a6f9ae3%26relation%3Dparent.parent&container_width=809&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FDunedinHighlandersFB%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false
Frame ID: 558CC66CF2F24E1B2DDB119EA0E8D673
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Dunedin Highlanders Football

Page URL History Show full URLs

  1. https://highlanders-test.footballshift.com/ HTTP 302
    http://www.highlandersfb.com/ HTTP 307
    https://www.highlandersfb.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

43
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

1486 kB
Transfer

2968 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://highlanders-test.footballshift.com/ HTTP 302
    http://www.highlandersfb.com/ HTTP 307
    https://www.highlandersfb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.highlandersfb.com/
Redirect Chain
  • https://highlanders-test.footballshift.com/
  • http://www.highlandersfb.com/
  • https://www.highlandersfb.com/
23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.highlandersfb.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.104.21.63 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rt0.digitalshift.ca
Software
nginx /
Resource Hash
eedda031fdd88411ee0bc738df09f5e4ce611cfe2576a61698c2ffd7dfb046c7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Jun 2024 00:49:54 GMT
server
nginx
transfer-encoding
chunked

Redirect headers

Location
https://www.highlandersfb.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Jun 2024 00:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 31 May 2024 22:50:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Jun 2024 00:49:54 GMT
css
fonts.googleapis.com/ 		9 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,500,700
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0efc4965c1c33cf9bf539db060ef615ed544121d59b01dc0e96c38802a630328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Jun 2024 00:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 01 Jun 2024 00:49:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Jun 2024 00:49:54 GMT
icon
fonts.googleapis.com/ 		569 B
416 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Jun 2024 00:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 01 Jun 2024 00:49:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Jun 2024 00:49:54 GMT
site.css
www.highlandersfb.com/ 		359 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.highlandersfb.com/site.css?v=9bbf0359a379388199a9f81492f651f5
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.104.21.63 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rt0.digitalshift.ca
Software
nginx /
Resource Hash
a95ca0bdada7336b57f0f5cfb55f22b9ea216dcc0ed5753552ba1abbd7d6449c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:54 GMT
content-encoding
gzip
last-modified
Thu, 30 May 2024 22:41:23 GMT
server
nginx
etag
"66590093-9570"
content-length
38256
content-type
text/css
logo-1717045070816208451.png
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/logo-1717045070816208451.png
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ee4722d644310e2392c9e9a0770358168c2671074b1773f2a55f1e7c18c4a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000d8db6d82f87b1fcb-0066580750-b9ef01a-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
87332
last-modified
Thu, 30 May 2024 04:57:51 GMT
server
cloudflare
etag
"0aad29272a34df5eab40d25e3562f35d"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
88cb34de1f848fc5-FRA
promo-logo-1717031000372136389.png
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/promo-logo-1717031000372136389.png
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2911735d7444a84090ee37907c26b46e899a9388e3d096539c1ce714c63e43e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000000cda3edbe5410e6d-006657d05a-b9ef042-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
1789
last-modified
Thu, 30 May 2024 01:03:20 GMT
server
cloudflare
etag
"f04f7ce37c4ba3ef2046014219e00249"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
88cb34de1f808fc5-FRA
responsive-logo-1717044878819451222.png
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/responsive-logo-1717044878819451222.png
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35e5bf6dba2568b06b9bda8797c3d91c8e39062f739d4afb20910d352508f9e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000b597084546e6bc0b-006659d250-b9ef042-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
4465
last-modified
Thu, 30 May 2024 04:54:38 GMT
server
cloudflare
etag
"7101a012a3011cdf448f33af32ace11c"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
88cb34de1f858fc5-FRA
truncated
/ 		72 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6da8904219913d5172ec3d6261780f17cf973fa743cc580bda7439c9c1b49b53

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e98cc0ac0b3ae61fa155350fa641581cbee7629100db41d301d6c13b9ffddba

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c53ed0fc0f952907ce1b259ff8a53dd8a49469df8efa77c545bba05f19bac8a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Origin
https://www.highlandersfb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Jun 2024 00:49:54 GMT
content-md5
4DWkBMF13G81dlYHKmazqw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
G7S6IMxZMW6Jk6B6wmqXneQxdZJ30ZHPPr5pc5YvKlYz2C5l+cTSB4ZVWb9/qmdugZmLBHdJCdLwM4NMwBV0hQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
54203b76fcf358f228c565baad1b9937
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"53b409616aaef6f3e6746df842999d65"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 01 Jun 2024 01:09:13 GMT
fkuwXSz4EqY
www.youtube.com/embed/ Frame E47A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/fkuwXSz4EqY
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.highlandersfb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Jun 2024 00:49:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
1717031129-promo.png
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-e4bfb80f-d2c4-41c3-ae78-1326e6b678f2/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-e4bfb80f-d2c4-41c3-ae78-1326e6b678f2/1717031129-promo.png
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1b0c6fe310eb983fc14debf5f36ccecbda363cb1831c89eb0083a1d42a18a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000001de33c226b7569c7-006659d250-b9ece81-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
14922
last-modified
Thu, 30 May 2024 01:05:29 GMT
server
cloudflare
etag
"069e927e6a9b9ab1819deb6f74ee0f9e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
88cb34de1f828fc5-FRA
0v.aea99436.js
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/ 		688 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/0v.aea99436.js
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ed96728db3f2f37c142bb3ff582b4a80d9138945c3b1b231270f74b6af044b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:54 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000036810f96cc4981da-0065ef2f35-54a6898b-sfo2a
age
6858951
x-envoy-upstream-healthchecked-cluster
content-length
218921
last-modified
Mon, 10 Jul 2023 17:00:26 GMT
server
cloudflare
etag
"93f24e9beca2cd9c56725ed407da4f4a"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=315360000, no-transform, public
accept-ranges
bytes
cf-ray
88cb34de1f818fc5-FRA
truncated
/ 		168 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e30d942c06b59b316b9a33931301524a27097521c007c801e634b28ed73b5a8f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
1717030429-1223.png
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-a1bf749c-f0b3-4048-8e3d-0e4c2c9cef51/ 		294 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-a1bf749c-f0b3-4048-8e3d-0e4c2c9cef51/1717030429-1223.png
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f477c0a7260f56cba28c79bf8e76adc69a57a05d9b02454d14369646fcb8d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000004712a20d1450ce41-006657ce29-b9ef042-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
300549
last-modified
Thu, 30 May 2024 00:53:50 GMT
server
cloudflare
etag
"e388186be5a0167877cf6c1821a210bb"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
88cb34de1f838fc5-FRA
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.highlandersfb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 20:53:37 GMT
x-content-type-options
nosniff
age
14177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 May 2025 20:53:37 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.highlandersfb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:41:01 GMT
x-content-type-options
nosniff
age
295733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:41:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.highlandersfb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:45:01 GMT
x-content-type-options
nosniff
age
21893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 May 2025 18:45:01 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.highlandersfb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:37:41 GMT
x-content-type-options
nosniff
age
295933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:37:41 GMT
sdk.js
connect.facebook.net/en_US/ 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=430f3cf7f1113b756d76fd0e9540c8b0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
35b35d9cbc58836f21d6285a0452de87b58cf2937da2bfcb10e183623c12d0e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Origin
https://www.highlandersfb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Jun 2024 00:49:54 GMT
content-md5
3782iiI43WG5u3IxLte2TQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87598
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=20, mss=1326, tbw=6634, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
qL0CFPkdZz6Syx0VBxXxF8WCH5ERSa79xBcUhSej1s+9Ro87Phe6WgN3up/kVmyjGRlNM2ISQ3aK1JBNsxsQnQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
1857c5ffae99a362ab5c6c803371b874
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"b4b1cf0ac0462d1a715d4cab694a81b6"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 31 May 2025 23:12:57 GMT
1a.4242826f.js
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1a.4242826f.js
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3a989cc11899092489da1a695bafb0d3158558cd2ed5aca6505cdf6f1b0453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000263d31e4de390411-0065b3e9a4-53b0b77b-sfo2a
age
6368672
x-envoy-upstream-healthchecked-cluster
content-length
16162
last-modified
Mon, 10 Jul 2023 17:00:26 GMT
server
cloudflare
etag
"d4566d33185d300e136aa4f66363a87e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=315360000, no-transform, public
accept-ranges
bytes
cf-ray
88cb34deefc38fc5-FRA
2t.ba069054.js
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/2t.ba069054.js
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b3348abca3f583a5427f71a53c6d4dfdf9aa8bc215709c9a321682f2ef8a2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000f79903d3df346763-0065ef2f40-54a68812-sfo2a
age
6858951
x-envoy-upstream-healthchecked-cluster
content-length
2977
last-modified
Tue, 23 Aug 2022 18:38:12 GMT
server
cloudflare
etag
"96e5b59d200d10a41841825cac6bcf7f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=315360000, no-transform, public
accept-ranges
bytes
cf-ray
88cb34df2fd68fc5-FRA
api.js
www.google.com/recaptcha/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=reCaptchaRender&render=explicit
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3ff00f8ea7ac731f1d6bf1dd7a2e792112f2d6241aa062006e9dd692ef36e98b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 01 Jun 2024 00:49:55 GMT
page.php
www.facebook.com/v20.0/plugins/ Frame 558C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v20.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdbe1a676c7ed10ce%26domain%3Dwww.highlandersfb.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.highlandersfb.com%252Ffa67f58cd9a6f9ae3%26relation%3Dparent.parent&container_width=809&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FDunedinHighlandersFB%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=430f3cf7f1113b756d76fd0e9540c8b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.highlandersfb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Jun 2024 00:49:55 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v20.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1326, tbw=2772, tp=-1, tpl=-1, uplat=743, ullat=0
x-fb-debug
IgWZ4GKhU3ygCt8veDXim5XgprRlG71TYWtbXjmX2j6NMnNA1zAW/llBWto3wZ0/cjLP7rOVfsyD0kOVbhSn6A==
x-xss-protection
0
events
web.api.digitalshift.ca/widget/18841195-b6aa-4a26-9eef-ee2c381da486/ 		92 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.api.digitalshift.ca/widget/18841195-b6aa-4a26-9eef-ee2c381da486/events
Requested by
Host: digitalshift-assets.sfo2.cdn.digitaloceanspaces.com
URL: https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/0v.aea99436.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.17.106 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb1.digitalshift.ca
Software
/
Resource Hash
64401a6b9afc481ce37202d5be6528b5fc5843e9f950bd02d53de3fad603a7bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ds-request-id
e5647c4c0aca9c3aa7262cc019b2b7a1
x-content-type-options
nosniff
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
access-control-allow-headers
accept, origin, x-requested-with, authorization, content-type
background-1717045088152966677.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/background-1717045088152966677.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90dc96ddd36e210299baa78d28200d5594f786ded5152363aa42a9a80eb54d77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000009b187edd5e026f28-006659a98e-b9ef042-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
133435
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 04:58:08 GMT
server
cloudflare
etag
"934d0f3d8c3dc5101c8bf1436d1bc936"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e048288fc5-FRA
1717109424-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-1a06d275-72a6-4a72-86d2-415645064e79/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-1a06d275-72a6-4a72-86d2-415645064e79/1717109424-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9413be03b29bf344fd4619d6362898c6689697c171639b3dd0bbe0295e2e135e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000a5c3ea60ab93d89d-00665902f5-b9ece81-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
4400
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 22:50:24 GMT
server
cloudflare
etag
"a8bed76d64cdbb5d871069362002b293"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058328fc5-FRA
1717104434-grid.png
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-0b9a31a9-ec66-4f96-af1f-4950c99cb0a9/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-0b9a31a9-ec66-4f96-af1f-4950c99cb0a9/1717104434-grid.png
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6ed66c3f35a666b5580967b006d9986e4b44bb5e243fa9aedbc663c43d23c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000008dc22c6ad6ddf4e1-006658fc67-b9ece04-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
29758
last-modified
Thu, 30 May 2024 21:27:14 GMT
server
cloudflare
etag
"13e467d6137d32e8ef126bcefef3c423"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
88cb34e058338fc5-FRA
1717095293-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-84a0b4f6-9280-4db3-93f5-4a69e7db5fb9/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-84a0b4f6-9280-4db3-93f5-4a69e7db5fb9/1717095293-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85660bd613f112eb6d2a6e8416a0fbd127bc49315d9cd4de43c1855e44f51a43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000026a764cd54f8b533-006658cb91-b9ece04-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
8328
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 18:54:54 GMT
server
cloudflare
etag
"903f3f00e2947a8df7dbc37e428c94ac"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058358fc5-FRA
1717094285-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-8f22bb0d-a246-475d-abef-12ba3b7db2ff/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-8f22bb0d-a246-475d-abef-12ba3b7db2ff/1717094285-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a83884304d89174ab19c3c2b024bfe1809f6fca1635224db8c139099234c27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000001c59fe26bf11cb01-006658c7a8-b9f2f0a-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
11722
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 18:38:05 GMT
server
cloudflare
etag
"d129e295f27e50e6e21db8483f89d072"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058368fc5-FRA
1717095168-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-7aa90a89-fc45-4d57-96d2-5ec264882963/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-7aa90a89-fc45-4d57-96d2-5ec264882963/1717095168-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc446e8a0c72bfaf177b95df3c6d6a566f8b00fea5850fdfc7004353fc3e43bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000ff63512c25431476-006658cb0d-b9f2f0a-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
3784
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 18:52:48 GMT
server
cloudflare
etag
"037e73557e4aea15766977384b26d871"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058378fc5-FRA
1717094265-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-30a41829-0081-4e10-a2f1-9942b7fa0b2c/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-30a41829-0081-4e10-a2f1-9942b7fa0b2c/1717094265-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8702f3f7375939ed442d414ff8902647854c427c2b3f3ab354b5aed2d86004a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000047df71259d7e35a8-006658c7a8-b9ef01a-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
30705
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 18:37:45 GMT
server
cloudflare
etag
"6b3f315440fd72b76f1a83fabed1cfbf"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058398fc5-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 		528 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=reCaptchaRender&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
772ba4e7c02a03b95bd8fef71e44798097c7c37dc97d513843dceee897354738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Origin
https://www.highlandersfb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214205
x-xss-protection
0
last-modified
Mon, 27 May 2024 02:00:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 May 2025 18:51:00 GMT
emblem.da20120dcf4.svg
static.digitalshift.ca/services/footballshift/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.digitalshift.ca/services/footballshift/emblem.da20120dcf4.svg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/site.css?v=9bbf0359a379388199a9f81492f651f5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.17.106 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb1.digitalshift.ca
Software
nginx /
Resource Hash
da20120dcf4f5ed5f72f466be314b9a64fa4342814e7e1ef685462abb822faeb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
last-modified
Thu, 24 Aug 2023 21:11:29 GMT
server
nginx
accept-ranges
bytes
etag
"64e7c781-960"
content-length
2400
content-type
image/svg+xml
login
web.api.digitalshift.ca/ 		122 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.api.digitalshift.ca/login
Requested by
Host: digitalshift-assets.sfo2.cdn.digitaloceanspaces.com
URL: https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/0v.aea99436.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.17.106 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb1.digitalshift.ca
Software
/
Resource Hash
b36d63ff490b073cb7e65cf6022460775db1d11dc45674854012bf84cf9e1418
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://www.highlandersfb.com/
sec-ch-ua-platform
"Win32"

Response headers

x-ds-request-id
3b1da671edc59843bc5c248f5ebc0452
x-content-type-options
nosniff
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
access-control-allow-headers
accept, origin, x-requested-with, authorization, content-type
login
web.api.digitalshift.ca/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://web.api.digitalshift.ca/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.17.106 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb1.digitalshift.ca
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.highlandersfb.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
accept, origin, x-requested-with, authorization, content-type
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
application/json;charset=utf-8
x-content-type-options
nosniff
x-ds-request-id
ed763bb104ed18d3f79e38cd70b05d1b
1717109424-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-1a06d275-72a6-4a72-86d2-415645064e79/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-1a06d275-72a6-4a72-86d2-415645064e79/1717109424-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9413be03b29bf344fd4619d6362898c6689697c171639b3dd0bbe0295e2e135e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
cf-cache-status
HIT
x-amz-request-id
tx00000a5c3ea60ab93d89d-00665902f5-b9ece81-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
4400
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 22:50:24 GMT
server
cloudflare
etag
"a8bed76d64cdbb5d871069362002b293"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058328fc5-FRA
1717104434-grid.png
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-0b9a31a9-ec66-4f96-af1f-4950c99cb0a9/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-0b9a31a9-ec66-4f96-af1f-4950c99cb0a9/1717104434-grid.png
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6ed66c3f35a666b5580967b006d9986e4b44bb5e243fa9aedbc663c43d23c7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
cf-cache-status
HIT
last-modified
Thu, 30 May 2024 21:27:14 GMT
server
cloudflare
x-amz-request-id
tx000008dc22c6ad6ddf4e1-006658fc67-b9ece04-sfo2b
etag
"13e467d6137d32e8ef126bcefef3c423"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
88cb34e058338fc5-FRA
content-length
29758
1717095293-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-84a0b4f6-9280-4db3-93f5-4a69e7db5fb9/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-84a0b4f6-9280-4db3-93f5-4a69e7db5fb9/1717095293-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85660bd613f112eb6d2a6e8416a0fbd127bc49315d9cd4de43c1855e44f51a43

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
cf-cache-status
HIT
x-amz-request-id
tx0000026a764cd54f8b533-006658cb91-b9ece04-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
8328
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 18:54:54 GMT
server
cloudflare
etag
"903f3f00e2947a8df7dbc37e428c94ac"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058358fc5-FRA
1717094285-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-8f22bb0d-a246-475d-abef-12ba3b7db2ff/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-8f22bb0d-a246-475d-abef-12ba3b7db2ff/1717094285-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a83884304d89174ab19c3c2b024bfe1809f6fca1635224db8c139099234c27

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
cf-cache-status
HIT
x-amz-request-id
tx000001c59fe26bf11cb01-006658c7a8-b9f2f0a-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
11722
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 18:38:05 GMT
server
cloudflare
etag
"d129e295f27e50e6e21db8483f89d072"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058368fc5-FRA
1717095168-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-7aa90a89-fc45-4d57-96d2-5ec264882963/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-7aa90a89-fc45-4d57-96d2-5ec264882963/1717095168-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc446e8a0c72bfaf177b95df3c6d6a566f8b00fea5850fdfc7004353fc3e43bc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
cf-cache-status
HIT
x-amz-request-id
tx00000ff63512c25431476-006658cb0d-b9f2f0a-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
3784
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 18:52:48 GMT
server
cloudflare
etag
"037e73557e4aea15766977384b26d871"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058378fc5-FRA
1717094265-grid.jpg
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-30a41829-0081-4e10-a2f1-9942b7fa0b2c/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/p-30a41829-0081-4e10-a2f1-9942b7fa0b2c/1717094265-grid.jpg
Requested by
Host: www.highlandersfb.com
URL: https://www.highlandersfb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8702f3f7375939ed442d414ff8902647854c427c2b3f3ab354b5aed2d86004a2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:55 GMT
cf-cache-status
HIT
x-amz-request-id
tx0000047df71259d7e35a8-006658c7a8-b9ef01a-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
30705
cf-bgj
h2pri
last-modified
Thu, 30 May 2024 18:37:45 GMT
server
cloudflare
etag
"6b3f315440fd72b76f1a83fabed1cfbf"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpg
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
88cb34e058398fc5-FRA
favicon-1717016579206483031.png
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/ 		68 KB
69 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/1036d887-61b6-4148-9327-155393fec852/favicon-1717016579206483031.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b41f793bf01c6de9da0e88c2c970e7b5f30d21f35e84fa8791f7086527b764
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.highlandersfb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:49:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000006d2aabc3e43caae0-0066579805-b9ece04-sfo2b
x-envoy-upstream-healthchecked-cluster
content-length
69893
last-modified
Wed, 29 May 2024 21:02:59 GMT
server
cloudflare
etag
"ef234c8dd6d92c73daf146b612220c03"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
fdd94bab-8588-4d3c-b0ae-1c9373789d64
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
88cb34e78a6c8fc5-FRA
events
web.api.digitalshift.ca/widget/18841195-b6aa-4a26-9eef-ee2c381da486/ 		25 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.api.digitalshift.ca/widget/18841195-b6aa-4a26-9eef-ee2c381da486/events
Requested by
Host: digitalshift-assets.sfo2.cdn.digitaloceanspaces.com
URL: https://digitalshift-assets.sfo2.cdn.digitaloceanspaces.com/pw/0v.aea99436.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.17.106 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb1.digitalshift.ca
Software
/
Resource Hash
6c7060f2f3bd01fcfa4f3d81995c669a0c3c414ea77455e3ccb92660b67aaee5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
ticket="wGAELRWojZBYwnPwsb2RMExUV5fjhPyW_6r3t1g7gyC0o5XVwsJzEStk8KAoy1MKZfAFUB_8A6dkYWq9kjzUSqjy"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.highlandersfb.com/
sec-ch-ua-platform
"Win32"

Response headers

x-ds-request-id
a05129a785ba8bb7747c3e6fcff38632
x-content-type-options
nosniff
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
access-control-allow-headers
accept, origin, x-requested-with, authorization, content-type
events
web.api.digitalshift.ca/widget/18841195-b6aa-4a26-9eef-ee2c381da486/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://web.api.digitalshift.ca/widget/18841195-b6aa-4a26-9eef-ee2c381da486/events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.17.106 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb1.digitalshift.ca
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.highlandersfb.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
accept, origin, x-requested-with, authorization, content-type
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
application/json;charset=utf-8
x-content-type-options
nosniff
x-ds-request-id
f9b013e0a79c86e178b9ec58b63aee45

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| config function| fbAsyncInit object| FB object| __buffer function| $ function| jQuery function| moment object| angular object| flexibility function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| SignaturePad function| RegistrationFormListCtrl function| table2csv object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: J0d2oCg_Htw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: XSL7kwDd7eA
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgOw%3D%3D

1 Console Messages

Source Level URL
Text
network error URL: https://web.api.digitalshift.ca/widget/18841195-b6aa-4a26-9eef-ee2c381da486/events
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
digitalshift-assets.sfo2.cdn.digitaloceanspaces.com
fonts.googleapis.com
fonts.gstatic.com
highlanders-test.footballshift.com
static.digitalshift.ca
web.api.digitalshift.ca
www.facebook.com
www.google.com
www.gstatic.com
www.highlandersfb.com
www.youtube.com
172.104.21.63
173.230.149.130
2606:4700:4400::ac40:911d
2a00:1450:4001:800::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:830::2003
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
45.79.17.106
0efc4965c1c33cf9bf539db060ef615ed544121d59b01dc0e96c38802a630328
2911735d7444a84090ee37907c26b46e899a9388e3d096539c1ce714c63e43e9
35b35d9cbc58836f21d6285a0452de87b58cf2937da2bfcb10e183623c12d0e3
35e5bf6dba2568b06b9bda8797c3d91c8e39062f739d4afb20910d352508f9e0
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3e98cc0ac0b3ae61fa155350fa641581cbee7629100db41d301d6c13b9ffddba
3ff00f8ea7ac731f1d6bf1dd7a2e792112f2d6241aa062006e9dd692ef36e98b
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
57a83884304d89174ab19c3c2b024bfe1809f6fca1635224db8c139099234c27
5f6ed66c3f35a666b5580967b006d9986e4b44bb5e243fa9aedbc663c43d23c7
64401a6b9afc481ce37202d5be6528b5fc5843e9f950bd02d53de3fad603a7bb
6c7060f2f3bd01fcfa4f3d81995c669a0c3c414ea77455e3ccb92660b67aaee5
6da8904219913d5172ec3d6261780f17cf973fa743cc580bda7439c9c1b49b53
772ba4e7c02a03b95bd8fef71e44798097c7c37dc97d513843dceee897354738
7c3a989cc11899092489da1a695bafb0d3158558cd2ed5aca6505cdf6f1b0453
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
85660bd613f112eb6d2a6e8416a0fbd127bc49315d9cd4de43c1855e44f51a43
8702f3f7375939ed442d414ff8902647854c427c2b3f3ab354b5aed2d86004a2
90dc96ddd36e210299baa78d28200d5594f786ded5152363aa42a9a80eb54d77
9413be03b29bf344fd4619d6362898c6689697c171639b3dd0bbe0295e2e135e
a6f477c0a7260f56cba28c79bf8e76adc69a57a05d9b02454d14369646fcb8d0
a95ca0bdada7336b57f0f5cfb55f22b9ea216dcc0ed5753552ba1abbd7d6449c
b36d63ff490b073cb7e65cf6022460775db1d11dc45674854012bf84cf9e1418
b3ed96728db3f2f37c142bb3ff582b4a80d9138945c3b1b231270f74b6af044b
bc446e8a0c72bfaf177b95df3c6d6a566f8b00fea5850fdfc7004353fc3e43bc
c1b41f793bf01c6de9da0e88c2c970e7b5f30d21f35e84fa8791f7086527b764
c53ed0fc0f952907ce1b259ff8a53dd8a49469df8efa77c545bba05f19bac8a7
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d5ee4722d644310e2392c9e9a0770358168c2671074b1773f2a55f1e7c18c4a2
da20120dcf4f5ed5f72f466be314b9a64fa4342814e7e1ef685462abb822faeb
dc1b0c6fe310eb983fc14debf5f36ccecbda363cb1831c89eb0083a1d42a18a9
e30d942c06b59b316b9a33931301524a27097521c007c801e634b28ed73b5a8f
e3b3348abca3f583a5427f71a53c6d4dfdf9aa8bc215709c9a321682f2ef8a2b
eedda031fdd88411ee0bc738df09f5e4ce611cfe2576a61698c2ffd7dfb046c7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615