urlscan.io logo urlscan.io
SecurityTrails logo

hbweb.info Open in urlscan Pro
172.67.143.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hbweb.info/redstonefcu.h0me/
Effective URL: https://hbweb.info/redstonefcu.h0me/tom/
Submission Tags: @ecarlesi threat phishing redstonefcu Search All
Submission: On December 20 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 20 domains to perform 59 HTTP transactions. The main IP is 172.67.143.99, located in United States and belongs to CLOUDFLARENET, US. The main domain is hbweb.info.
TLS certificate: Issued by E1 on December 19th 2023. Valid for: 3 months.
This is the only time hbweb.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 172.67.143.99 13335 (CLOUDFLAR...)
1 216.58.206.42 15169 (GOOGLE)
15 2606:4700:303... 13335 (CLOUDFLAR...)
3 184.30.16.231 16625 (AKAMAI-AS)
1 151.101.65.26 54113 (FASTLY)
1 142.250.186.67 15169 (GOOGLE)
2 172.217.18.8 15169 (GOOGLE)
2 142.250.184.238 15169 (GOOGLE)
3 54.77.143.29 16509 (AMAZON-02)
4 142.250.186.68 15169 (GOOGLE)
1 1 34.255.242.39 16509 (AMAZON-02)
1 66.235.152.107 16509 (AMAZON-02)
1 104.19.147.8 13335 (CLOUDFLAR...)
1 142.250.186.66 15169 (GOOGLE)
1 4 13.107.21.200 8068 (MICROSOFT...)
2 88.221.60.75 16625 (AKAMAI-AS)
1 41.63.96.2 22822 (LLNW)
4 18.157.140.43 16509 (AMAZON-02)
1 157.240.251.35 32934 (FACEBOOK)
1 216.239.34.181 15169 (GOOGLE)
1 173.194.76.154 15169 (GOOGLE)
1 63.140.62.22 15224 (OMNITURE)
1 192.28.144.124 15224 (OMNITURE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.46 15169 (GOOGLE)
2 98.98.134.242 21859 (ZEN-ECN)
2 13.107.246.45 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 4.227.249.197 8075 (MICROSOFT...)
59 29
2    172.67.143.99 (United States)

ASN13335 (CLOUDFLARENET, US)
hbweb.info
1    216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f10.1e100.net
fonts.googleapis.com
15    2606:4700:3037::6815:5787 (United States)

ASN13335 (CLOUDFLARENET, US)
hbweb.info
3    184.30.16.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-231.deploy.static.akamaitechnologies.com
assets.adobedtm.com
1    151.101.65.26 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
2    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net
www.googletagmanager.com
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
cse.google.com
3    54.77.143.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-143-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
redfcu.demdex.net
4    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    34.255.242.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-242-39.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    66.235.152.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-107.data.adobedc.net
redfcu.tt.omtrdc.net
1    104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads.g.doubleclick.net
4    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    41.63.96.2 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-2.hhn.llnw.net
cdn01.basis.net
4    18.157.140.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-140-43.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net
stats.g.doubleclick.net
1    63.140.62.22 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-22.data.adobedc.net
rfcu.sc.omtrdc.net
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
588-pzs-844.mktoresp.com
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
clients1.google.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
2    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
u.clarity.ms
Apex Domain
Subdomains		 Transfer
17 hbweb.info
hbweb.info
154 KB
9 google.com
cse.google.com — Cisco Umbrella Rank: 3119
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 152
clients1.google.com — Cisco Umbrella Rank: 411
174 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
c.clarity.ms — Cisco Umbrella Rank: 1377
u.clarity.ms — Cisco Umbrella Rank: 7359
23 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2618
9 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
c.bing.com — Cisco Umbrella Rank: 228
16 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
redfcu.demdex.net
5 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 431
100 KB
2 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3501
267 B
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3659
8 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
2 KB
2 omtrdc.net
redfcu.tt.omtrdc.net
rfcu.sc.omtrdc.net
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
179 KB
1 mktoresp.com
588-pzs-844.mktoresp.com
318 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 basis.net
cdn01.basis.net — Cisco Umbrella Rank: 6042
2 KB
1 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2199
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1110
517 B
1 gstatic.com
fonts.gstatic.com
31 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2659
611 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
59 20
Domain Requested by
17 hbweb.info 1 redirects hbweb.info
5 www.google.com cse.google.com
hbweb.info
4 tags.srv.stackadapt.com hbweb.info
tags.srv.stackadapt.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
hbweb.info
3 assets.adobedtm.com hbweb.info
assets.adobedtm.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 pixel.sitescout.com hbweb.info
2 munchkin.marketo.net hbweb.info
munchkin.marketo.net
2 dpm.demdex.net assets.adobedtm.com
hbweb.info
2 cse.google.com hbweb.info
www.google.com
2 www.googletagmanager.com hbweb.info
www.googletagmanager.com
1 u.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
1 clients1.google.com hbweb.info
1 588-pzs-844.mktoresp.com munchkin.marketo.net
1 rfcu.sc.omtrdc.net hbweb.info
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.facebook.com hbweb.info
1 cdn01.basis.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 script.crazyegg.com www.googletagmanager.com
1 redfcu.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 redfcu.demdex.net assets.adobedtm.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.polyfill.io hbweb.info
1 fonts.googleapis.com hbweb.info
59 29
Subject Issuer Validity Valid
hbweb.info
E1		 2023-12-19 -
2024-03-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-02 -
2024-01-01		 a month crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-22 -
2024-09-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-09 -
2024-03-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-06 -
2024-02-05		 a year crt.sh
cdn01.basis.net
GeoTrust TLS RSA CA G1		 2023-05-30 -
2024-06-15		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-28 -
2023-12-27		 3 months crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-07 -
2024-10-07		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh

This page contains 3 frames:

Primary Page: https://hbweb.info/redstonefcu.h0me/tom/
Frame ID: 5383BDFF1E9E97BAAEF5E95B12EBD84B
Requests: 58 HTTP requests in this frame

Frame: https://redfcu.demdex.net/dest5.html?d_nsid=0
Frame ID: 00A5CA0E3082B63A6907D7CE8F89F868
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 4E1EBF6F7CE6FE4957AC16ED6200F58E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

signin_pagesearchsearch

Page URL History Show full URLs

  1. https://hbweb.info/redstonefcu.h0me/ HTTP 302
    https://hbweb.info/redstonefcu.h0me/tom/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

59
Requests

97 %
HTTPS

7 %
IPv6

20
Domains

29
Subdomains

29
IPs

4
Countries

702 kB
Transfer

2164 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hbweb.info/redstonefcu.h0me/ HTTP 302
    https://hbweb.info/redstonefcu.h0me/tom/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://cm.everesttech.net/cm/dd?d_uuid=42478429849602139783653454573684393120 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYJCDQAAACAuOANe
Request Chain 57
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BACF5A22B727497CAC1EBD9715222909&RedC=c.clarity.ms&MXFR=27F9858F3C156B311353966238156520 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BACF5A22B727497CAC1EBD9715222909&MUID=27AA967A784F664436E8859779BE67DC

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hbweb.info/redstonefcu.h0me/tom/
Redirect Chain
  • https://hbweb.info/redstonefcu.h0me/
  • https://hbweb.info/redstonefcu.h0me/tom/
103 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.143.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56fa600796e44703025606ad58d5f2e0e28a77264a633f82b4076876935fdb40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8384146938a2077b-MRS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Dec 2023 01:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7d0iPfcxxC%2F5eCnHHq5NN9UqiYnaHzUXN4vhkU2o5ee%2BVvTMvUMcsdKE%2BP1ZAGtPqkH%2FT2b7tpiQoo4UVCE1EFl3SnQm5GZkwcr6rtE7Hoa%2B5%2F6%2ByFwwKZNDijM"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
838414670e68077b-MRS
content-type
text/html; charset=UTF-8
date
Wed, 20 Dec 2023 01:23:23 GMT
location
tom/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPgXzGnOQEV4uJgd%2BzwZlYWAuyYwu6aJhUeMIUMto%2FaO6%2FqFqKJaJWsEW%2F%2B%2FyYbnUpZSTsZeF9Q5cyWTZ176EqTfcJVt9AW1CWZUNm8hrVqwHP7SHuDarhEZkzK7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&family=Nunito+Sans:ital,wght@0,400;0,700;1,400;1,700
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f10.1e100.net
Software
ESF /
Resource Hash
7ac5f8d1706520a00f25dd734b1614f62cf79662c0290b7a1fd76ec962495949
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Dec 2023 01:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 01:23:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Dec 2023 01:23:24 GMT
HakonHandwriting.woff2
hbweb.info/redstonefcu.h0me/tom/css/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hbweb.info/redstonefcu.h0me/tom/css/fonts/HakonHandwriting.woff2
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b194b8954233b889b1e68a206aa5e8f3b19b97f82cea3492416a979bdc35bf

Request headers

Referer
https://hbweb.info/redstonefcu.h0me/tom/
Origin
https://hbweb.info
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:23 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Sep 2020 01:18:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NwEuNXlQePRHHQ%2B%2FYbzBq1AhPX9Y%2Fe%2Fz1mhUJNv7NdSP%2BmELZ6dnu3P%2BARkj%2Bw5lzE4HjPSYv59kgLRSr1KWvBrx0Y2HTIiSxp%2FhAKUPTJfllGsteA0EeMr0Kt0LSjMtgA2S7z0sYdY"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8384146a1d7865cf-FRA
alt-svc
h3=":443"; ma=86400
content-length
24476
icomoon.woff
hbweb.info/redstonefcu.h0me/tom/css/fonts/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hbweb.info/redstonefcu.h0me/tom/css/fonts/icomoon.woff?filhvi
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0b7cb0cb362141b07bf928a96512eb46202cb1b3a2c1844e56fc34610e07d9

Request headers

Referer
https://hbweb.info/redstonefcu.h0me/tom/
Origin
https://hbweb.info
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:23 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Sep 2020 01:18:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJUD9eagkSIFqgTiDKklgbohG2ocAp8U2e5mtIjolZvlodBGaBNLm9XihgEcB49ZACGsmrhbwAgkhMaD9PpgFfl3MuoWQjLQlWKnhdlwK8ds0q6VcE6f5Ip2FabyR1tlH6BwQedKE7Ws"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8384146a1d7965cf-FRA
alt-svc
h3=":443"; ma=86400
content-length
3256
clientlib-site.min.b2f2f08e11cf566903629fc6b6385c36.css
hbweb.info/redstonefcu.h0me/tom/css/ 		219 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hbweb.info/redstonefcu.h0me/tom/css/clientlib-site.min.b2f2f08e11cf566903629fc6b6385c36.css
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12828221a0a09fe8cb6ff3e95c71ae234e29dc56f6dbd36994e2cb9ec4091437

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 27 Oct 2023 12:59:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9nLlGQL3Lx%2BG0xmEn0JtFiYQbK0%2BR0PwIIvhcXoKBPOswUZsji1x3iwjS2Sv4trn0iQ7V5LFv0xIwIq%2B%2BEOh%2BYPY3%2FEeOfFffpp8rhTiP2OF4%2Bwub26H9RL%2FpTJ7%2FeVGrF7jTsc12DN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8384146a1d7a65cf-FRA
alt-svc
h3=":443"; ma=86400
clientlibs.min.8b09630cf65dcbce1de0f6893ee4b02b.js
hbweb.info/redstonefcu.h0me/tom/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbweb.info/redstonefcu.h0me/tom/js/clientlibs.min.8b09630cf65dcbce1de0f6893ee4b02b.js
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74f1aaece969ced4afcdc550da2208264f430544f57beb6266f5f6dbc343519

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 22 Dec 2022 09:10:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CgB4srdCNa8gKEGrfwgpPgYQ2qSs4CZLlXSKwRo3FQ5ePZJUsu7oaqXBhGpP1AQEHUECk6zHEZ%2FvBJ2SJpOzj4KjkPboFqVtcjfyis46B6nc4C6aFuRBucDXErkIK%2FaFcSePZ1Gq5M%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8384146a1d7b65cf-FRA
alt-svc
h3=":443"; ma=86400
launch-085d054f3cfe.min.js
assets.adobedtm.com/f20fc3cce31c/a13d31d40cc9/ 		270 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/f20fc3cce31c/a13d31d40cc9/launch-085d054f3cfe.min.js
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2b6ac4e50745b995e79035f567b63c15aeab196540c70a0b46606147974874a5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:24 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 20:09:57 GMT
server
AkamaiNetStorage
etag
"f5ffeee94c7615bceeeaad6658a85717:1696363797.518278"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://hbweb.info
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
86981
expires
Wed, 20 Dec 2023 02:23:24 GMT
red.png
hbweb.info/redstonefcu.h0me/tom/css/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/redstonefcu.h0me/tom/css/images/red.png
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a109393724b8c630dab1d1ca5fe1ee953458c8b148c1d539e3361508560d08ce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:23 GMT
cf-cache-status
MISS
last-modified
Sat, 28 Oct 2023 14:50:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYS8tTlOFEDO2odA2vYTehh6qQ98X2RWa1O%2FBbuk2BY%2F3xYDefHck3uG7CF9IdFxffap8r7gHSaqCWj15dlRR4yVUfREWLk7p6gQi3l7e827PXUNqP2NW6%2FZXg0M9q3zTRuLHVujFDiS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8384146a1d7c65cf-FRA
alt-svc
h3=":443"; ma=86400
content-length
6994
polyfill.min.js
cdn.polyfill.io/v3/ 		104 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?features=default,Array.prototype.includes,Array.prototype.find
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 01:23:24 GMT
age
40235
detected-user-agent
Chrome/120.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
clientlib-site.min.55a82fcd7e9fc0773eec8372fe9c38ed.js
hbweb.info/redstonefcu.h0me/tom/js/ 		217 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbweb.info/redstonefcu.h0me/tom/js/clientlib-site.min.55a82fcd7e9fc0773eec8372fe9c38ed.js
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c396b64292d568295956a59f1be48fec12e5d7581686c0f8ed636065f29b7bf

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 22 Dec 2022 09:11:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVKsKsO2IhLn%2FCrAOrZOuiS3XTuE5rT1gwTSAtiCYcBfyVz0atZzb9S1CGeNtSkdGQ6zGJIdYTX8p8aqeQOfdirdmpHPme1AOj5JQgiieCeVWjZBehSVRUaG9g0YqN236cu730tz9XPr"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8384146a5d9b65cf-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
icomoon.woff
hbweb.info/redstonefcu.h0me/tom/css/clientlib-site/resources/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://hbweb.info/redstonefcu.h0me/tom/css/clientlib-site/resources/fonts/icomoon.woff
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/css/clientlib-site.min.b2f2f08e11cf566903629fc6b6385c36.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://hbweb.info/redstonefcu.h0me/tom/css/clientlib-site.min.b2f2f08e11cf566903629fc6b6385c36.css
Origin
https://hbweb.info
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn9sQduHUw%2FENsqjPxyTCB%2FA4%2F12V7mqkogYroOzpRvGrOW7PY6kt09KN3AdSwbutCHOeMgs4V2DI72lpfTjbmobsuGIE4DPVuuQtQD6sNblz7sszoAd1lIWKwYbTHaDN0UIx1v3YlmC"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384146acde865cf-FRA
alt-svc
h3=":443"; ma=86400
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&family=Nunito+Sans:ital,wght@0,400;0,700;1,400;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hbweb.info
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:10:11 GMT
x-content-type-options
nosniff
age
61993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:10:11 GMT
gtm.js
www.googletagmanager.com/ 		248 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K2JXD57
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7270a312df7c44f76d3a63461261eedd37a05aa723a64c5a3e3606124c396515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86337
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Dec 2023 01:23:24 GMT
cse.js
cse.google.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=003731611772318079466:gah3wdz6jag
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
gws /
Resource Hash
a69cc9c1a5e18148c7f09f1f19c2083fd8fbd71c57744fc7e21f429612567ff0
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Lxm3rtKwLJlB7OTnZogjhQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Lxm3rtKwLJlB7OTnZogjhQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Wed, 20 Dec 2023 01:23:24 GMT
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2458
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
RedstoneLogo.svg
hbweb.info/content/dam/rfcu/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/content/dam/rfcu/images/RedstoneLogo.svg
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLA%2BNPeTbdHIOWjhQ0S9z17mfoZM%2F8ESXWN67stwKqhyogLGzjPM2RGAvb5XYtczxTJ%2BJ6uIVnpd3LXpihvu029EBoGrdEydIT9uWMsA28kWDHsJ2gDJUCOU6TIJFq4yjfcA0gXlR4Pl"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384146d5fbc65cf-FRA
alt-svc
h3=":443"; ma=86400
id
dpm.demdex.net/ 		365 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=87AB6EA15DDFCB710A495FBD%40AdobeOrg&d_nsid=0&ts=1703035404635
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f20fc3cce31c/a13d31d40cc9/launch-085d054f3cfe.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-143-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5c156c8c70d8c97055ea5db1bb387349b952c8a6474e6c8c8257724247c374eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hbweb.info/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v054-0a80e641c.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Wed, 20 Dec 2023 01:23:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
PN2BO49OQhY=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://hbweb.info
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
307
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f20fc3cce31c/a13d31d40cc9/launch-085d054f3cfe.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:24 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://hbweb.info
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12687
expires
Wed, 20 Dec 2023 02:23:24 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f20fc3cce31c/a13d31d40cc9/launch-085d054f3cfe.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:24 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://hbweb.info
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Wed, 20 Dec 2023 02:23:24 GMT
cse_element__en.js
www.google.com/cse/static/element/3bd4ac03c21554b3/ 		315 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=003731611772318079466:gah3wdz6jag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
sffe /
Resource Hash
7448175084bac35748586b504207f8b7c371f6f751ef435f4b0569421a794db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107185
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 16:53:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Dec 2023 01:23:25 GMT
default+en.css
www.google.com/cse/static/element/3bd4ac03c21554b3/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=003731611772318079466:gah3wdz6jag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9068
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 16:53:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Dec 2023 01:23:25 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=003731611772318079466:gah3wdz6jag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Dec 2023 02:07:11 GMT
dest5.html
redfcu.demdex.net/ Frame 00A5 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redfcu.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f20fc3cce31c/a13d31d40cc9/launch-085d054f3cfe.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-143-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hbweb.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 20 Dec 2023 01:23:24 GMT
dcs
dcs-prod-irl1-1-v054-022e7ff67.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 8 Nov 2023 20:59:54 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
fceWfySISBo=
ibs:dpid=411&dpuuid=ZYJCDQAAACAuOANe
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=42478429849602139783653454573684393120
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYJCDQAAACAuOANe
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYJCDQAAACAuOANe
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Server
54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-143-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-026f8435a.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Wed, 20 Dec 2023 01:23:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
ONR42eMnQ1w=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYJCDQAAACAuOANe
Date
Wed, 20 Dec 2023 01:23:25 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
redfcu.tt.omtrdc.net/rest/v1/ 		349 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://redfcu.tt.omtrdc.net/rest/v1/delivery?client=redfcu&sessionId=adaefabd3d0c4ba9b59eb61db249e597&version=2.10.3
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f20fc3cce31c/a13d31d40cc9/launch-085d054f3cfe.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.152.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-66-235-152-107.data.adobedc.net
Software
jag /
Resource Hash
08a97aaa3f519f95bb044c64d2a00302ce1c27c9bbc722dfd82871b9e01f4d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hbweb.info/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 01:23:25 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://hbweb.info
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
593aa798-8a00-431a-b102-fbdcfc524eb9
js
www.googletagmanager.com/gtag/ 		293 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FDXDS7XR5P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JXD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1173e2732d9676da51b0bbfcdad347b3b32f770a100591e1330f5e25d4751db2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96290
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Dec 2023 01:23:25 GMT
6968.js
script.crazyegg.com/pages/scripts/0071/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0071/6968.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JXD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:25 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Dec 2023 01:23:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
8384147489640d59-MXP
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976494988/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976494988/?random=1703035405081&cv=11&fst=1703035405081&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v78093393&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhbweb.info%2Fredstonefcu.h0me%2Ftom%2F&hn=www.googleadservices.com&frm=0&tiba=signin_page&auid=2145710596.1703035405&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JXD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7a7d27c44f9c4243c7ba8bc66d18b149e6dfdb70d8fddaa0386add1d583399ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 01:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JXD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 20 Dec 2023 01:23:25 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5FA859B80B2E4ED796F38BC61FC9D2E1 Ref B: ZRHEDGE0819 Ref C: 2023-12-20T01:23:25Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
munchkin.js
munchkin.marketo.net/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 01:23:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
up.js
cdn01.basis.net/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.basis.net/assets/up.js?um=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JXD57
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
AC1.1 /
Resource Hash
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:25 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 16:22:21 GMT
server
AC1.1
age
202407
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1550
x-llid
13adb8e40dc53c0388425a9fd983d079
events.js
tags.srv.stackadapt.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.140.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-140-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
69b0aaadbcdc70355394e01ff5adea27df31172944f2e8b2ee6e9ed0838aeb3e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Dec 2023 01:23:25 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
tr
www.facebook.com/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=357295244839633&ev=PageView&gtmcb=947952203
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 20 Dec 2023 01:23:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FDXDS7XR5P&gtm=45je3bt0v887122880z878093393&_p=1703035404361&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=120240318.1703035405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703035405&sct=1&seg=0&dl=https%3A%2F%2Fhbweb.info%2Fredstonefcu.h0me%2Ftom%2F&dt=signin_page&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2389
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDXDS7XR5P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 01:23:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hbweb.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FDXDS7XR5P&cid=120240318.1703035405&gtm=45je3bt0v887122880z878093393&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDXDS7XR5P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 01:23:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hbweb.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
munchkin.js
munchkin.marketo.net/163/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 01:23:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Fri, 29 Mar 2024 01:23:25 GMT
s86694524706773
rfcu.sc.omtrdc.net/b/ss/rfcu-production/1/JS-2.25.0-LDQM/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rfcu.sc.omtrdc.net/b/ss/rfcu-production/1/JS-2.25.0-LDQM/s86694524706773?AQB=1&ndh=1&pf=1&t=20%2F11%2F2023%202%3A23%3A25%203%20-60&sdid=156491624FF0D036-3C02AC33B4CE04BD&mid=37202680512748608724315010531132263986&aamlh=6&ce=UTF-8&pageName=rfcu-signin-page&g=https%3A%2F%2Fhbweb.info%2Fredstonefcu.h0me%2Ftom%2F&c.&getTimeParting=6.3&getTimeSinceLastVisit=2.0&getPercentPageViewed=5.0.1&getPreviousValue=3.0&.c&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v2=page-content&v3=rfcu-signin-page&c10=New%20Visitor&v10=New%20Visitor&v11=redfcu.org&c17=D%3Dv17&v17=year%3D2023%20%7C%20month%3DDecember%20%7C%20date%3D19%20%7C%20day%3DTuesday%20%7C%20time%3D7%3A23%20PM&c26=highestPercentViewed%3D&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=87AB6EA15DDFCB710A495FBD%40AdobeOrg&AQE=1
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.22 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-22.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 01:23:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Dec 2023 01:23:25 GMT
server
jag
etag
3657240684697190400-4617808474444415906
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 19 Dec 2023 01:23:25 GMT
visitWebPage
588-pzs-844.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://588-pzs-844.mktoresp.com/webevents/visitWebPage?_mchNc=1703035405344&_mchCn=&_mchId=588-PZS-844&_mchTk=_mch-hbweb.info-1703035405344-62635&_mchHo=hbweb.info&_mchPo=&_mchRu=%2Fredstonefcu.h0me%2Ftom%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=87AB6EA15DDFCB710A495FBD%40AdobeOrg%3A6%3A37202680512748608724315010531132263986&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 01:23:26 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
6a1a0b07-b7d7-4cd2-958b-7b6ac3ed17dc
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.140.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-140-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
65c1f963f16d5597ebe9090d0432c5ab833c67ba35a7f0fb017da1ef8b2057ca

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Dec 2023 01:23:25 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.140.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-140-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Dec 2023 01:23:25 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
/
www.google.com/pagead/1p-user-list/976494988/ 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976494988/?random=1703035405081&cv=11&fst=1703034000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v78093393&u_w=1600&u_h=1200&url=https%3A%2F%2Fhbweb.info%2Fredstonefcu.h0me%2Ftom%2F&frm=0&tiba=signin_page&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_SnXEiiiFgDFwOl83wFTVjhhlVFCBqg&random=1404653868&rmt_tld=0&ipr=y
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 01:23:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
saq_pxl
tags.srv.stackadapt.com/ 		94 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=NclymTNxkycDWOMdlekBVg&is_js=true&landing_url=https%3A%2F%2Fhbweb.info%2Fredstonefcu.h0me%2Ftom%2F&t=signin_page&tip=JRWkGqjj876wfLRYsZiyN3E20m7dzDMTW7lv9A-aZzU&host=https%3A%2F%2Fhbweb.info&sa_conv_data_css_value=%270-102526c6-caf3-5570-79d1-bd95fa5e4479%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9102526c6caf3557079d1bd95fa5e4479b9c63e0a&sa-user-id-v3=s%253AAQAKIFiIdOZ3SB-5nZCHYTT9O7RvfsRYapkGzEIsCUhV2MZ2EHwYBCCNhImsBjABOgQ8w7t9QgRIC5YN.cO5wMEQxJZrC1ZpUFXRsiURnYs0oLkTGdRar6kQyZ1E&sa-user-id-v2=s%253AECUmxsrzVXB50b2V-l5EebnGPgo.eM%252BRJLn7QnWNv8hGicxEpmkSjSIL6MDxF1UPpg33Z3A&sa-user-id=s%253A0-102526c6-caf3-5570-79d1-bd95fa5e4479.3uD3sTKW4tjSKT%252B058sXcP13rkdn2x9gTzA8NW3iALg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.140.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-140-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://hbweb.info
date
Wed, 20 Dec 2023 01:23:25 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
94
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
async-ads.js
cse.google.com/adsense/search/ 		142 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
sffe /
Resource Hash
7df0df8b3df8c42634ecc71d7ab35e197c61777eb5b41a3e14239322b5804f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"13376431191049311150"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Wed, 20 Dec 2023 01:23:25 GMT
branding.png
www.google.com/cse/static/images/1x/en/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:48:06 GMT
x-content-type-options
nosniff
age
88519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1556
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 18 Dec 2024 00:48:06 GMT
generate_204
clients1.google.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
56380618.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56380618.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
96579c42a6766411eb0a2871ca3fe5121ca9277d004267f10d87d6b07445c021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Wed, 20 Dec 2023 01:23:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8731235C22C2470DBE89F94D456ED612 Ref B: ZRHEDGE0819 Ref C: 2023-12-20T01:23:25Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56380618&tm=gtm002&Ver=2&mid=e2191bd1-9237-4cef-a64f-5f87085eaa6b&sid=5f7b47c09ed611eeb323816d311d9c76&vid=5f7b4da09ed611ee8a573714054adfc9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=signin_page&p=https%3A%2F%2Fhbweb.info%2Fredstonefcu.h0me%2Ftom%2F&r=&lt=1538&evt=pageLoad&sv=1&rn=496031
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 20 Dec 2023 01:23:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B51C9E3FBBC2420E816898E3B1A04646 Ref B: ZRHEDGE0819 Ref C: 2023-12-20T01:23:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 4E1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash

Request headers

Referer
https://hbweb.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Wed, 20 Dec 2023 01:23:25 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
7be56801db0b6fcc
pixel.sitescout.com/up/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/7be56801db0b6fcc?cntr_url=https%3A%2F%2Fhbweb.info%2Fredstonefcu.h0me%2Ftom%2F
Requested by
Host: hbweb.info
URL: https://hbweb.info/redstonefcu.h0me/tom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 01:23:25 GMT
server
AC1.1
content-type
image/gif
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT
56380618
www.clarity.ms/tag/uet/ 		828 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/56380618
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/56380618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29abe70847aa68d839c92ba904ef0ae30116bfe29f69b1ddd9c1811be7bee86c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date
Wed, 20 Dec 2023 01:23:25 GMT
x-azure-ref
0DkKCZQAAAABiLjL73CSoQI700SGFGoCjTVJTMjExMDUwNjE3MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
828
expires
-1
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56380618
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:25 GMT
content-encoding
br
last-modified
Wed, 13 Dec 2023 19:57:52 GMT
x-azure-ref-originshield
0wZ+BZQAAAABEui7p2cJARIphPdipZdxsUEFSMjAxMDMxMDExMDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DBFC15CAB825ED"
x-azure-ref
0DkKCZQAAAAByQj33oEIrQ58WucVTeXmlTVJTMjExMDUwNjE3MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7420d255-001e-0079-1d44-32d2ff000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
footer_logo.png.rendition.src.s.1601608834324.png
hbweb.info/content/dam/rfcu/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/content/dam/rfcu/images/footer_logo.png.rendition.src.s.1601608834324.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35q7jy%2BgZ36osDzYQKoK%2FqL4fFHZA8LkYjGqPw9HKpPrQJevvosoxpVIjQ%2FUkLeH6vtiPaqO5Y8lpZwaLNIqNUP2YT15b5nbDj9qrHo8JgZsI8FQAU0ffvoiwH%2FY0abYtQcq1fZEQDsu"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384147d9db665cf-FRA
alt-svc
h3=":443"; ma=86400
family_background.png.rendition.src.src.1601597494924.png
hbweb.info/content/dam/rfcu/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/content/dam/rfcu/images/family_background.png.rendition.src.src.1601597494924.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5hFl4FHCFmvKP%2FQg%2BIm8tquULRLe42tABoLQ36Ncp0vOs8hTx%2FpqrUG6CPrn9Za3WaU9CbQG4Rfl62I28X6JmLwK%2F6jIrhlj7XVsZK3Rak6NUu%2F5VGuCJOkk%2B8My2Ev8M%2Bs8g4MMWV9"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384147d9db765cf-FRA
alt-svc
h3=":443"; ma=86400
SignIn_50x50.svg
hbweb.info/content/dam/rfcu/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/content/dam/rfcu/images/SignIn_50x50.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KhYsqiQ3iyufnRWWUoijUL60j8EOY1VxUT8iy%2BsezgDRg7rMmhsINvt05VrdN%2F3obQODEOv%2BuomhYeJNkFBMj2j3wGEPzE3X1egrttfrn%2BCB5gSi2Dlh5rVwtHj4RuhhzPdVndU0JI8"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384147d9db865cf-FRA
alt-svc
h3=":443"; ma=86400
Locations_50x50.svg
hbweb.info/content/dam/rfcu/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/content/dam/rfcu/images/Locations_50x50.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uufe2HuI%2Fy4q9n5oI1lsVzpzl%2FtQftZZ6Xzc0TzouO%2BY%2FDdEir%2BrRciepGz4wWEkzAAwN9VQFcv7F7v5D62tV0n%2FpBg0rFKtFc0t6MfQ2UPKDSHlcucmW0i8Yhy3%2FSrVEvwH9dWngVs8"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384147d9db965cf-FRA
alt-svc
h3=":443"; ma=86400
ContactUs_50x50.svg
hbweb.info/content/dam/rfcu/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/content/dam/rfcu/images/ContactUs_50x50.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MF9YJ6CG5j3Uxvl1RZMaWsOk1E%2BY23Vvc4FqIdDU287Ow3g%2F2LM7cVmxIDLO5pkGrpwCNiFfbhff%2BxkJVDQ9adGEC8gFU3WZyffwI0W2R5ipvLzBeBymRgMQBwfSofZ5ZrD7oyNP4or"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384147d9dba65cf-FRA
alt-svc
h3=":443"; ma=86400
Rates_50x50.svg
hbweb.info/content/dam/rfcu/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/content/dam/rfcu/images/Rates_50x50.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Usp%2F4emEazmiZRfw2qe2OER2uDmI2SHonK5MjQFAvaCmFG6aDPj4ENDbHrEUtweD8EwZhbrBW3FUOZ80oqu9VQP9oqC8Bj8ld2xmqFNsTs1%2BbS6uq7afiPeb5IJ8LkF7Y%2FtvR8BppcKC"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384147d9dbb65cf-FRA
alt-svc
h3=":443"; ma=86400
AboutUs_50x50.svg
hbweb.info/content/dam/rfcu/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbweb.info/content/dam/rfcu/images/AboutUs_50x50.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/redstonefcu.h0me/tom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAxr5UB7SmsXVUmDU6SunnnCWYfIGd%2BL0b2sXRB6tTH2tXs9HkidCJ7fZdQR6qlZ6%2BVi%2Fmuxz5qwA9FudYemZjvFNT5yuA3xebOFRyNqywh9%2BAWJ8ACAalBLAKAiXVjVoxT6pycX8Pdn"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8384147d9dbc65cf-FRA
alt-svc
h3=":443"; ma=86400
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BACF5A22B727497CAC1EBD9715222909&RedC=c.clarity.ms&MXFR=27F9858F3C156B311353966238156520
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BACF5A22B727497CAC1EBD9715222909&MUID=27AA967A784F664436E8859779BE67DC
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BACF5A22B727497CAC1EBD9715222909&MUID=27AA967A784F664436E8859779BE67DC
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hbweb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 01:23:27 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 20 Dec 2023 01:23:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F3820A4BF93C40F6902F3FC852DDAAE3 Ref B: ZRHEDGE0819 Ref C: 2023-12-20T01:23:27Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BACF5A22B727497CAC1EBD9715222909&MUID=27AA967A784F664436E8859779BE67DC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
u.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://hbweb.info/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://hbweb.info
Date
Wed, 20 Dec 2023 01:23:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof object| adobeDataLayer object| Customer object| Page object| SiteSection object| ProductInfo object| RFCU object| MicroModal function| InfoBubble object| __gcse object| dataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| c function| saq function| _saq function| formatTime function| cookieWrite function| cookieRead string| g function| onYouTubeIframeAPIReady object| gaGlobal function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_rfcu-production object| cntrUpTag object| MunchkinTracker object| res object| saCookies string| current_window_url_param object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId function| UET function| UET_init function| UET_push object| ueto_211f15b43c object| uetq number| googleNDT_ number| googleAltLoader function| clarity object| clarityuetq

40 Cookies

Domain/Path Name / Value
.hbweb.info/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 42478429849602139783653454573684393120
.hbweb.info/ Name: AMCVS_87AB6EA15DDFCB710A495FBD%40AdobeOrg
Value: 1
.hbweb.info/ Name: _gcl_au
Value: 1.1.2145710596.1703035405
.hbweb.info/ Name: mbox
Value: session#adaefabd3d0c4ba9b59eb61db249e597#1703037266|PC#adaefabd3d0c4ba9b59eb61db249e597.37_0#1766280206
.hbweb.info/ Name: s_tslv
Value: 1703035405201
.hbweb.info/ Name: s_inv
Value: 0
.hbweb.info/ Name: _ga_FDXDS7XR5P
Value: GS1.1.1703035405.1.0.1703035405.60.0.0
.hbweb.info/ Name: _ga
Value: GA1.1.120240318.1703035405
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYJCDQAAACAuOANe
.hbweb.info/ Name: s_ips
Value: 1200
.hbweb.info/ Name: s_tp
Value: 2134
.hbweb.info/ Name: s_ppv
Value: rfcu-signin-page%2C56%2C56%2C1200%2C1%2C1
.hbweb.info/ Name: gpv_pn
Value: rfcu-signin-page
.hbweb.info/ Name: s_cc
Value: true
.dpm.demdex.net/ Name: dpm
Value: 42478429849602139783653454573684393120
.hbweb.info/ Name: AMCV_87AB6EA15DDFCB710A495FBD%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19712%7CMCMID%7C37202680512748608724315010531132263986%7CMCAAMLH-1703640204%7C6%7CMCAAMB-1703640204%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1703042604s%7CNONE%7CMCSYNCSOP%7C411-19719%7CvVersion%7C5.5.0
.hbweb.info/ Name: _mkto_trk
Value: id:588-PZS-844&token:_mch-hbweb.info-1703035405344-62635
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-102526c6-caf3-5570-79d1-bd95fa5e4479.3uD3sTKW4tjSKT%2B058sXcP13rkdn2x9gTzA8NW3iALg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-102526c6-caf3-5570-79d1-bd95fa5e4479.3uD3sTKW4tjSKT%2B058sXcP13rkdn2x9gTzA8NW3iALg
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AECUmxsrzVXB50b2V-l5EebnGPgo.eM%2BRJLn7QnWNv8hGicxEpmkSjSIL6MDxF1UPpg33Z3A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AECUmxsrzVXB50b2V-l5EebnGPgo.eM%2BRJLn7QnWNv8hGicxEpmkSjSIL6MDxF1UPpg33Z3A
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFiIdOZ3SB-5nZCHYTT9O7RvfsRYapkGzEIsCUhV2MZ2EHwYBCCNhImsBjABOgQ8w7t9QgRIC5YN.cO5wMEQxJZrC1ZpUFXRsiURnYs0oLkTGdRar6kQyZ1E
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFiIdOZ3SB-5nZCHYTT9O7RvfsRYapkGzEIsCUhV2MZ2EHwYBCCNhImsBjABOgQ8w7t9QgRIC5YN.cO5wMEQxJZrC1ZpUFXRsiURnYs0oLkTGdRar6kQyZ1E
hbweb.info/ Name: sa-user-id
Value: s%253A0-102526c6-caf3-5570-79d1-bd95fa5e4479.3uD3sTKW4tjSKT%252B058sXcP13rkdn2x9gTzA8NW3iALg
hbweb.info/ Name: sa-user-id-v2
Value: s%253AECUmxsrzVXB50b2V-l5EebnGPgo.eM%252BRJLn7QnWNv8hGicxEpmkSjSIL6MDxF1UPpg33Z3A
hbweb.info/ Name: sa-user-id-v3
Value: s%253AAQAKIFiIdOZ3SB-5nZCHYTT9O7RvfsRYapkGzEIsCUhV2MZ2EHwYBCCNhImsBjABOgQ8w7t9QgRIC5YN.cO5wMEQxJZrC1ZpUFXRsiURnYs0oLkTGdRar6kQyZ1E
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hbweb.info/ Name: _uetsid
Value: 5f7b47c09ed611eeb323816d311d9c76
.hbweb.info/ Name: _uetvid
Value: 5f7b4da09ed611ee8a573714054adfc9
.bing.com/ Name: MUID
Value: 27AA967A784F664436E8859779BE67DC
www.clarity.ms/ Name: CLID
Value: b8f6f6b78c644056951519179092d5a7.20231220.20241219
.hbweb.info/ Name: _clck
Value: 1vlg6gh%7C2%7Cfhp%7C0%7C1449
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 27AA967A784F664436E8859779BE67DC
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 27AA967A784F664436E8859779BE67DC
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.hbweb.info/ Name: _clsk
Value: 1hnvb65%7C1703035407896%7C1%7C1%7Cu.clarity.ms%2Fcollect

10 Console Messages

Source Level URL
Text
network error URL: https://hbweb.info/redstonefcu.h0me/tom/css/clientlib-site/resources/fonts/icomoon.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hbweb.info/content/dam/rfcu/images/RedstoneLogo.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://script.crazyegg.com/pages/scripts/0071/6968.js
Message:
Failed to load resource: the server responded with a status of 410 ()
network error URL: https://hbweb.info/content/dam/rfcu/images/footer_logo.png.rendition.src.s.1601608834324.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hbweb.info/content/dam/rfcu/images/SignIn_50x50.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hbweb.info/content/dam/rfcu/images/Rates_50x50.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hbweb.info/content/dam/rfcu/images/ContactUs_50x50.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hbweb.info/content/dam/rfcu/images/Locations_50x50.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hbweb.info/content/dam/rfcu/images/family_background.png.rendition.src.src.1601597494924.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hbweb.info/content/dam/rfcu/images/AboutUs_50x50.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

588-pzs-844.mktoresp.com
analytics.google.com
assets.adobedtm.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.polyfill.io
cdn01.basis.net
clients1.google.com
cm.everesttech.net
cse.google.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbweb.info
munchkin.marketo.net
pixel.sitescout.com
redfcu.demdex.net
redfcu.tt.omtrdc.net
rfcu.sc.omtrdc.net
script.crazyegg.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
u.clarity.ms
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
104.19.147.8
13.107.21.200
13.107.246.45
142.250.184.238
142.250.186.46
142.250.186.66
142.250.186.67
142.250.186.68
151.101.65.26
157.240.251.35
172.217.18.8
172.67.143.99
173.194.76.154
18.157.140.43
184.30.16.231
192.28.144.124
216.239.34.181
216.58.206.42
2606:4700:3037::6815:5787
2a00:1450:4001:801::2004
34.255.242.39
4.227.249.197
41.63.96.2
54.77.143.29
63.140.62.22
66.235.152.107
68.219.88.97
88.221.60.75
98.98.134.242
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
08a97aaa3f519f95bb044c64d2a00302ce1c27c9bbc722dfd82871b9e01f4d0c
1173e2732d9676da51b0bbfcdad347b3b32f770a100591e1330f5e25d4751db2
12828221a0a09fe8cb6ff3e95c71ae234e29dc56f6dbd36994e2cb9ec4091437
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
29abe70847aa68d839c92ba904ef0ae30116bfe29f69b1ddd9c1811be7bee86c
2b0b7cb0cb362141b07bf928a96512eb46202cb1b3a2c1844e56fc34610e07d9
2b6ac4e50745b995e79035f567b63c15aeab196540c70a0b46606147974874a5
3c396b64292d568295956a59f1be48fec12e5d7581686c0f8ed636065f29b7bf
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56fa600796e44703025606ad58d5f2e0e28a77264a633f82b4076876935fdb40
5c156c8c70d8c97055ea5db1bb387349b952c8a6474e6c8c8257724247c374eb
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
65c1f963f16d5597ebe9090d0432c5ab833c67ba35a7f0fb017da1ef8b2057ca
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
69b0aaadbcdc70355394e01ff5adea27df31172944f2e8b2ee6e9ed0838aeb3e
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68
7270a312df7c44f76d3a63461261eedd37a05aa723a64c5a3e3606124c396515
72b194b8954233b889b1e68a206aa5e8f3b19b97f82cea3492416a979bdc35bf
7448175084bac35748586b504207f8b7c371f6f751ef435f4b0569421a794db6
7a7d27c44f9c4243c7ba8bc66d18b149e6dfdb70d8fddaa0386add1d583399ee
7ac5f8d1706520a00f25dd734b1614f62cf79662c0290b7a1fd76ec962495949
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7df0df8b3df8c42634ecc71d7ab35e197c61777eb5b41a3e14239322b5804f7b
96579c42a6766411eb0a2871ca3fe5121ca9277d004267f10d87d6b07445c021
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a109393724b8c630dab1d1ca5fe1ee953458c8b148c1d539e3361508560d08ce
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a69cc9c1a5e18148c7f09f1f19c2083fd8fbd71c57744fc7e21f429612567ff0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b74f1aaece969ced4afcdc550da2208264f430544f57beb6266f5f6dbc343519
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629