r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6119
Expires: Thu, 01 Dec 2022 14:08:19 GMT
Date: Thu, 01 Dec 2022 12:26:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3277
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:20 GMT
Last-Modified: Thu, 01 Dec 2022 11:31:43 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
email.mail.usbfund.com/c/eJyNkd2OwiAQhZ-m3LXhb7FccGFifI1mgKkSCzUUNL79YtSNl5uQwOFAvpkzaJhSelQ7oRnxxtKdYrMjW1kzThlnw5iQgpwN5YxrJkcrmQXJGCjptURL5TgD8pGUDO4CdsGpPK5oOs4dxCuEU2pHsphzKdetE_uOH9u63-9D3exckx_cGtvNhq5m9P1t62v6iCUk7Ne5d02E8vwqjrXEaVtrdtiJg4UHphOcsOPqacT2rsZmfOA9RgjL2_2rSBz-gftqKfiWE9eKBMMpb1FQRiUVVA0WPPV6R6X_Qc6o7iR9Ar-bI9lcMJRzsyBiDg6Sy5AwYyqwDAkbybhop_d2gzy9aMWUVKbXCF4jqbWV0gL1MAsPowWQtslfa4aV4g
34.127.83.42302 Found 678 B URL HTTP/1.1 email.mail.usbfund.com/c/eJyNkd2OwiAQhZ-m3LXhb7FccGFifI1mgKkSCzUUNL79YtSNl5uQwOFAvpkzaJhSelQ7oRnxxtKdYrMjW1kzThlnw5iQgpwN5YxrJkcrmQXJGCjptURL5TgD8pGUDO4CdsGpPK5oOs4dxCuEU2pHsphzKdetE_uOH9u63-9D3exckx_cGtvNhq5m9P1t62v6iCUk7Ne5d02E8vwqjrXEaVtrdtiJg4UHphOcsOPqacT2rsZmfOA9RgjL2_2rSBz-gftqKfiWE9eKBMMpb1FQRiUVVA0WPPV6R6X_Qc6o7iR9Ar-bI9lcMJRzsyBiDg6Sy5AwYyqwDAkbybhop_d2gzy9aMWUVKbXCF4jqbWV0gL1MAsPowWQtslfa4aV4g
IP 34.127.83.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Hash e022423dddec4795139b6497ba891d19
3fd84219ffb7028091df06d1f7130feca3a0132a
9a28a034cb2656579f4e93bc9e7c48397ccbfa335404aa8b445ddae1d551c33f
Analyzer Verdict Alert fortinet Malware
GET /c/eJyNkd2OwiAQhZ-m3LXhb7FccGFifI1mgKkSCzUUNL79YtSNl5uQwOFAvpkzaJhSelQ7oRnxxtKdYrMjW1kzThlnw5iQgpwN5YxrJkcrmQXJGCjptURL5TgD8pGUDO4CdsGpPK5oOs4dxCuEU2pHsphzKdetE_uOH9u63-9D3exckx_cGtvNhq5m9P1t62v6iCUk7Ne5d02E8vwqjrXEaVtrdtiJg4UHphOcsOPqacT2rsZmfOA9RgjL2_2rSBz-gftqKfiWE9eKBMMpb1FQRiUVVA0WPPV6R6X_Qc6o7iR9Ar-bI9lcMJRzsyBiDg6Sy5AwYyqwDAkbybhop_d2gzy9aMWUVKbXCF4jqbWV0gL1MAsPowWQtslfa4aV4g HTTP/1.1
Host: email.mail.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 678
Content-Type: text/html
Date: Thu, 01 Dec 2022 12:26:20 GMT
Location: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 12:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 394
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8013
Expires: Thu, 01 Dec 2022 14:39:53 GMT
Date: Thu, 01 Dec 2022 12:26:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: w4FMxMYiu3BUF3zEMDoVJaSUyuWGAcwh3b2HF0CBppaXBb2fTTqKEDHnLGW/8qWf4SzffeHEETA=
x-amz-request-id: GET6XMMA5XMJWVRK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 11:45:39 GMT
age: 2441
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 12:26:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 12:08:56 GMT
cache-control: public,max-age=3600
age: 1044
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be04f4ae1bbbdd480febee894b1a7b24
54db31b1ae160e83772db104425e92b67331094b
3d5ad539a75c58117c4a44c461dcdd3cec314f922cbfbd2491e6ace706789e5d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D5AD539A75C58117C4A44C461DCDD3CEC314F922CBFBD2491E6ACE706789E5D"
Last-Modified: Thu, 01 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Thu, 01 Dec 2022 18:25:41 GMT
Date: Thu, 01 Dec 2022 12:26:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3267
Cache-Control: max-age=164096
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:20 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:01:16 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.176.211101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.176.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7Kf/tqd2Zs8CKGZMXuQW/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o9WFebL065KDbefvb9m2nmYKIzU=
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.78200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 01 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eHIpmFuFEkm-_mkQISYGznMvqMsU3bHhR5TTD-odSV59Wt8oOAp0Lw==
age: 39478
X-Firefox-Spdy: h2
code.jquery.com/jquery-migrate-1.2.1.js
69.16.175.42200 OK 5.8 kB URL HTTP/2 code.jquery.com/jquery-migrate-1.2.1.js
IP 69.16.175.42:0
Hash ab50f392b13415af57f9720f4d24e981
8bee0d6d15bc0bf62197f6a33493df7494bf42c2
3c7ae468bcd5eefaf92cfac278a5a998f871e0aaa190f87b0f56fd79f93d00b7
GET /jquery-migrate-1.2.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:21 GMT
content-encoding: gzip
content-length: 5783
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-40ed"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669897581.dop002.sk1.t,1669897581.cds235.sk1.hn,1669897581.cds234.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 6dd5f74c871c2097f70cb9f6e4a4c7b9
273e6fb8d59590796d2f1ba78109727335f0aa0f
4893a5b3f2d98ac5b6b3f8f76fd4be3e8bc72a4971cd6cc3e577c5e3355345a8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 12:26:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 10:44:27 GMT
ETag: "273e6fb8d59590796d2f1ba78109727335f0aa0f"
Last-Modified: Thu, 01 Dec 2022 10:44:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1971
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772bcf8d8eedb4ff-OSL
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
50.87.170.174200 OK 1.1 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3296), with no line terminators
Hash e4f0e46d63eb641d8cfe1579ff0217cb
37e2ef45ef74f0a3b869d447b4d9e22d0b424945
6b7e532056e7c449a8e080eb2967563fdb20ce9cfdcb95216205a769b65033c4
GET /wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:24:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1141
content-type: text/css
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
50.87.170.174200 OK 239 B URL HTTP/2 www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 21fec527969cbcfec759744ce51f94c0
827130fb99b0005a5206028abfe82e93610184f2
fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:28:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 239
content-type: text/css
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/css/grid.css
50.87.170.174200 OK 10 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/css/grid.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with very long lines (3536), with CRLF line terminators
Hash 8ca3e3908b8e627dd53a2bde9ab330b4
dfc94081f2e0acfbc95cb633810897271692e5db
5a17844298059c3adb2103842f6893bf6a798221afa1c7a3217c610fc4aebeec
GET /wp-content/themes/usb/css/grid.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10146
content-type: text/css
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3a2efcbd513eb2331c468fb903145747
b613fded7ae1160dd6f972d2501d14495beabdfd
49edc489cfcfeab355b3098f0e92b903856e214461487f2c670eb6db7a87b917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1079
Cache-Control: max-age=165525
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Etag: "63887ccb-118"
Expires: Sat, 03 Dec 2022 10:25:06 GMT
Last-Modified: Thu, 01 Dec 2022 10:07:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 73ef72a7f9ba581abdcc4799b6e77a67
418dc38d1e22aeb9f2e5b17c72ce274683f55d5d
7542a6fa8240d97879a05e0c7360ef0f111bb8d2782df6effd290e00bc6d4305
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2873
Cache-Control: max-age=156161
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Etag: "63885135-118"
Expires: Sat, 03 Dec 2022 07:49:02 GMT
Last-Modified: Thu, 01 Dec 2022 07:01:09 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 161ce60156933cded3d8042b5d458639
1a7c9cf356fdf565c241efc69ac058098743bf47
b32ef4acb4cc586ff955cd68a6468f04a42624a002c09957a4ae1ee2520bbaf8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98195
Date: Thu, 01 Dec 2022 12:26:21 GMT
Etag: "638772f2-1d7"
Expires: Fri, 02 Dec 2022 15:42:56 GMT
Last-Modified: Wed, 30 Nov 2022 15:12:50 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CoLwszYnluMTBcp9ph1i-WccLVBblk_Qy6zp-BnRhIomZ4V2LPeYRA==
Age: 1806
scripts.iconnode.com/100980.js
54.230.111.96200 OK 7.7 kB URL HTTP/2 scripts.iconnode.com/100980.js
IP 54.230.111.96:0
File type Unicode text, UTF-8 text, with very long lines (46582), with no line terminators
Hash 05a6d57113e7870d8851ed0faf8ca12f
315c52641f469ec7e571648d5333982579cb6da3
0f4d04e15b0a5cb9f2e59f3cc9a7b36d522db0e7712454d1f962e77723348eb3
GET /100980.js HTTP/1.1
Host: scripts.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 7683
last-modified: Mon, 26 Sep 2022 18:10:24 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 16:56:43 GMT
cache-control: max-age=0
etag: "05a6d57113e7870d8851ed0faf8ca12f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PLCx2WzKxWAtgy647YJL1WLu6MbBd7wS2_nbbuVYke23Dwy4mJG_iw==
age: 70179
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 6dd5f74c871c2097f70cb9f6e4a4c7b9
273e6fb8d59590796d2f1ba78109727335f0aa0f
4893a5b3f2d98ac5b6b3f8f76fd4be3e8bc72a4971cd6cc3e577c5e3355345a8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 12:26:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 10:44:27 GMT
ETag: "273e6fb8d59590796d2f1ba78109727335f0aa0f"
Last-Modified: Thu, 01 Dec 2022 10:44:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1971
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772bcf8ed905b4ff-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3a2efcbd513eb2331c468fb903145747
b613fded7ae1160dd6f972d2501d14495beabdfd
49edc489cfcfeab355b3098f0e92b903856e214461487f2c670eb6db7a87b917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1079
Cache-Control: max-age=165525
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:21 GMT
Etag: "63887ccb-118"
Expires: Sat, 03 Dec 2022 10:25:06 GMT
Last-Modified: Thu, 01 Dec 2022 10:07:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 76108475908ee002754f805047878acb
ecbd423ba8b8b28a902163739b72dbb14a5d565b
02bec8b3154edb4cc056c5c7e8d9a2939450723d0c0c51ac68795c64be447460
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158698
Date: Thu, 01 Dec 2022 12:26:21 GMT
Etag: "63885c5c-1d7"
Expires: Sat, 03 Dec 2022 08:31:19 GMT
Last-Modified: Thu, 01 Dec 2022 07:48:44 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kWCNm7IclorlLd6yDs4dft_OgfCLYAtecFA7chVOmJfNzepjOJSmDg==
Age: 2555
shield.sitelock.com/shield/usbfund.com
45.60.14.54200 OK 10 kB URL HTTP/1.1 shield.sitelock.com/shield/usbfund.com
IP 45.60.14.54:0
File type PNG image data, 117 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash b596387d3941d0a9f036a5ed01b406ec
37e271ac4aaca2a38f860cf59523ed5199be6357
1e7e022797c185b37380e2e635d96ce2cff4954be96faf88f7e4d78250ea8c2b
GET /shield/usbfund.com HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Etag: "f6a4880a"
Content-Type: image/png; charset=ISO-8859-1
Content-Length: 10367
Cache-Control: max-age=5400, public
Expires: Thu, 01 Dec 2022 13:56:21 GMT
Date: Thu, 01 Dec 2022 12:26:21 GMT
Set-Cookie: visid_incap_275317=mcPm9mpMTvyiDN0KbALhoW2diGMAAAAAQUIPAAAAAADvBcOaXIEAan4Dzxf5jNaF; expires=Thu, 30 Nov 2023 22:33:52 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_721_275317=Cao1acyPGw/+J43x84EBCm2diGMAAAAA8cu9BFCn3li06kKFmoCIJg==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 6-16087957-0 0CNN RT(1669897581238 121) q(0 -1 -1 -1) r(0 -1)
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 12f92bc18ae77632ec5d0437b38a9582
21e40dd6fa038d5b0c62ab487719b0bbcc58a0b8
b093dc13588449f00c6f8c4026f118611b56123eec6ce5c2fca6fb363112f0d9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 12:26:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 14:09:18 GMT
Expires: Wed, 07 Dec 2022 14:09:17 GMT
Etag: "21e40dd6fa038d5b0c62ab487719b0bbcc58a0b8"
Cache-Control: max-age=523975,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772bcf8ecde6b4eb-OSL
d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
35.186.249.72200 OK 13 kB URL HTTP/2 d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
IP 35.186.249.72:0
File type C source, ASCII text, with very long lines (40914), with no line terminators
Hash 833e9c2431f16a9e4e590d8c18a01169
d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtnsAZnSloIe6SIv_lyLaN5TzzrWhRcm8uEhojNdAteO6NQMMKUZUGO7AMds8TRKRomRT2INJgEdgZ9KkPaK66F1Q
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 12876
server: UploadServer
date: Thu, 01 Dec 2022 12:25:21 GMT
expires: Thu, 01 Dec 2022 12:30:21 GMT
cache-control: public,max-age=900,s-maxage=300
age: 60
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.anytrack.io/1y0o6qdBqYHr.js
13.225.78.98200 OK 103 B URL HTTP/2 assets.anytrack.io/1y0o6qdBqYHr.js
IP 13.225.78.98:0
File type ASCII text, with no line terminators
Hash 69b5271584dd67a9e6ae79216fe30110
7753fe034a0843770954f6979f6830ff9a82f987
b55a87e172f834369dfb6a2176712509026e5b3de676343ccdc64410245081d9
GET /1y0o6qdBqYHr.js HTTP/1.1
Host: assets.anytrack.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 103
access-control-allow-origin: *
date: Thu, 01 Dec 2022 12:25:21 GMT
cache-control: public, max-age=600
etag: W/"67-d1P+A0oIQ3cJVPaXn2gw/5qC+Yc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Cq3x8EHh8DMf4eH9eAk0I2tGwFcn781HUAYaIt3bCFPOI6Ec5OwzJQ==
age: 60
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 12f92bc18ae77632ec5d0437b38a9582
21e40dd6fa038d5b0c62ab487719b0bbcc58a0b8
b093dc13588449f00c6f8c4026f118611b56123eec6ce5c2fca6fb363112f0d9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 12:26:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 14:09:18 GMT
Expires: Wed, 07 Dec 2022 14:09:17 GMT
Etag: "21e40dd6fa038d5b0c62ab487719b0bbcc58a0b8"
Cache-Control: max-age=523975,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772bcf8e2e030af6-OSL
www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
50.87.170.174200 OK 4.6 kB URL HTTP/2 www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4618
content-type: application/javascript
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1
50.87.170.174200 OK 1.3 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2972), with no line terminators
Hash da0e82022a32e0c42e125fe915cf9955
1c583a11b9e444a26cfd1443d3dade9c6f9e996a
e205081b6febab912d75f2aa70bc3ae2af58bb7d2b1e44927f17cb7631374ff0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:24:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1315
content-type: application/javascript
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
50.87.170.174200 OK 758 B URL HTTP/2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1667), with no line terminators
Hash 94c6b3b214659c68b42fb0c428cac279
eb3a852e1bcf8a32ac304dc89995ffdeaf623033
8cdab12fffba1162b02761c8e7631003efebf03e3af5ca9072023ffda52353ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:24:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 758
content-type: application/javascript
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-05.png
50.87.170.174200 OK 3.7 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-05.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 135 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 646b30b6704a2457b04bb12da4144c97
acadca7b80819db2100f2cf8341acdf47a2eb773
b6e64d31c4f5ab917ad1cddfe7fa745e7c4bfc2d5af33cfdaa8130eb14247bc8
GET /wp-content/uploads/featured-logo-05.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:03 GMT
accept-ranges: bytes
content-length: 3721
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-01.png
50.87.170.174200 OK 3.3 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-01.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 164 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 30427e02eea1cec61004e2fdb293e4d2
d3ba51be6c31147f379670d59cab54ec01b3b448
32161c4a44a1dcdddeeb852e2b6eea070839630ac3a719ac79a503cfd4d3892d
GET /wp-content/uploads/featured-logo-01.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 3311
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-03.png
50.87.170.174200 OK 3.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-03.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 83 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash ea461093328a47d28ed34df6be0ad850
5fad4dd9e9daea5b1cac739624cbd673c20fe7c2
37ea654d17c80dfb22d0ad091907b6d4009c76c4671728321fd51376a8df7cce
GET /wp-content/uploads/featured-logo-03.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:13 GMT
accept-ranges: bytes
content-length: 3840
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-04.png
50.87.170.174200 OK 5.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-04.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 123 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash e94a0244f1a51d7565de08744375bd07
dde753e74a85c5f094dda6661ada486fdae50422
47bff975ef1626c064613532b237bd114911cdc835effdccb0d124c1432c17b2
GET /wp-content/uploads/featured-logo-04.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:18 GMT
accept-ranges: bytes
content-length: 5757
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/images/logo_text.png
50.87.170.174200 OK 6.3 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/images/logo_text.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 250 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 198c7fed73cadb12c23066fcad4e33e8
1f2616bb88b86ec79f3ce8cbbf74b3392c0b46bc
0053eb54a0f54484a915313939d858e1844208d2d0c4b410ce30e25d9cbc09ba
GET /wp-content/themes/usb/images/logo_text.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 6307
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-02.png
50.87.170.174200 OK 5.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-02.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 93 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash d2bfb41e522705be8e4a48895b996bca
df2507b75f1c0362bd168ea7ecf829f11469a926
968570479e59e9ff339d5c1d25e4c15011f8cb5ad243776b8cf62f51d28b0903
GET /wp-content/uploads/featured-logo-02.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:13:58 GMT
accept-ranges: bytes
content-length: 5795
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/norton-secured.png
50.87.170.174200 OK 3.0 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/norton-secured.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 7d05b62893199c911ab6f798ec8127d2
e7dc7368c55a2fbccb17a82c1a25de39cea2907d
0b691c8e6d1b07ce3e066744ccfbf643d61f013ce51503b0a3ceb7a356562ed6
GET /wp-content/uploads/norton-secured.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
accept-ranges: bytes
content-length: 3017
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
50.87.170.174200 OK 2.2 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 3befe9c6fb5e6602893570b99d3920aa
1e7c1d352448864975a23135097e59593ae71456
d59962c29e3487892da60ef799f75523576b6f006d54fc3dd43bb6993588f1dc
GET /wp-content/uploads/accredited-business-usbfunding.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 2244
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
50.87.170.174200 OK 1.3 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3019)
Hash 05f645a76aff3fc02e18295a07c54e09
509581a5e2e4760e2163d704d21b2604329b514e
c7834a5ef896adfc8b40eb2a1db07bd867fe84da57ad234bfa487cfbc610a16a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/accounting.min.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1345
content-type: application/javascript
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-06.png
50.87.170.174200 OK 2.7 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-06.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 175 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash b7b5570d5d29fd453a5e65063849fcb1
b07b87612c74febb32961e10ed154dc2efdf19cb
886d709e142c957b0d93269a57fccc13800907c8ab90acc1f18c8bec259d3992
GET /wp-content/uploads/featured-logo-06.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 2693
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
50.87.170.174200 OK 2.2 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 50946e7f85431c547526705a530f893f
573eff13df4dc4f2e6e0e1db1a9339d79e22ce3c
05bc3e4202452433d51079e0d6e348cb850ea55330da7786c1d5c7290d13400a
GET /wp-content/themes/usb/images/logo_icon.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 2165
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
50.87.170.174200 OK 2.0 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a5a71307aefd12c55fd16f36356f9a83
679b01f07d71f673b74fde71a5a0a9da8a8e486d
a2e02fabad9f481343e4e8050843b371e239956a637488eb7d2a9deff98245de
GET /wp-content/uploads/us-business-funding-logo-small.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:51 GMT
accept-ranges: bytes
content-length: 2020
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/site.js
50.87.170.174200 OK 4.8 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/site.js
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ba21d11b60199ed26dfb2a2d8352065a
3e78915e922b60ca87f5860c67b99861de96830c
c000c3cc081106de80fb4995e40b363752494290c9090e0980a5b4a4cfc37c49
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/site.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4830
content-type: application/javascript
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/?display_custom_css=css&ver=6.0.3
50.87.170.174200 OK 541 B URL HTTP/2 www.usbfund.com/?display_custom_css=css&ver=6.0.3
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 0e67503cdf8a23b7d3aaff6f35c76b72
63edc0c8bf04ceec8dc3c8c44bd129b89adeb61a
d765ab66c61ec9c967f9f2e4b649326eb28a6f8dfb0fe064b4ed1cf9af1f18b6
GET /?display_custom_css=css&ver=6.0.3 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 541
content-type: text/css;charset=UTF-8
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 419 B IP 93.184.220.29:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 16fe48e8147da5422f936d2e71440441
0d38f98b793fc2c0993768201b4162e527e64f5f
b3685399d656857087972dd18a5138386bd8b775b10a48a87312750574f55231
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6011
Cache-Control: max-age=171918
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "63888281-118"
Expires: Sat, 03 Dec 2022 12:11:40 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:29 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 476e4c55df292b142bbde6b7367c3491
f3f64fce3f2d537428faaf942dba539975a59dbb
eae4adc54bc82d16a403e9e03ea769ab54bd6504ce35346a45f88b26a42e791f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5547
Cache-Control: max-age=143345
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "638814b4-116"
Expires: Sat, 03 Dec 2022 04:15:27 GMT
Last-Modified: Thu, 01 Dec 2022 02:43:00 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
50.87.170.174200 OK 5.3 kB URL HTTP/2 www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2022 11:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5321
content-type: application/javascript
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/bg-section-header.png
50.87.170.174200 OK 22 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/bg-section-header.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 149, 8-bit colormap, non-interlaced\012- data
Hash 65b13235e26653c77b0ed328dfdb8dc2
2dcc21d12b909058345b01f087062f6b59f4f05c
acba6ce2f083bf3e78176be5f1c68dfbeb67e609472b4f8c034ba8676d0995b2
GET /wp-content/uploads/bg-section-header.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.1.1669897580.0.0.0; _ga=GA1.1.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; IR_gbd=usbfund.com; IR_7486=1669897580524%7C0%7C1669897580524%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:58 GMT
accept-ranges: bytes
content-length: 22531
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:22 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
50.87.170.174200 OK 172 B URL HTTP/2 www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 14 x 14, 8-bit gray+alpha, non-interlaced\012- data
Hash 26d3bceaf73fad28fb322b6646860f78
1b70241f618df47a01729534d376a57c57bd8c07
0077bc52b60eb51d8785f3aa812a2cdcce59acd3a0b70a801b82c563787e1a7c
GET /wp-content/uploads/icon-arrow-down-white.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.1.1669897580.0.0.0; _ga=GA1.1.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; IR_gbd=usbfund.com; IR_7486=1669897580524%7C0%7C1669897580524%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:12 GMT
accept-ranges: bytes
content-length: 172
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:22 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
50.87.170.174200 OK 195 B URL HTTP/2 www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash f984736b4b9dfe03bb8831a718c6a238
d95304fa5fed6fdf9020c21ece2b7e35aec4808c
4944824b4a23581a4660857551680fffd806f6fa42e3d9414fb1529ba78651b9
GET /wp-content/uploads/icon-arrow-down-black.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.1.1669897580.0.0.0; _ga=GA1.1.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; IR_gbd=usbfund.com; IR_7486=1669897580524%7C0%7C1669897580524%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:09 GMT
accept-ranges: bytes
content-length: 195
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:22 GMT
server: Apache
X-Firefox-Spdy: h2
tag.getdrip.com/9726461.js
143.204.55.93200 OK 99 B URL HTTP/2 tag.getdrip.com/9726461.js
IP 143.204.55.93:0
Hash a6a61e5a753eb4abba54cc407d2eec78
e29c6b4c1b8c09d9195e98d58ae71ac7b29f19d1
e9185c80b8a995b7c2cc61d0aa8dd526b1dc02d301585949640ed082f94c21c6
GET /9726461.js HTTP/1.1
Host: tag.getdrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 8
last-modified: Fri, 20 May 2022 20:08:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 12:25:24 GMT
etag: "de2e1607e500ee465eca3ec4505c0859"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IG4AhebjLBibtulOKg0Ty56SXGM9F3Cruht9QneVk57V-66iDYKfGg==
age: 59
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 1.1 kB IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 50a24e076765030d3e5b20bb4b7cfe71
f31de9da1fe442bb3d0c8cb1e8dfcc3f8f181c82
0ef86149eaab30df2ce44cfe5965bc795492f261f5e7f80d6c8e6a5e2cf3734d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6370
Cache-Control: max-age=166474
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "63886bd6-116"
Expires: Sat, 03 Dec 2022 10:40:56 GMT
Last-Modified: Thu, 01 Dec 2022 08:54:46 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6d15b7a8e1fe3c0bb4c2a72ecce789fe
70e388800fb7c45b39aa4d35fdb2b2b471e869e9
cf1f71974f520a7eb182437dbcc55af4261b0e34464fe23a4aa00bf14a92a640
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2243
Cache-Control: max-age=154104
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "63884ba3-118"
Expires: Sat, 03 Dec 2022 07:14:46 GMT
Last-Modified: Thu, 01 Dec 2022 06:37:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 41c47d53eb52f9c66dfbc49ea9d7e982
8a66398ecdfcd3eccdcfd1b043555da8fb212891
eaebb621caf21833a469a233ba152554b347247cd64014886c9f24364767c0e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1189
Cache-Control: max-age=118132
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "6387c33d-117"
Expires: Fri, 02 Dec 2022 21:15:14 GMT
Last-Modified: Wed, 30 Nov 2022 20:55:25 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ff3e935c3cf7c6ace7b69332ba38a652
af65a3f24db96c4302dba77ef75341515b434e40
f94dbaa8716f8f4c8368a3a367dd90382af0f63d1e1fc17d014cc90821b50306
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6342
Cache-Control: max-age=111001
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "63879341-117"
Expires: Fri, 02 Dec 2022 19:16:23 GMT
Last-Modified: Wed, 30 Nov 2022 17:30:41 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
process.iconnode.com/google-ads/
76.223.116.242200 OK 0 B URL HTTP/2 process.iconnode.com/google-ads/
IP 76.223.116.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /google-ads/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:22 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ec56f5aa423d8a6e255c14f1acce941
32da7bbfcb49d56bb7ed48b5940098312334fff9
d93818a25d4f5ce0e5b95f8b36949729278aeb26867a18088127ae1da5c6bee5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1441
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "63875997-117"
Last-Modified: Thu, 01 Dec 2022 12:02:21 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16067
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 12:26:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16067
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 12:26:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16067
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 12:26:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16067
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 12:26:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:29:19 GMT
age: 28623
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.hs-scripts.com/5627136.js?integration=WordPress&ver=8.16.28
104.17.211.204200 OK 10 kB URL HTTP/2 js.hs-scripts.com/5627136.js?integration=WordPress&ver=8.16.28
IP 104.17.211.204:0
File type ASCII text, with very long lines (857), with no line terminators
Hash d7a47fdd712120af16d8420c2d01b967
a412693ea5931d3baac20bfe37c2b803dc02e91b
b42cdf6956c269c715b41d37c7c62797c67d3061b5e12bc9ac5f3e770791cac6
GET /5627136.js?integration=WordPress&ver=8.16.28 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:21 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.usbfund.com
access-control-max-age: 3600
cache-control: public, max-age=60
cf-bgj: minify
cf-polished: origSize=964
last-modified: Thu, 01 Dec 2022 11:50:33 GMT
vary: origin, Accept-Encoding
x-hubspot-correlation-id: ea5de43e-12d8-45f8-a4b8-0898852ac4a1
x-trace: 2B3FB9E5680F692270CAD0235F060CDA894C9F030C000000000000000000
cf-cache-status: HIT
age: 60
expires: Thu, 01 Dec 2022 12:27:21 GMT
server: cloudflare
cf-ray: 772bcf8e5fb71bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 52849
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: eef7d417-c6ca-4e3f-ac00-1425f3d5c4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0TSGHDIAMF_jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdae-467c79a805dfb5622687f628;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: haFJ2LZecbT4HRbkvcaZxR4SAIx5cGxNyghKiDOJVX6xDkPwzc2wNQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:34 GMT
age: 52848
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 83088
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 52622
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6a2556f24fac13ac49ca26a29a41ede9
3026443a9bad28ee79b11135a8e9c45b602ebcc0
caa753d57fa8c2b189401a68695d0bedb2232ad97eb0ca56c977ab37b5c3e6ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5569
Cache-Control: max-age=168215
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "638875c4-116"
Expires: Sat, 03 Dec 2022 11:09:57 GMT
Last-Modified: Thu, 01 Dec 2022 09:37:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 743dbde6e552b2f83f613d9f0b8fa0f9
33117bb5d9d47ebc50dec9c8ec7af5b2207d3f3b
42a3c8c7fd8baf2f0ea8ad22bc3be92b2ef7e604fb1fa47a8badbbef51fc8b7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42A3C8C7FD8BAF2F0EA8AD22BC3BE92B2EF7E604FB1FA47A8BADBBEF51FC8B7F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20068
Expires: Thu, 01 Dec 2022 18:00:50 GMT
Date: Thu, 01 Dec 2022 12:26:22 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 890ba2b1f2f78202a2e5266aa128db05
0ece0bca398da5d022213d81b3df699728f7e2cd
1ca4a39e66f834b7f5340aeca1112d8506545e87b89b65ea74546937c93186db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96849
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "63876a82-1d7"
Expires: Fri, 02 Dec 2022 15:20:31 GMT
Last-Modified: Wed, 30 Nov 2022 14:36:50 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LbBjmaiJtcZSD3RA_5767I5EUNkX7X_XXo3Mda1D3bFrdZxy1eQweQ==
Age: 2621
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 616e9cb5f4e645e371e9d74bcbb813ba
99ec59cdf6003f0790c1bde9c936e9e454be4a13
fca41d0a9651f3be947c9b5ae97de886137a4fa326c39dcbeb65506e0da2d51c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 978
Cache-Control: max-age=128337
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:22 GMT
Etag: "6387ebed-118"
Expires: Sat, 03 Dec 2022 00:05:19 GMT
Last-Modified: Wed, 30 Nov 2022 23:49:01 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 280
track.sendlane.com/track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&cb=dxubgys70mu4tf5gkrjj
23.250.2.183204 No Content 0 B URL HTTP/1.1 track.sendlane.com/track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&cb=dxubgys70mu4tf5gkrjj
IP 23.250.2.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&cb=dxubgys70mu4tf5gkrjj HTTP/1.1
Host: track.sendlane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 01 Dec 2022 12:26:22 GMT
Server: Apache
Cache-Control: no-cache, private, max-age=2592000
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 56
Set-Cookie: track_session=eyJpdiI6Ik5IazNHQ1pQUnMvWjdOV2wvcmh2WkE9PSIsInZhbHVlIjoidU5OQlkwY1ZJWWlNMlllSTBBUTRjeGw5TVRwSkYrbVNLOGtVVVVrZHBEaG5aUG00QWo2UTZPczFKdmlXNTA3cU5hdEdTT3RMaVlMWUdRRFdaM2N6L0hVcnRtKzBqVnlmcXJ6RVFlTUtQRy9zR0thaWpORnVLVVNFN1FJRHhYdEIiLCJtYWMiOiIxMTIzNGVjOTFjODMzOWY0ZDM3N2VmYjliZjIwMDljMjBjYjdiYzUzMmUwNDIxNTFlMzI0MDRlZTUyYzRlYjA2IiwidGFnIjoiIn0%3D; expires=Thu, 01-Dec-2022 14:26:22 GMT; Max-Age=7200; path=/; domain=sendlane.com; secure; httponly; samesite=lax
Expires: Sat, 31 Dec 2022 12:26:22 GMT
Connection: close
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4ae7f1b05c20c1bf08f164233851395f
287acbae655f20076dd572b01a5667a227ac1275
939ba71a925739f6d443d45d1a4fbd45aa5e36e75df2f96d85bbd8fc22f2b0c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1734
Cache-Control: max-age=95985
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:23 GMT
Etag: "63876a9a-117"
Expires: Fri, 02 Dec 2022 15:06:08 GMT
Last-Modified: Wed, 30 Nov 2022 14:37:14 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
207.137.0.213301 Moved Permanently 196 B URL HTTP/2 www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e4450c4791dadbc8f0fe8409a9b278ec
70f8e597f291a8a247c4f1bbbc4586e300f75723
e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 196
X-Firefox-Spdy: h2
process.iconnode.com/keyword/
76.223.116.242200 OK 670 B URL HTTP/2 process.iconnode.com/keyword/
IP 76.223.116.242:0
File type gzip compressed data, max compression\012- data
Hash 43dc8e48e479443551a5093970efaa30
4cfb6da6b9e72f409ebe066bb5a883daa4f27389
ddb863a7f9d7817522d8f98c500deee2351644791e1d8ef367cad56e2d7cc702
POST /keyword/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 611
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:22 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: none
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash aeb91c4bb083cb5e175d5a1b33262091
e673a6c3266b9c6356849e24cb9f85228d00a519
1cefd6e1609835046746a1e7359b9c052dccbb3c0cf679761dae637375a7df0f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93561
Date: Thu, 01 Dec 2022 12:26:23 GMT
Etag: "63875b24-1d7"
Expires: Fri, 02 Dec 2022 14:25:44 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:16 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nDpTN0UZB1ujkNy8v_ATjeOdy9fx_0X2_oh_W6Sfx_hNBCGcv7VkAA==
Age: 3268
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash aeb91c4bb083cb5e175d5a1b33262091
e673a6c3266b9c6356849e24cb9f85228d00a519
1cefd6e1609835046746a1e7359b9c052dccbb3c0cf679761dae637375a7df0f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93538
Date: Thu, 01 Dec 2022 12:26:23 GMT
Etag: "63875b24-1d7"
Expires: Fri, 02 Dec 2022 14:25:21 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:16 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: s5Sz4jfSw539fEVVg4Jo60HiA7Nu_rxt3msRxpizOb371gIiNc0-FA==
Age: 3245
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash aeb91c4bb083cb5e175d5a1b33262091
e673a6c3266b9c6356849e24cb9f85228d00a519
1cefd6e1609835046746a1e7359b9c052dccbb3c0cf679761dae637375a7df0f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93561
Date: Thu, 01 Dec 2022 12:26:23 GMT
Etag: "63875b24-1d7"
Expires: Fri, 02 Dec 2022 14:25:44 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:16 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j6PvTIgv7wvLg0DMollaGwvNARiJRqGBH0rYzV2CdCJ26R9bweN_Bw==
Age: 3268
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash aeb91c4bb083cb5e175d5a1b33262091
e673a6c3266b9c6356849e24cb9f85228d00a519
1cefd6e1609835046746a1e7359b9c052dccbb3c0cf679761dae637375a7df0f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93542
Date: Thu, 01 Dec 2022 12:26:23 GMT
Etag: "63875b24-1d7"
Expires: Fri, 02 Dec 2022 14:25:25 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:16 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EMTIbDpX5fUG2PpUd9qUb7Bfp5KPEd_7Q--cXT_t_roYZzcc5IZS_w==
Age: 3249
trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=c32572da-50d2-46e1-95e0-2337673f93c2&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit
172.64.145.151200 OK 0 B URL HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=c32572da-50d2-46e1-95e0-2337673f93c2&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit
IP 172.64.145.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=224499963&prismid=c32572da-50d2-46e1-95e0-2337673f93c2&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:23 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772bcf95ec92b50b-OSL
X-Firefox-Spdy: h2
aorta.clickagy.com/pixel.gif?clkgypv=jstag
3.214.87.208302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?clkgypv=jstag
IP 3.214.87.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?clkgypv=jstag HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 01 Dec 2022 12:26:23 GMT
content-type: application/json
content-length: 0
location: https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
server: Aorta/20221117.e7edcc499
x-aorta-host: 502d6d8d3c94
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.146.91200 OK 5.4 kB URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.146.91:0
File type ASCII text, with very long lines (24240), with no line terminators
Hash 668b35e406dd088913b8f7844971a8d4
c8dd0c3cc45e8ea50b7ae68c14a72d5968f6ce47
1b7d9a0e2fde59f74462c416bbc30f0785d9869acb338549e3efa32edc339f68
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:22 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 95
server: cloudflare
cf-ray: 772bcf932f88b4f7-OSL
X-Firefox-Spdy: h2
aorta.clickagy.com/data
3.214.87.208200 OK 82 B IP 3.214.87.208:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ba8d65c00c8917a6d8c0e5dd36e003f5
ffe9aeec3e34e77e989215172280fc2df29d2107
964609aad8a4e79bc70e6d6d6f3bc7d1071b5845cc18a4a6381c83590a79130b
POST /data HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 385
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:23 GMT
content-type: application/json
content-length: 82
server: Aorta/20221117.e7edcc499
x-aorta-host: eccbb48ff45e
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.usbfund.com
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
content-encoding: gzip
X-Firefox-Spdy: h2
hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
54.145.152.25200 OK 28 B URL HTTP/2 hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
IP 54.145.152.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 830cb026fae1a13104725d2b3100ec10
40188da405f4a93c90f0b5e060e0ccca8e483eba
4d32822dd4fd4e7b58950d7c693e301eaa19b29305077afaebc12852df7f4ee0
GET /external/hasHashes?clkgypv=jstag&cb=null HTTP/1.1
Host: hemsync.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:23 GMT
content-type: text/plain; charset=utf-8
content-length: 28
access-control-allow-origin: https://www.usbfund.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: content-length, last-modified, expires, content-type
content-encoding: gzip
X-Firefox-Spdy: h2
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
207.137.0.213200 OK 6.8 kB URL HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Hash 7a135f7e3acafb9b6be50709f352156d
e513ebaed7108d0cb1f248a7b3cb217f88e1952d
7c37e680b1c042799fa168ef26811f27a41fbde22663f6096032c3294b99e910
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=xxmz1vhhcu1s4ekljw3zbcmr; path=/; secure; HttpOnly; SameSite=Lax
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 6794
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/font-awesome.min.css
207.137.0.213200 OK 7.0 kB URL HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP 207.137.0.213:0
File type ASCII text, with very long lines (30837)
Hash 775375b17c16dc85854ba29bbba28807
91c2f8c2838211a85090f061340b6c0c24e763af
e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:32 GMT
accept-ranges: bytes
etag: "032466bcfed81:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 6965
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
207.137.0.213301 Moved Permanently 180 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 180
X-Firefox-Spdy: h2
exceptions.hs-embed-reporting.com/outpost/forms-embed/error.gif?report=%7B%22culprit%22%3A%22Error%22%2C%22message%22%3A%22DEFINITION_NOT_FOUND%22%2C%22exception%22%3A%5B%7B%22type%22%3A%22Error%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%2C%22value%22%3A%22DEFINITION_NOT_FOUND%22%7D%5D%2C%22request%22%3A%7B%22url%22%3A%22https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%2C%22queryString%22%3A%22utm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%7D%2C%22environment%22%3A%22PROD%22%2C%22tags%22%3A%7B%22region%22%3A%22%22%2C%22renderVersion%22%3A%22v2%22%2C%22projectVersion%22%3A%221.2421%22%2C%22key%22%3A%22DEFINITION_FAILURE%22%7D%2C%22level%22%3A%22error%22%2C%22version%22%3A%22%22%2C%22user%22%3A%7B%7D%2C%22extra%22%3A%7B%22key%22%3A%22DEFINITION_FAILURE%22%7D%7D
104.18.42.237200 OK 35 B URL HTTP/2 exceptions.hs-embed-reporting.com/outpost/forms-embed/error.gif?report=%7B%22culprit%22%3A%22Error%22%2C%22message%22%3A%22DEFINITION_NOT_FOUND%22%2C%22exception%22%3A%5B%7B%22type%22%3A%22Error%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%2C%22value%22%3A%22DEFINITION_NOT_FOUND%22%7D%5D%2C%22request%22%3A%7B%22url%22%3A%22https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%2C%22queryString%22%3A%22utm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%7D%2C%22environment%22%3A%22PROD%22%2C%22tags%22%3A%7B%22region%22%3A%22%22%2C%22renderVersion%22%3A%22v2%22%2C%22projectVersion%22%3A%221.2421%22%2C%22key%22%3A%22DEFINITION_FAILURE%22%7D%2C%22level%22%3A%22error%22%2C%22version%22%3A%22%22%2C%22user%22%3A%7B%7D%2C%22extra%22%3A%7B%22key%22%3A%22DEFINITION_FAILURE%22%7D%7D
IP 104.18.42.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /outpost/forms-embed/error.gif?report=%7B%22culprit%22%3A%22Error%22%2C%22message%22%3A%22DEFINITION_NOT_FOUND%22%2C%22exception%22%3A%5B%7B%22type%22%3A%22Error%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%2C%22value%22%3A%22DEFINITION_NOT_FOUND%22%7D%5D%2C%22request%22%3A%7B%22url%22%3A%22https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%2C%22queryString%22%3A%22utm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit%22%7D%2C%22environment%22%3A%22PROD%22%2C%22tags%22%3A%7B%22region%22%3A%22%22%2C%22renderVersion%22%3A%22v2%22%2C%22projectVersion%22%3A%221.2421%22%2C%22key%22%3A%22DEFINITION_FAILURE%22%7D%2C%22level%22%3A%22error%22%2C%22version%22%3A%22%22%2C%22user%22%3A%7B%7D%2C%22extra%22%3A%7B%22key%22%3A%22DEFINITION_FAILURE%22%7D%7D HTTP/1.1
Host: exceptions.hs-embed-reporting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:23 GMT
content-type: image/gif
content-length: 35
x-trace: 2BD11079490ADE4459B81FF9CF491A927E06519923F4E4D53F2B91F22A01
vary: origin, Accept-Encoding
x-hubspot-correlation-id: b9d21718-8cc8-4bd8-90d7-5c6699a110c0
access-control-allow-credentials: false
x-robots-tag: none
last-modified: Thu, 01 Dec 2022 12:26:23 GMT
cf-cache-status: MISS
expires: Thu, 01 Dec 2022 16:26:23 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 772bcf957e461bfa-OSL
X-Firefox-Spdy: h2
www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
207.137.0.213200 OK 23 kB URL HTTP/2 www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
IP 207.137.0.213:0
File type ASCII text, with CRLF line terminators
Hash 20180537e2ac64e5c60143ac90c84998
82d03de61c4dededbc9fd79d8c3a8e18d3b43744
0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Thu, 30 Nov 2023 07:44:22 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 23086
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
207.137.0.213301 Moved Permanently 188 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 188
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
207.137.0.213301 Moved Permanently 196 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95d708e49ef3d81c5832e354dbdafb01
ddb6aa6d1990a59c42331129fef517bb9101fad1
429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 196
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
207.137.0.213200 OK 11 kB URL HTTP/2 www.checkbca.org/stylesheets/style.css
IP 207.137.0.213:0
File type assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Hash a3ec3a585ca53c4eaa1082ae3427a329
7f08739e149ab8dc280a05b280c31b04bfb1bd6d
1e44bca5aecfd50bff07a4df9f9bb9c524f6addd9c24bb8c463eef67798283c9
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:32 GMT
accept-ranges: bytes
etag: "032466bcfed81:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 10899
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
207.137.0.213200 OK 3.1 kB URL HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (626), with CRLF, LF line terminators
Hash 487fda8eb4e12565909588706300e2fb
9224d8c027d499bb7ec852c2bf3c580e593f5d5b
664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 3081
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.bxslider.min.js
207.137.0.213200 OK 5.1 kB URL HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (18813)
Hash 9777aab0bd6025cd5c7ecaebd409284d
ab73cc0c1c09e58a1fa0d5bda44c313f697f14da
7b01c6335fa7c91f0b359d56158676c2553323f6e09dd01db242b0da0d104d1b
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 5135
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery-3.3.1.min.js
207.137.0.213200 OK 30 kB URL HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 30394
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectBox.js
207.137.0.213301 Moved Permanently 175 B URL HTTP/2 www.checkbca.org/scripts/jquery.selectBox.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46da262b5b1399dfbf30fac73e57a298
c176cf3cfa6da6a0748c497591ff3619467d6434
4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
GET /scripts/jquery.selectBox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 175
X-Firefox-Spdy: h2
www.checkbca.org/images/widget_member_seal.png
207.137.0.213200 OK 4.9 kB URL HTTP/2 www.checkbca.org/images/widget_member_seal.png
IP 207.137.0.213:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash b16b18a3bc55b39e53d58026662582b1
f1ef3e2605c0eb6afd312dcc7b354b4d0dee54a2
fb715daa7fae403543290995b70576747818581d044e57b5ac072fd27c84e1bf
GET /images/widget_member_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: image/png
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "8a855647b225d61:0"
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 4897
X-Firefox-Spdy: h2
www.checkbca.org/scripts/scripts.js
207.137.0.213200 OK 4.3 kB URL HTTP/2 www.checkbca.org/scripts/scripts.js
IP 207.137.0.213:0
File type ASCII text, with CRLF line terminators
Hash 3b38a1caac14cc0685da48549e84da3b
2ce4f852dced2ddee12614640dcfeb0f3a96ae48
4e45d270791d6d30c782e95c1763ef0a1ac7b934d5cb703b651f3c6434c8b22b
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:29 GMT
accept-ranges: bytes
etag: "806e7c4bcfed81:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 4272
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectbox.css
207.137.0.213200 OK 844 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP 207.137.0.213:0
File type ASCII text, with very long lines (2823), with no line terminators
Hash ef6ac3dc00cd170fb2e40e76489dc10d
02964dcc31527690062facef2f5ca2c0cf24ea23
06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 844
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
207.137.0.213200 OK 24 kB URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (65262), with CRLF line terminators
Hash 1aa546445a52ff5e781cb1e335f445c4
a8071c7d8f7c2798100ceed7ef5842a587cc41d2
6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:32 GMT
accept-ranges: bytes
etag: "032466bcfed81:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 24320
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
207.137.0.213200 OK 9.6 kB URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (39257), with CRLF line terminators
Hash 211aa6b9096a11187131cbc6c3ab6d16
380ff6b00fc93d78031319a6d1b0e78f2a9e6017
4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:32 GMT
accept-ranges: bytes
etag: "032466bcfed81:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 9603
X-Firefox-Spdy: h2
serve.albacross.com/track.js
143.204.55.30200 OK 4.1 kB URL HTTP/1.1 serve.albacross.com/track.js
IP 143.204.55.30:0
File type ASCII text, with very long lines (10418)
Hash e062066a14a30b3ed3b72c5b31f21ffe
064e97457f03f59e40134ea46a21ba6e98a90c68
7bc78e48c07227b97701737a2799c978d37ff3f2350b02043ce69464de7399de
GET /track.js HTTP/1.1
Host: serve.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 12:26:23 GMT
Cache-Control: max-age=120
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HtH4SM5GEKghV3yQZzVwXsqVKlrUag4onbN_8jVoKPw11PJHuCRw6g==
Age: 11
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash d4bddeab99bab582247fd7d86be6c648
dd53a1734501cd717815ee73fbc6852b7ab6e924
d297a424d5754441ad4aba53b62eadcf6a45f9ada0ba72e6ffc19b94bb9ff964
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2462
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:23 GMT
Last-Modified: Thu, 01 Dec 2022 11:45:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
munchkin.marketo.net/munchkin.js
88.221.99.189200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 88.221.99.189:0
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 12:26:23 GMT
Content-Length: 728
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=80401
date: Thu, 01 Dec 2022 12:26:23 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
www.usbfund.com/fonts/socicon.woff
50.87.170.174200 OK 31 kB URL HTTP/2 www.usbfund.com/fonts/socicon.woff
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 31444, version 1.0\012- data
Hash dcbd1f9c4275862f002f21619e96b8f4
a97cd865925e5102ae7c25aa5dd09112ccf50651
a680b776319127695950fd7c490b17cd15120d683bde57845707a2f7dc0f1a74
Analyzer Verdict Alert fortinet Malware
GET /fonts/socicon.woff HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.1.1669897580.0.0.0; _ga=GA1.1.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; IR_gbd=usbfund.com; IR_7486=1669897580524%7C0%7C1669897580524%7C%7C
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
accept-ranges: bytes
content-length: 31444
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: font/woff
date: Thu, 01 Dec 2022 12:26:22 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/Secured-vs.-Unsecured-Line-of-Credit-1.jpg
50.87.170.174200 OK 13 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/Secured-vs.-Unsecured-Line-of-Credit-1.jpg
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 720x405, components 3\012- data
Hash 4adc359bff7fdd1a69434369f1c0521d
2734ab7daa6ede9f1c5e2b35a254cf0ff5fcb311
cdb37540ad321262b2812f3fb87b16a35f0e660769c3c99c4dd12c3614a42b5a
GET /wp-content/uploads/Secured-vs.-Unsecured-Line-of-Credit-1.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.1.1669897580.0.0.0; _ga=GA1.1.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; IR_gbd=usbfund.com; IR_7486=1669897580524%7C0%7C1669897580524%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 05:40:53 GMT
accept-ranges: bytes
content-length: 12869
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Thu, 01 Dec 2022 12:26:22 GMT
server: Apache
X-Firefox-Spdy: h2
rec.smartlook.com/recorder.js
185.76.9.15200 OK 1.6 kB URL HTTP/2 rec.smartlook.com/recorder.js
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (3010), with no line terminators
Hash 7c1cf17295ba6cd57a8bac0d3b5e0239
8d3d91dd635c48e2ad9cea94d339dfff52a118b8
99068333510ecce21807fcc1b2d41a8d632d90bd133dcd23e4193678a09e5d07
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:23 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"63861b50-bc2"
last-modified: Tue, 29 Nov 2022 14:46:40 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1669898063
server: CDN77-Turbo
x-77-nzt: AblMCQ2W4r7/eAAAAA
x-77-nzt-ray: c0a4cc2855e064e96f9d886394abb038
x-cache: HIT
x-age: 120
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectbox.js
207.137.0.213200 OK 4.2 kB URL HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP 207.137.0.213:0
File type Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Hash 786f2eb7bf72098ca18b9afd6d127237
5e75cb575c23f13e064a913cbe55570670e718ab
d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 01 Dec 2022 12:26:22 GMT
content-length: 4192
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 66415b2d481f3837aeeff14cd9e37513
9b373ebee3ffc7fe280a3f581c2a53a6c915eaff
9f37e6fc62aa1d889fa26d11552aa96f84824050f545a084b6847e1303e9a68f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132246
Date: Thu, 01 Dec 2022 12:26:23 GMT
Etag: "6387e63b-1d7"
Expires: Sat, 03 Dec 2022 01:10:29 GMT
Last-Modified: Wed, 30 Nov 2022 23:24:43 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h8ssu9Xp0o7Tzsh5ntlEXNz-fCxahTsaBXd4EnEoWZuJZtK2MToQhA==
Age: 6346
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3b637616b735e4f1416de5a6d9f8db79
be3a8055c06beb40d945560198fe8adb5f4fa9dd
1df14f9efcd802f366444416e62fdc647bf9c1c780fbd8d3e618eeafec13ef89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3043
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:24 GMT
Last-Modified: Thu, 01 Dec 2022 11:35:41 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
169.50.137.179200 OK 3.1 kB URL HTTP/2 tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
IP 169.50.137.179:0
File type ASCII text, with very long lines (3100)
Hash 3f39bd6aa96de4bb5bd9275b06354981
14f61e1cbeb536266027c98d8f48cc3211f1a2b2
4f8cbfd5c952dcec41e51c8cdf551acc7acf44e7e4d51ab90be179a503fb4b00
GET /sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77 HTTP/1.1
Host: tag.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 3101
set-cookie: suid=A3617A53A38D40179F061A46346D0470; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:24 GMT; SameSite=none; Secure;
suid_legacy=A3617A53A38D40179F061A46346D0470; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:24 GMT; Secure;
x-request-id: FyyrAVezj4R0Mw2HU24h
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
66.155.71.150302 Found 0 B URL HTTP/2 pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
IP 66.155.71.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: ssi=22f93413-1216-44f8-bb1b-394a40cdc9b3#1669897584105; Domain=.sitescout.com; Expires=Fri, 01-Dec-2023 12:26:24 GMT; Path=/; Secure; SameSite=None
location: https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
content-length: 0
date: Thu, 01 Dec 2022 12:26:23 GMT
server: AC1.1
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 66415b2d481f3837aeeff14cd9e37513
9b373ebee3ffc7fe280a3f581c2a53a6c915eaff
9f37e6fc62aa1d889fa26d11552aa96f84824050f545a084b6847e1303e9a68f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128747
Date: Thu, 01 Dec 2022 12:26:24 GMT
Etag: "6387e63b-1d7"
Expires: Sat, 03 Dec 2022 00:12:11 GMT
Last-Modified: Wed, 30 Nov 2022 23:24:43 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BK0shxK6vExnI3SFQsocJZdJp-ikNCbQdRLLYAGlwNAuapcLPhfL4Q==
Age: 2848
munchkin.marketo.net/162/munchkin.js
88.221.99.189200 OK 4.7 kB URL HTTP/1.1 munchkin.marketo.net/162/munchkin.js
IP 88.221.99.189:0
File type ASCII text, with very long lines (606)
Hash 3e9baed982956735f6e0a0e756d97ed9
9223be6a494a10959101a7942419df7b05b84d73
930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
GET /162/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Sat, 11 Mar 2023 12:26:24 GMT
Date: Thu, 01 Dec 2022 12:26:24 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
66.155.71.150204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
IP 66.155.71.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Thu, 01 Dec 2022 12:26:23 GMT
server: AC1.1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5bc03b4995299a6a2777604a4d461631
c9de39bb466bfb8f885bae78849b7049389e3483
a8155ab40b718c91379d3a995b89adb27a9044c6f48d0033bfe797e5d9f1437b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 12:26:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 13:42:55 GMT
Expires: Wed, 07 Dec 2022 13:42:54 GMT
Etag: "c9de39bb466bfb8f885bae78849b7049389e3483"
Cache-Control: max-age=522389,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772bcf9c6a400af6-OSL
px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1669897582572&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1669897582572&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=58092&time=1669897582572&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1669897582572%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsecured-vs-unsecured-line-of-credit%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIJ5D3jQCsjvQAAAYTNpv6ccgGaSIlViueB7Zg27BVNlwimQCSXa7xdciPpzo7-GdPAxPklfpdNvg; Max-Age=2592000; Expires=Sat, 31 Dec 2022 12:26:24 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIwQTAQ-7cMMgAAAYTNpv6coawq40X5Yhjdw6YMbMBN1PwW_nOybWmrjcGwu-azRPSxcSdaj3pngX7zkx49kg; Max-Age=2592000; Expires=Sat, 31 Dec 2022 12:26:24 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&472333f4-fe79-4c25-854e-3890c6f21c8b"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 01-Dec-2023 12:26:24 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2438:u=1:x=1:i=1669897584:t=1669983984:v=2:sig=AQF6RJz0azibK0LVTSQJrCi_9elWJJfh"; Expires=Fri, 02 Dec 2022 12:26:24 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXuw1RSYKh3NSMS+6IAtg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FCC2C61A20DD4A2CBBAC2760257581F9 Ref B: OSL30EDGE0407 Ref C: 2022-12-01T12:26:24Z
date: Thu, 01 Dec 2022 12:26:23 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 358cb72c944012ee6e116cbc7011d730
45ccdf48d3bf584b4bd9e5e305e641a1559db749
1cedbd730a4f2d719a2196250a404fc660cd93f72b522d80250aee91c2c58c60
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153600
Date: Thu, 01 Dec 2022 12:26:24 GMT
Etag: "63883eda-1d7"
Expires: Sat, 03 Dec 2022 07:06:24 GMT
Last-Modified: Thu, 01 Dec 2022 05:42:50 GMT
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IhhwRuu_oTnYnqhiS9z0MYYZOvqoFDxqcXsBtMLwlKLCgGQs1BM9xg==
Age: 5014
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1669897582572%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsecured-vs-unsecured-line-of-credit%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1669897582572%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsecured-vs-unsecured-line-of-credit%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1669897582572%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsecured-vs-unsecured-line-of-credit%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1669897582572&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&cacb964e-a1dc-4840-80f6-9fb0a01baaff"; Domain=.linkedin.com; Expires=Fri, 01-Dec-2023 12:26:24 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2022120112262440d9f48e-6975-4932-82c9-a0f50f3b78ebAQGv_jyVNfGp9KUKnC2oGhKX4A87tclF"; Domain=.www.linkedin.com; Expires=Fri, 01-Dec-2023 12:26:24 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njk4OTc1ODQ7MjswMjHfa+weZm/eJv+D00e/sF625dXvGnEN4D9rfHpxdU2bRw==; Domain=.linkedin.com; Expires=Tue, 30 May 2023 12:26:24 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2383:u=1:x=1:i=1669897584:t=1669983984:v=2:sig=AQE-DH2ZSUZJk85lZc-pPS-GMAgAbu3-"; Expires=Fri, 02 Dec 2022 12:26:24 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXuw1RVGEhmx3zqh9yR2A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B459940615E84170879329D08070EA2A Ref B: OSL30EDGE0407 Ref C: 2022-12-01T12:26:24Z
date: Thu, 01 Dec 2022 12:26:23 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1669897582572&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1669897582572&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=58092&time=1669897582572&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&7930c359-fb30-41f8-8982-b7b2c95239a8"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 01-Dec-2023 12:26:24 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2438:u=1:x=1:i=1669897584:t=1669983984:v=2:sig=AQF6RJz0azibK0LVTSQJrCi_9elWJJfh"; Expires=Fri, 02 Dec 2022 12:26:24 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXuw1RXnl/M20aJph7nrQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A918284224B8467CB7A8142C1561BB9B Ref B: OSL30EDGE0407 Ref C: 2022-12-01T12:26:24Z
date: Thu, 01 Dec 2022 12:26:23 GMT
content-length: 0
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
50.87.170.174200 OK 944 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1696 x 1131, 8-bit colormap, non-interlaced\012- data
Size 944 kB (944072 bytes)
Hash b4b6bd078ef229456fc9d5b22d31ca0e
51cb87382bfb8b0029df296adb021229ad4cf6da
870b85b6771aeb0fc9c84c444ca24919dd6f71e4b34a6bb97003a0a4f34bdfd3
GET /wp-content/uploads/USBusinessFunding-Home1.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.1.1669897580.0.0.0; _ga=GA1.1.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; IR_gbd=usbfund.com; IR_7486=1669897580524%7C0%7C1669897580524%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:13 GMT
accept-ranges: bytes
content-length: 944072
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:22 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-32x32.png
50.87.170.174200 OK 1.4 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-32x32.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 331f8022f00882988b3dd50a45511040
295b137770dedf8de5101ba30c05f515e21b6fb0
f83bb7fbb6ab6b05a6129fdc513d6edeb3b9029b0cbe6cf3eae361ad56c58cf5
GET /wp-content/uploads/cropped-iconusbfund-32x32.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.1.1669897580.0.0.0; _ga=GA1.1.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; IR_gbd=usbfund.com; IR_7486=1669897580524%7C0%7C1669897580524%7C%7C; soundestID=20221201122621-fZEQ6rHwLOGV6ezHlai2pYs1sq2ky0YH9UDIlKMy2jaOFR7cx; soundest-views=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:07 GMT
accept-ranges: bytes
content-length: 1438
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
50.87.170.174200 OK 20 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 273b22a347363c8bfaa20ddcca897d53
0bf5106cb96db26030ae4bee997db3aef8914130
3c673a54e1fea64b6b57dc31365058249f665f327b0e032746b310a2f6a2c0b2
GET /wp-content/uploads/cropped-iconusbfund-192x192.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.1.1669897580.0.0.0; _ga=GA1.1.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; IR_gbd=usbfund.com; IR_7486=1669897580524%7C0%7C1669897580524%7C%7C; soundestID=20221201122621-fZEQ6rHwLOGV6ezHlai2pYs1sq2ky0YH9UDIlKMy2jaOFR7cx; soundest-views=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 19606
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Thu, 01 Dec 2022 12:26:24 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e7a664c141ad94f9369306daea3da88
02e428e10b2b76cd804b7bc8b982c021a4172ede
886d898b624724dc95d4deda230bb95f8f25e03f0dabb2396757290e2abb2e33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2078
Cache-Control: max-age=90186
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:24 GMT
Etag: "6387529c-1d7"
Expires: Fri, 02 Dec 2022 13:29:30 GMT
Last-Modified: Wed, 30 Nov 2022 12:54:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash cba40afdcfc6944dd4c089bab7813f06
a044023a553e646385b62020c528f7f93011e133
932c15d63f654c23f1c56f6302c3c101b572973059ae99576d5051b3e99b7a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2672
Cache-Control: max-age=108455
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:24 GMT
Etag: "638797a7-118"
Expires: Fri, 02 Dec 2022 18:33:59 GMT
Last-Modified: Wed, 30 Nov 2022 17:49:27 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
207.137.0.213200 OK 6.8 kB URL HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Hash be2cd79cb863027fe1df8ced64f56a7f
f7f46150901d05a16320088f07e085307d00378b
73b2167f5b2783b33e52c92a95d6fc26ac029316db513cde1b059b1a0c7ca18a
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=e0wjx1c2aj1auvvphlavylkv; path=/; secure; HttpOnly; SameSite=Lax
date: Thu, 01 Dec 2022 12:26:24 GMT
content-length: 6794
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 5.5 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max speed, from Unix\012- data
Hash d0dcc91daccbb336592242354811f827
21d386b18316f72b36feda1d7b3be72d870563ce
f6f97e8369e8a6a339c4bdc4862cfa5730d2aef25285fed4aca49d315acbd9f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04F6923059A3A22075CC2B79344EEAAC4EA7EF3FFBEB3F14A6975E4252142484"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13910
Expires: Thu, 01 Dec 2022 16:18:15 GMT
Date: Thu, 01 Dec 2022 12:26:25 GMT
Connection: keep-alive
511-lvj-854.mktoresp.com/webevents/visitWebPage?_mchNc=1669897582769&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1669871026855-62703&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2Fsecured-vs-unsecured-line-of-credit%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsecured-vs-unsecured-line-of-credit
199.15.214.243200 OK 43 B URL HTTP/1.0 511-lvj-854.mktoresp.com/webevents/visitWebPage?_mchNc=1669897582769&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1669871026855-62703&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2Fsecured-vs-unsecured-line-of-credit%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsecured-vs-unsecured-line-of-credit
IP 199.15.214.243:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 7e1a751d6f8efada000e3df3aac35514
4c73d56e1221bcee6aca2e954b71b9d6216de36e
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
POST /webevents/visitWebPage?_mchNc=1669897582769&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1669871026855-62703&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2Fsecured-vs-unsecured-line-of-credit%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsecured-vs-unsecured-line-of-credit HTTP/1.1
Host: 511-lvj-854.mktoresp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.0 200 OK
Server: BigIP
Connection: Keep-Alive
Content-Length: 43
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 5dd4ff5fef0e8a6233b3889ddedc151d
dfb1787bf73064fc8335271dfeaac14044ffdaad
4507be9e926284c401afc62cf193a7741e9f1f29c64e8c29836e785882698926
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139291
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "63880f0d-1d7"
Expires: Sat, 03 Dec 2022 03:07:56 GMT
Last-Modified: Thu, 01 Dec 2022 02:18:53 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hpjG_dFJTCu1K05TnF2ZErSioIC62FxfwLCGTFrO3tyXS2K29--e1g==
Age: 2943
manager.eu.smartlook.cloud/rec/sessions/b_C4ybQkVXEDmyQDJvltR/active?projectKey=532e326dd2a3ae45d5a84ad0772bb857a7a355ce
3.122.87.20200 OK 58 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/sessions/b_C4ybQkVXEDmyQDJvltR/active?projectKey=532e326dd2a3ae45d5a84ad0772bb857a7a355ce
IP 3.122.87.20:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14ee365e66cc0cb980c739d2d3114fb6
a4ec6f2ba10da367f5d9197b0afbb32e649b90eb
72f5f595dd45339b884be0a40b1d4e1ecdd334814bfccb4eb0a0e6f66578278b
GET /rec/sessions/b_C4ybQkVXEDmyQDJvltR/active?projectKey=532e326dd2a3ae45d5a84ad0772bb857a7a355ce HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://www.usbfund.com
Content-Type: application/json; charset=utf-8
Date: Thu, 01 Dec 2022 12:26:25 GMT
sl-trace-id: smLX255mmdV0Oclqkb24e
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 58
Connection: keep-alive
speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&r=
23.253.207.75403 Forbidden 18 B URL HTTP/1.1 speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&r=
IP 23.253.207.75:0
File type ASCII text, with no line terminators
Hash 25f009f228cd844020264ff74a36bb64
8e2ada0df86c2ea12930c55ebdc0575aa5e31d87
a4578829918d4df61d980bf0665df65a68d19ea4de6d0dfdb75fb099b47474bf
GET /anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&r= HTTP/1.1
Host: speedyfox.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 18
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
X-Timing: lt=0
Date: Thu, 01 Dec 2022 12:26:25 GMT
Connection: close
www.checkbca.org/stylesheets/font-awesome.min.css
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:32 GMT
If-None-Match: "032466bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/stylesheets/style.css
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:32 GMT
If-None-Match: "032466bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
207.137.0.213301 Moved Permanently 188 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Thu, 01 Dec 2022 12:26:25 GMT
content-length: 188
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
207.137.0.213301 Moved Permanently 196 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95d708e49ef3d81c5832e354dbdafb01
ddb6aa6d1990a59c42331129fef517bb9101fad1
429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Thu, 01 Dec 2022 12:26:25 GMT
content-length: 196
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery-3.3.1.min.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.bxslider.min.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectBox.js
207.137.0.213301 Moved Permanently 175 B URL HTTP/2 www.checkbca.org/scripts/jquery.selectBox.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46da262b5b1399dfbf30fac73e57a298
c176cf3cfa6da6a0748c497591ff3619467d6434
4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
GET /scripts/jquery.selectBox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Thu, 01 Dec 2022 12:26:25 GMT
content-length: 175
X-Firefox-Spdy: h2
www.checkbca.org/scripts/scripts.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/scripts.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:29 GMT
If-None-Match: "806e7c4bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
207.137.0.213301 Moved Permanently 180 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Thu, 01 Dec 2022 12:26:25 GMT
content-length: 180
X-Firefox-Spdy: h2
um.simpli.fi/triplelift
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /triplelift HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://eb2.3lift.com/xuid?mid=7969&xuid=F8E7A5D9F2A9442FA28640F70EA5D022&dongle=yf3
set-cookie: suid=F8E7A5D9F2A9442FA28640F70EA5D022; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=F8E7A5D9F2A9442FA28640F70EA5D022; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/freewheel
34.91.62.186200 OK 43 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /freewheel HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=9DB5BCC338E6482B9BB1DA4950305201; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=9DB5BCC338E6482B9BB1DA4950305201; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/dtnx
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /dtnx HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://fei.pro-market.net/engine?du=24;csync=A42423158CB142039D365903D82E6EF8;mimetype=img;
set-cookie: suid=A42423158CB142039D365903D82E6EF8; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=A42423158CB142039D365903D82E6EF8; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/exelatem
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /exelatem HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=345045AA68D6408AA5529E3A25D48920&j=0
set-cookie: suid=345045AA68D6408AA5529E3A25D48920; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=345045AA68D6408AA5529E3A25D48920; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/yahoo
34.91.62.186200 OK 43 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yahoo HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=719F65FFD1B14629A1E369F50B3EA6BC; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=719F65FFD1B14629A1E369F50B3EA6BC; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/beachfront
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /beachfront HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://sync.bfmio.com/sync?pid=141&uid=3C5CB93BC18F4B9F9C355602A020E0F0
set-cookie: suid=3C5CB93BC18F4B9F9C355602A020E0F0; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=3C5CB93BC18F4B9F9C355602A020E0F0; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/bluekai
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /bluekai HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://stags.bluekai.com/site/29931?id=AAC37D1E5D7B429094C2E6A42761B81E
set-cookie: suid=AAC37D1E5D7B429094C2E6A42761B81E; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=AAC37D1E5D7B429094C2E6A42761B81E; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/crwdcntrl
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /crwdcntrl HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=03F7152A56AF4969BF8BC0B9995AA253
set-cookie: suid=03F7152A56AF4969BF8BC0B9995AA253; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=03F7152A56AF4969BF8BC0B9995AA253; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/lj_match
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /lj_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://ce.lijit.com/merge?pid=2&3pid=92B2C9008F3142E3BA1B5DCE170F7999
set-cookie: suid=92B2C9008F3142E3BA1B5DCE170F7999; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=92B2C9008F3142E3BA1B5DCE170F7999; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2127bde04ad44ce578c974ce17014430
0671da7ac6281e7666378aec875006158b784931
e7353f4f5fdb557bbc3ed7b6c74c9a79d1bb7ef966f5bd471382feb82234bd93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
um.simpli.fi/liveramp_match
34.91.62.186302 Found 142 B URL HTTP/2 um.simpli.fi/liveramp_match
IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /liveramp_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://idsync.rlcdn.com/419566.gif?partner_uid=FBB76C74EB714AF5BF127FEC395C735C
set-cookie: suid=FBB76C74EB714AF5BF127FEC395C735C; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=FBB76C74EB714AF5BF127FEC395C735C; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/spotx_match
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /spotx_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=E5F99397E2E84727A157A204172D2022
set-cookie: suid=E5F99397E2E84727A157A204172D2022; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=E5F99397E2E84727A157A204172D2022; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/an
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /an HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://ib.adnxs.com/setuid?entity=66&code=8E2A27C1C54A442499BA67A9F67D7B65
set-cookie: suid=8E2A27C1C54A442499BA67A9F67D7B65; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=8E2A27C1C54A442499BA67A9F67D7B65; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/rb_match
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rb_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4BEF24EEE39341DBA1FD3EDA443EC0A5&expires=365
set-cookie: suid=4BEF24EEE39341DBA1FD3EDA443EC0A5; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=4BEF24EEE39341DBA1FD3EDA443EC0A5; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ox_match
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ox_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=4033DAE437E44FCEB33AB529664460ED
set-cookie: suid=4033DAE437E44FCEB33AB529664460ED; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=4033DAE437E44FCEB33AB529664460ED; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/telaria_p
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /telaria_p HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://simplifi.partners.tremorhub.com/sync?UISF=06D9B23248D94823B93E69DF645A6A04
set-cookie: suid=06D9B23248D94823B93E69DF645A6A04; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=06D9B23248D94823B93E69DF645A6A04; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/tapad
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /tapad HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EC7DD4B1BAE64CFE8E1CC70BF5D26974
set-cookie: suid=EC7DD4B1BAE64CFE8E1CC70BF5D26974; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=EC7DD4B1BAE64CFE8E1CC70BF5D26974; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/pubmatic
34.91.62.186200 OK 43 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pubmatic HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=B8772A8386024FAAAB46B2A645E5984B; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=B8772A8386024FAAAB46B2A645E5984B; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ad_advisor
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ad_advisor HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=6D3AF1B816804B8CB536CC09A43CA934
set-cookie: suid=6D3AF1B816804B8CB536CC09A43CA934; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=6D3AF1B816804B8CB536CC09A43CA934; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/intentiq
34.91.62.186302 Found 142 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /intentiq HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 142
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=202AD0F09B7D4814B2F8B5A862C592FE
set-cookie: suid=202AD0F09B7D4814B2F8B5A862C592FE; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=202AD0F09B7D4814B2F8B5A862C592FE; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
manager.eu.smartlook.cloud/rec/setup-recording/website
3.122.87.20200 OK 222 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/setup-recording/website
IP 3.122.87.20:0
File type JSON data\012- , ASCII text, with very long lines (468), with no line terminators
Hash f06c2f47372adc4a87e27682bac3ada3
52430931b5ae3aeefc2283b1c3f076aed83d2bed
2958cfa5c4776bc0109eceba6b39ed4d63dea6696573861b6cfa0ddd0e876a18
POST /rec/setup-recording/website HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.usbfund.com
Content-Length: 122
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://www.usbfund.com
Content-Encoding: br
Content-Type: application/json; charset=utf-8
Date: Thu, 01 Dec 2022 12:26:25 GMT
sl-trace-id: WvEaRJvBJE3jqjnY7Je0d
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 222
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8d42dbe45d28e98140b7b8e7337916c2
702722d1219f8037f75a0dc9e24936bf7d454533
987efb6ca64818d45978d4bb1ea0557f9531f57f757922ddecad760c854fc0ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5a33742a3ab45ae3322d577f141cc547
ae8340402ca7e72236e34197ac0864df6dc88eb2
a0256d598da3bccbdbcdda3c93fb1258ec416da6d3724e0d7dc894bc1932d190
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 12:26:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 10:10:21 GMT
Expires: Wed, 07 Dec 2022 10:10:20 GMT
Etag: "ae8340402ca7e72236e34197ac0864df6dc88eb2"
Cache-Control: max-age=602490,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 474
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772bcfa52acfb51b-OSL
cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
173.194.73.154302 Found 296 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
IP 173.194.73.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0103dd025950e32d5eb84f8e72ddb997
9ddb94b670f62f21ddee3157f2ad97d122bf8248
ad325fee7bf9ae842aa1ea62cadbd134bf6590eaa84413165b1b7c6f4e5afd0d
GET /pixel?google_nid=simplifi&google_cm&google_sc HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
date: Thu, 01 Dec 2022 12:26:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 296
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Dec-2022 12:41:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:32 GMT
If-None-Match: "032466bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:32 GMT
If-None-Match: "032466bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a024d5583f36a743e39f7443b117795f
fc35654b83057f651266308a2a5f8dcb379f8a8b
c279345cd67420f2fd738bed4d2f5770b1ed0ad5d20e6e893287334b8bca8898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2846
Cache-Control: max-age=98159
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "63876ec2-1d7"
Expires: Fri, 02 Dec 2022 15:42:24 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:58 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.checkbca.org/scripts/jquery.selectbox.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
173.194.73.154302 Found 248 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
IP 173.194.73.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 90f3317c598426fe1c249b0cc4845475
72856fffdc53e9e630c38bbd9b4fe04afb72015a
2d722b67473e8cf5282435d3608e9a9fe2092279aceaf9d88d4b89fecac69c8b
GET /pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://um.simpli.fi/g_match?id=&google_error=3
date: Thu, 01 Dec 2022 12:26:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectbox.css
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 02 Aug 2019 17:52:06 GMT
If-None-Match: "0a783ff5a49d51:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
fei.pro-market.net/engine?du=24;csync=A42423158CB142039D365903D82E6EF8;mimetype=img;
107.178.240.89302 Found 0 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=A42423158CB142039D365903D82E6EF8;mimetype=img;
IP 107.178.240.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engine?du=24;csync=A42423158CB142039D365903D82E6EF8;mimetype=img; HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="1+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rm7p81)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
location: https://fei.pro-market.net/engine?du=24;csync=A42423158CB142039D365903D82E6EF8;mimetype=img;sr
content-type: image/gif
content-length: 0
date: Thu, 01 Dec 2022 12:26:24 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 443ed6fb0876c524f42911456b472654
c3a55edaed521d5c162314a5149bf01b5e5bc2fe
c9f3a9c41a43b21c41b728a4836ebbc830baff1ae45b76c8effe8703e99297d5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91821
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "6387541d-1d7"
Expires: Fri, 02 Dec 2022 13:56:46 GMT
Last-Modified: Wed, 30 Nov 2022 13:01:17 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XPfIWYS0kp54Bg41Lu0v5Q7roIGDPHJYjvyblSBvXlq-O2kEyFHxQA==
Age: 3329
loadm.exelator.com/load/?p=204&g=2191&simid=345045AA68D6408AA5529E3A25D48920&j=0
54.78.254.47204 No Content 0 B URL HTTP/2 loadm.exelator.com/load/?p=204&g=2191&simid=345045AA68D6408AA5529E3A25D48920&j=0
IP 54.78.254.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=2191&simid=345045AA68D6408AA5529E3A25D48920&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 01 Dec 2022 12:26:25 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4a42e40f0b845638bc818872241dfe03
102dc1a2f51b436fc97e0311ac6a8f6534eea7c5
bbf8b69eef5c3b73763477c71c806c0125454c4889dab1c1a9903569ac9a64a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2811
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Last-Modified: Thu, 01 Dec 2022 11:39:34 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
fei.pro-market.net/engine?du=24;csync=A42423158CB142039D365903D82E6EF8;mimetype=img;sr
107.178.240.89200 OK 43 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=A42423158CB142039D365903D82E6EF8;mimetype=img;sr
IP 107.178.240.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 968c3ad2c1183fee0bf0dd479f7904b7
1d770800ecb05eb9133f9b51620c9e4349656859
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
GET /engine?du=24;csync=A42423158CB142039D365903D82E6EF8;mimetype=img;sr HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rm7p81)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
date: Thu, 01 Dec 2022 12:26:25 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
eb2.3lift.com/xuid?mid=7969&xuid=F8E7A5D9F2A9442FA28640F70EA5D022&dongle=yf3
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=7969&xuid=F8E7A5D9F2A9442FA28640F70EA5D022&dongle=yf3
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7969&xuid=F8E7A5D9F2A9442FA28640F70EA5D022&dongle=yf3 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4a42e40f0b845638bc818872241dfe03
102dc1a2f51b436fc97e0311ac6a8f6534eea7c5
bbf8b69eef5c3b73763477c71c806c0125454c4889dab1c1a9903569ac9a64a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2811
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Last-Modified: Thu, 01 Dec 2022 11:39:34 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
um.simpli.fi/g_match?id=&google_error=3
34.91.62.186204 No Content 0 B URL HTTP/2 um.simpli.fi/g_match?id=&google_error=3
IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g_match?id=&google_error=3 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 01 Dec 2022 12:26:25 GMT
set-cookie: suid=B74FBD57EDB44795BF4C9359997136ED; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; SameSite=none; Secure;
suid_legacy=B74FBD57EDB44795BF4C9359997136ED; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:25 GMT; Secure;
expires: Wed, 30 Nov 2022 12:26:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=66&code=8E2A27C1C54A442499BA67A9F67D7B65
37.252.171.85307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=66&code=8E2A27C1C54A442499BA67A9F67D7B65
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=66&code=8E2A27C1C54A442499BA67A9F67D7B65 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 01 Dec 2022 12:26:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D8E2A27C1C54A442499BA67A9F67D7B65
AN-X-Request-Uuid: 3ee6e567-0273-4e64-80f4-f4ede2c89c38
Set-Cookie: uuid2=431913091518447341; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 01-Mar-2023 12:26:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 9f102c815e39d6274b08199e22fbf9fa
bee276a9e8cddd145a90e4540d8ccdeaf394a07e
2f3993ebc474a556786e526301eebf4e39eb751c72ba140912d5f7f7661f2eae
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 12:26:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 30 Nov 2022 20:55:32 GMT
Expires: Thu, 01 Dec 2022 20:55:32 GMT
ETag: "bee276a9e8cddd145a90e4540d8ccdeaf394a07e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rec.smartlook.com/es6/bundle.766e6d0f96e22d2b6500.js
185.76.9.15200 OK 34 kB URL HTTP/2 rec.smartlook.com/es6/bundle.766e6d0f96e22d2b6500.js
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (65451)
Hash 921679b28a09d89f72d3ab504fc8308f
d09f249059aee64f1a7e777869cd980077cd0cb3
6837b4a353cadb5d0299043ad17456f6c145262d46508aacc779b4e6a70c04bf
GET /es6/bundle.766e6d0f96e22d2b6500.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63861b50-227d0"
last-modified: Tue, 29 Nov 2022 14:46:40 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1701270546
server: CDN77-Turbo
x-77-nzt: AblMCQ3ryPX/33wCAA
x-77-nzt-ray: c0a4cc28dadb14ed719d8863c942fb1c
x-cache: HIT
x-age: 163039
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash adc0de408a806f26d764586120ac91e3
189e35d7535da7c36251a62aaf530f2b382e7164
de3a6314f17856d1190554972ddaa259a8bbae134d219dc7cdb65f6e7f851ce4
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6378
Cache-Control: max-age=135174
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "6387f18d-1d7"
Expires: Sat, 03 Dec 2022 01:59:19 GMT
Last-Modified: Thu, 01 Dec 2022 00:13:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
stags.bluekai.com/site/29931?id=AAC37D1E5D7B429094C2E6A42761B81E
23.38.201.22200 OK 62 B URL HTTP/2 stags.bluekai.com/site/29931?id=AAC37D1E5D7B429094C2E6A42761B81E
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3f386f5061436a0338a64e0910db495d
599fe4a552c991a2b3ce5a1660732bf7b21fb901
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
GET /site/29931?id=AAC37D1E5D7B429094C2E6A42761B81E HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 01 Dec 2022 12:26:25 GMT
set-cookie: bku=blx99cs5ismOtRX1; Path=/; Domain=.bluekai.com; Expires=Thu, 01 Jun 2023 12:26:25 GMT; Secure; SameSite=None
bkpa=KJy9nyexd02pSUHknp/8mE1hwtkAwDaOxp1lHeaaBDxlxMx0mE98BW10HEjOBe/lBMaYmeaa9y93uyrC; Path=/; Domain=.bluekai.com; Expires=Thu, 01 Jun 2023 12:26:25 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash a239ff48fcb68102d64ff648a1aa9d56
1b731fcfe38fdf7786a6bedf99fa31b4342864c4
aca7780cfa65cb994e5f505d333e28b8fc9381c92e3b810caf09931f6a15a39c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 12:26:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 30 Nov 2022 22:04:48 GMT
Expires: Thu, 01 Dec 2022 22:04:48 GMT
ETag: "1b731fcfe38fdf7786a6bedf99fa31b4342864c4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af179c4b3764216ebea916fd3c1c02ea
cd526e451e0f46aece45ad2fbb3078389876e965
624f09ce51170b7946275ffd9464f31185c0f6f18acc91ae394de6d018d24749
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3316
Cache-Control: max-age=98617
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "63876eb6-1d7"
Expires: Fri, 02 Dec 2022 15:50:02 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:46 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a9ea20d468aed7ced6a490391227c9d7
fa21b125089fb014b244a0eee25b639a35812218
5aa7b9fc671e985d823215ee017d0bd1ac0d92e57a34fee69989402765755857
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3263
Cache-Control: max-age=135294
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "6387fe30-1d7"
Expires: Sat, 03 Dec 2022 02:01:19 GMT
Last-Modified: Thu, 01 Dec 2022 01:06:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 9706a3ab73dbba80722600995b6d4ec2
7fce46f4bc02cb239a0a975d5f68b64650d679ea
c81d7e291317cabd776186582a7757c02b0ec6ac54f67150375317e100dcee65
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2759
Cache-Control: max-age=154223
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "63884a19-2d7"
Expires: Sat, 03 Dec 2022 07:16:48 GMT
Last-Modified: Thu, 01 Dec 2022 06:30:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 727
sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=202AD0F09B7D4814B2F8B5A862C592FE
143.204.55.7403 Forbidden 986 B URL HTTP/2 sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=202AD0F09B7D4814B2F8B5A862C592FE
IP 143.204.55.7:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 71b8334ffd9419a887d65e4ade9d839d
8dde539b0c7ee80980f9f697c0d23887c545ae82
8d32c100172a57979840c0631808fbee20ffe156dcfc3ec8cf567079e66ac7d0
GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=202AD0F09B7D4814B2F8B5A862C592FE HTTP/1.1
Host: sync.intentiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bKzJ1GJUvmFHabIh2GKmKofEEmyYIhUf2QPuq4jxQOJGOVphSQ7nqg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.checkbca.org/images/widget_member_seal.png
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/images/widget_member_seal.png
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/widget_member_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Sat, 09 May 2020 03:31:08 GMT
If-None-Match: "8a855647b225d61:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Thu, 01 Dec 2022 12:26:25 GMT
X-Firefox-Spdy: h2
ce.lijit.com/merge?pid=2&3pid=92B2C9008F3142E3BA1B5DCE170F7999
216.52.2.48204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=2&3pid=92B2C9008F3142E3BA1B5DCE170F7999
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=2&3pid=92B2C9008F3142E3BA1B5DCE170F7999 HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 01 Dec 2022 12:26:25 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap5ams1
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D8E2A27C1C54A442499BA67A9F67D7B65
37.252.171.85200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D8E2A27C1C54A442499BA67A9F67D7B65
IP 37.252.171.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3D8E2A27C1C54A442499BA67A9F67D7B65 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 01 Dec 2022 12:26:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 33467a1c-a9b8-491f-bb20-8168b5fb595b
Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2In9qbI5Q!]tbPl1N!7On*M$=BWOvfS2+fl!NJ'e9qREfQhRXfoNBkiJ0>elw<)og_-Ra^!rIf/X%W#.wL4W1Qw28NjdHl; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 01-Mar-2023 12:26:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.search.spotxchange.com/partner?adv_id=7797&uid=E5F99397E2E84727A157A204172D2022
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=E5F99397E2E84727A157A204172D2022
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7797&uid=E5F99397E2E84727A157A204172D2022 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 12:26:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=5fa1f93a-7173-11ed-b046-1e8b65530206; expires=Thu, 29-Dec-2022 12:26:25 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7797&uid=E5F99397E2E84727A157A204172D2022&__user_check__=1&sync_id=5fa1f976-7173-11ed-b046-1e8b65530206
X-fe: 107
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=03F7152A56AF4969BF8BC0B9995AA253
63.32.97.75404 Not Found 49 B URL HTTP/2 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=03F7152A56AF4969BF8BC0B9995AA253
IP 63.32.97.75:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/c=7625/tp=SIMP/tpid=03F7152A56AF4969BF8BC0B9995AA253 HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.0.103
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4BEF24EEE39341DBA1FD3EDA443EC0A5&expires=365
69.173.144.138204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4BEF24EEE39341DBA1FD3EDA443EC0A5&expires=365
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6286&nid=2132&put=4BEF24EEE39341DBA1FD3EDA443EC0A5&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6daf601dd6be2ed50fba21a955db2a51
fcdb93ed4c42439af599ac06db4b494e046a7ac0
5e005fab5061f7c3f1bed0661af42f8becac46ee48306102734d3d4a1b49d922
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107149
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "6387907b-1d7"
Expires: Fri, 02 Dec 2022 18:12:14 GMT
Last-Modified: Wed, 30 Nov 2022 17:18:51 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ubbSKD9qJlnQEMCcwbZj41gbBIoctrZBYno7sLpc5p04eK-gkCjRUA==
Age: 3203
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash b544acc5be8bd467f2d9ddd6347b69a7
2306ecf3a2489114769266d86564ca33a2f5466e
b28858b2ac2fdd6639d6d6cb80327d026cdc3e63e66b3559330836e71ad8be53
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106924
Date: Thu, 01 Dec 2022 12:26:25 GMT
Etag: "63878f25-1d7"
Expires: Fri, 02 Dec 2022 18:08:29 GMT
Last-Modified: Wed, 30 Nov 2022 17:13:09 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P75olhmZYqMEh3PcCbNdkGru2a4CO49EA4CVLfKCBps7vn3GeR3FOA==
Age: 3320
sync.search.spotxchange.com/partner?adv_id=7797&uid=E5F99397E2E84727A157A204172D2022&__user_check__=1&sync_id=5fa1f976-7173-11ed-b046-1e8b65530206
185.94.180.126200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=E5F99397E2E84727A157A204172D2022&__user_check__=1&sync_id=5fa1f976-7173-11ed-b046-1e8b65530206
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7797&uid=E5F99397E2E84727A157A204172D2022&__user_check__=1&sync_id=5fa1f976-7173-11ed-b046-1e8b65530206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 12:26:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=5fb3cdba-7173-11ed-84f8-143d56a10206; expires=Thu, 29-Dec-2022 12:26:25 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 112
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.bfmio.com/sync?pid=141&uid=3C5CB93BC18F4B9F9C355602A020E0F0
3.208.68.81204 0 B URL HTTP/1.1 sync.bfmio.com/sync?pid=141&uid=3C5CB93BC18F4B9F9C355602A020E0F0
IP 3.208.68.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=141&uid=3C5CB93BC18F4B9F9C355602A020E0F0 HTTP/1.1
Host: sync.bfmio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
Date: Thu, 01 Dec 2022 12:26:25 GMT
Set-Cookie: __141_cid=3C5CB93BC18F4B9F9C355602A020E0F0; Domain=.bfmio.com; Expires=Fri, 01-Dec-2023 12:26:25 GMT; Path=/
__io_cid=a61b2213ab9f30757390ded52870f4b99c0b7684; Domain=.bfmio.com; Expires=Fri, 01-Dec-2023 12:26:25 GMT; Path=/
Connection: keep-alive
d.agkn.com/pixel/10751/?che=1669897585827&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216643104352001651848
52.212.243.74302 Found 0 B URL HTTP/1.1 d.agkn.com/pixel/10751/?che=1669897585827&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216643104352001651848
IP 52.212.243.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/10751/?che=1669897585827&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216643104352001651848 HTTP/1.1
Host: d.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache, must-revalidate
Date: Thu, 01 Dec 2022 12:26:25 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://um.simpli.fi/aa_px?sk=216643104352001651848
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AY4D6fUZHHzvPIFtXK915gljCBZp0I%2FC7;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
u=C|0AAArG1nyKxtZ8gAAAAAA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 0
Connection: keep-alive
um.simpli.fi/aa_px?sk=216643104352001651848
34.91.62.186302 Found 142 B URL HTTP/2 um.simpli.fi/aa_px?sk=216643104352001651848
IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /aa_px?sk=216643104352001651848 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 12:26:26 GMT
content-type: text/html
content-length: 142
set-cookie: suid=72071BA57FBF4CD7A5091EDACA878312; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:26 GMT; SameSite=none; Secure;
suid_legacy=72071BA57FBF4CD7A5091EDACA878312; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:26 GMT; Secure;
location: /empty.gif
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash cd465b33715cbbf6a49f53d54d1dc156
30b2fd358b72b26d97e92d14bedd2109ff8216c8
2ee6908a1e479b50f22e76779c766350006b870220bbe2963a579b6007d8ef8f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Dec 2022 12:26:26 GMT
Last-Modified: Thu, 01 Dec 2022 11:26:48 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vr5G8Y2-0iSxGGhphUlKSskwIgXrn5lxUbuVff9Y3GNaUqV2dy-PZg==
Age: 3578
um.simpli.fi/empty.gif
34.91.62.186200 OK 43 B IP 34.91.62.186:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /empty.gif HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:26 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=94BAC1C5B22E44A59B8DC5A8F9E8CF7E; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:26 GMT; SameSite=none; Secure;
suid_legacy=94BAC1C5B22E44A59B8DC5A8F9E8CF7E; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:26 GMT; Secure;
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
web-writer.eu.smartlook.cloud/rec/v3/write?rid=-wo6wKw11ClyTsnnq6oDK&sid=b_C4ybQkVXEDmyQDJvltR&vid=YI1Fj4fL305r3Tr_k8I_i
18.184.145.64204 No Content 0 B URL HTTP/1.1 web-writer.eu.smartlook.cloud/rec/v3/write?rid=-wo6wKw11ClyTsnnq6oDK&sid=b_C4ybQkVXEDmyQDJvltR&vid=YI1Fj4fL305r3Tr_k8I_i
IP 18.184.145.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rec/v3/write?rid=-wo6wKw11ClyTsnnq6oDK&sid=b_C4ybQkVXEDmyQDJvltR&vid=YI1Fj4fL305r3Tr_k8I_i HTTP/1.1
Host: web-writer.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Content-Type: multipart/form-data; boundary=---------------------------300125990631663392342029247779
Origin: https://www.usbfund.com
Content-Length: 118040
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.usbfund.com
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 01 Dec 2022 12:26:26 GMT
sl-trace-id: c6hTVapapOgw41OWmZ7y1
Strict-Transport-Security: max-age=63072000; includeSubDomains
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 2f941efafb7b4bf93a0517950d4c1314
94a258b4526c4469671da30043eca02fdc8c5789
47f11d713a297c1ec7a3c0b655463360d4c169185c90fe87178fb289c08c3530
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116758
Date: Thu, 01 Dec 2022 12:26:27 GMT
Etag: "6387a9bf-1d7"
Expires: Fri, 02 Dec 2022 20:52:25 GMT
Last-Modified: Wed, 30 Nov 2022 19:06:39 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ipgokFhH7VmgDs8eYars_p2rnUs-n7jtBoeZyoyKgEnOR_3okcJ6vQ==
Age: 6346
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=f7abaad3-cc29-4879-cfad-fb264c70c376&v0=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p0=4d6b2395-994d-a598-7a8c-520c09c4e32e&u0=4d6b2395-994d-a598-7a8c-520c09c4e32e&c0=89342177&t0=1669897582496&ur0=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&ti0=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=secured-vs-unsecured-line-of-credit&e1=pageview_ping&ci1=f7abaad3-cc29-4879-cfad-fb264c70c376&v1=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p1=4d6b2395-994d-a598-7a8c-520c09c4e32e&u1=f0178a7f-4eb9-8ca8-6f7f-6f888f7c0664&c1=89342177&t1=1669897582496&li1=1669897582495&e2=pageview_ping&ci2=f7abaad3-cc29-4879-cfad-fb264c70c376&v2=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p2=4d6b2395-994d-a598-7a8c-520c09c4e32e&u2=617324af-2bf8-dda9-a6a9-da5fb1d587e8&c2=89342177&t2=1669897582497&li2=1669897582495
52.18.199.23200 OK 37 B URL HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=f7abaad3-cc29-4879-cfad-fb264c70c376&v0=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p0=4d6b2395-994d-a598-7a8c-520c09c4e32e&u0=4d6b2395-994d-a598-7a8c-520c09c4e32e&c0=89342177&t0=1669897582496&ur0=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&ti0=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=secured-vs-unsecured-line-of-credit&e1=pageview_ping&ci1=f7abaad3-cc29-4879-cfad-fb264c70c376&v1=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p1=4d6b2395-994d-a598-7a8c-520c09c4e32e&u1=f0178a7f-4eb9-8ca8-6f7f-6f888f7c0664&c1=89342177&t1=1669897582496&li1=1669897582495&e2=pageview_ping&ci2=f7abaad3-cc29-4879-cfad-fb264c70c376&v2=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p2=4d6b2395-994d-a598-7a8c-520c09c4e32e&u2=617324af-2bf8-dda9-a6a9-da5fb1d587e8&c2=89342177&t2=1669897582497&li2=1669897582495
IP 52.18.199.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=f7abaad3-cc29-4879-cfad-fb264c70c376&v0=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p0=4d6b2395-994d-a598-7a8c-520c09c4e32e&u0=4d6b2395-994d-a598-7a8c-520c09c4e32e&c0=89342177&t0=1669897582496&ur0=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&ti0=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=secured-vs-unsecured-line-of-credit&e1=pageview_ping&ci1=f7abaad3-cc29-4879-cfad-fb264c70c376&v1=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p1=4d6b2395-994d-a598-7a8c-520c09c4e32e&u1=f0178a7f-4eb9-8ca8-6f7f-6f888f7c0664&c1=89342177&t1=1669897582496&li1=1669897582495&e2=pageview_ping&ci2=f7abaad3-cc29-4879-cfad-fb264c70c376&v2=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p2=4d6b2395-994d-a598-7a8c-520c09c4e32e&u2=617324af-2bf8-dda9-a6a9-da5fb1d587e8&c2=89342177&t2=1669897582497&li2=1669897582495 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:27 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=f7abaad3-cc29-4879-cfad-fb264c70c376&v0=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p0=4d6b2395-994d-a598-7a8c-520c09c4e32e&u0=efd313e4-fe6b-c110-6e62-8b6958f833a7&c0=89342177&t0=1669897586998&li0=1669897582495&e1=pageview_ping&ci1=f7abaad3-cc29-4879-cfad-fb264c70c376&v1=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p1=4d6b2395-994d-a598-7a8c-520c09c4e32e&u1=4506e4da-eb7c-d338-0ff5-88a83fa19996&c1=89342177&t1=1669897587753&li1=1669897582495
52.18.199.23200 OK 37 B URL HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=f7abaad3-cc29-4879-cfad-fb264c70c376&v0=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p0=4d6b2395-994d-a598-7a8c-520c09c4e32e&u0=efd313e4-fe6b-c110-6e62-8b6958f833a7&c0=89342177&t0=1669897586998&li0=1669897582495&e1=pageview_ping&ci1=f7abaad3-cc29-4879-cfad-fb264c70c376&v1=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p1=4d6b2395-994d-a598-7a8c-520c09c4e32e&u1=4506e4da-eb7c-d338-0ff5-88a83fa19996&c1=89342177&t1=1669897587753&li1=1669897582495
IP 52.18.199.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=f7abaad3-cc29-4879-cfad-fb264c70c376&v0=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p0=4d6b2395-994d-a598-7a8c-520c09c4e32e&u0=efd313e4-fe6b-c110-6e62-8b6958f833a7&c0=89342177&t0=1669897586998&li0=1669897582495&e1=pageview_ping&ci1=f7abaad3-cc29-4879-cfad-fb264c70c376&v1=e7368dfd-feb5-48cd-3bb7-542c2b668d41&p1=4d6b2395-994d-a598-7a8c-520c09c4e32e&u1=4506e4da-eb7c-d338-0ff5-88a83fa19996&c1=89342177&t1=1669897587753&li1=1669897582495 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:29 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
sendlane.com/js/eventing.js
104.16.166.6200 OK 0 B URL HTTP/2 sendlane.com/js/eventing.js
IP 104.16.166.6:0
GET /js/eventing.js HTTP/1.1
Host: sendlane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:21 GMT
content-type: text/javascript
cache-control: public, max-age=60
cf-bgj: minify
etag: W/"711-5900675a88b6e-gzip"
expires: Thu, 01 Dec 2022 12:27:21 GMT
last-modified: Tue, 13 Aug 2019 21:38:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 26
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772bcf8e79581c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=6D3AF1B816804B8CB536CC09A43CA934
3.67.155.142302 Found 0 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=6D3AF1B816804B8CB536CC09A43CA934
IP 3.67.155.142:0
GET /adscores/g.pixel?sid=9201915418&sifi_uid=6D3AF1B816804B8CB536CC09A43CA934 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 01 Dec 2022 12:26:25 GMT
location: https://d.agkn.com/pixel/10751/?che=1669897585827&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216643104352001651848
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3AzCl6mA9Kq5Fdb8m43p67An3nW9F2JmN9; Path=/; Domain=.agkn.com; Expires=Fri, 01-Dec-2023 12:26:25 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1669897500000/5627136.js
104.17.71.176200 OK 0 B URL HTTP/2 js.hs-analytics.net/analytics/1669897500000/5627136.js
IP 104.17.71.176:0
GET /analytics/1669897500000/5627136.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:23 GMT
content-type: text/javascript
x-amz-id-2: SlMYvUtc8P0fxH8VKLZLp/RlVGTsdz1QXInNUDFWdHVuPHib9C/qQog6VSjAz7Arw4qBGJNuQb4=
x-amz-request-id: B08RQN0SPC63GM05
last-modified: Wed, 30 Nov 2022 15:15:08 GMT
etag: W/"52732dbfcfd497d96beaf0118930aaf9"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Thu, 01 Dec 2022 12:30:25 GMT
cf-cache-status: HIT
age: 58
server: cloudflare
cf-ray: 772bcf9bdc460b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&r=&uq=a543409a-1a56-419c-9c69-18595fd6e09f&c=1&o=&ac=74851e2c-3304-44a4-b017-18595f683cb6&t=1669897582632
54.243.247.131200 OK 0 B URL HTTP/2 beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&r=&uq=a543409a-1a56-419c-9c69-18595fd6e09f&c=1&o=&ac=74851e2c-3304-44a4-b017-18595f683cb6&t=1669897582632
IP 54.243.247.131:0
GET /apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&r=&uq=a543409a-1a56-419c-9c69-18595fd6e09f&c=1&o=&ac=74851e2c-3304-44a4-b017-18595f683cb6&t=1669897582632 HTTP/1.1
Host: beacon.cdnma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: public
cache-control: max-age=1209600
expires: Thu, 15 Dec 2022 12:26:24 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://www.usbfund.com/wp-json/>; rel="https://api.w.org/", <https://www.usbfund.com/wp-json/wp/v2/posts/2701>; rel="alternate"; type="application/json", <https://www.usbfund.com/?p=2701>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/formidable/css/formidableforms.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 16:10:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
js.hs-banner.com/5627136.js
172.64.154.85200 OK 0 B URL HTTP/2 js.hs-banner.com/5627136.js
IP 172.64.154.85:0
GET /5627136.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:22 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: Asv8l07dkJMi9iM1mwCzeifdE0vHMYDuYT5NfVi/3YsxobSOtlh6OglvSSVbwbXJlR09ttpVAR8=
x-amz-request-id: RBE33NQNCFG0K1J9
last-modified: Tue, 25 Oct 2022 20:40:18 GMT
etag: W/"cac405a2f26900fc1b5f45bc4b2fbd5a"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: zI4pJTLFNjPt5tClOnwXN36nhgXVyIrD
access-control-allow-origin: https://www.usbfund.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Thu, 01 Dec 2022 12:30:22 GMT
cf-cache-status: HIT
age: 60
server: cloudflare
cf-ray: 772bcf932a6db524-OSL
content-encoding: br
X-Firefox-Spdy: h2
ws.zoominfo.com/pixel/62e2c4ac62a6b2008e05e3be
104.16.101.12200 OK 0 B URL HTTP/2 ws.zoominfo.com/pixel/62e2c4ac62a6b2008e05e3be
IP 104.16.101.12:0
GET /pixel/62e2c4ac62a6b2008e05e3be HTTP/1.1
Host: ws.zoominfo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Cookie: visitorId=a3c9492fefbad85fd1d8875a779f2f53622656ef254c43ad2ed1d9062df502e9; __cf_bm=sKNnQpojTYgpcYHDcYDkTOTGfFY0QgdHF_bfEjKh8SY-1669897566-0-AQflPjK5aGcEj+dXRhSG/QM0gKFJMTcsjUeXySM1rrAT7NyYFp+H/DKDfBLgdP8NCGEh9Nh4B52J7/5cTd4+0mI=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:22 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
x-content-type-options: nosniff
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772bcf917ac7b509-OSL
X-Firefox-Spdy: h2
i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
169.50.137.179200 OK 0 B URL HTTP/2 i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
IP 169.50.137.179:0
GET /p?cid=323546&cb=sifi_att_42656._hp HTTP/1.1
Host: i.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:24 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: suid=F9A0033E5408461C82A7F3436988B69C; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:24 GMT; SameSite=none; Secure;
suid_legacy=F9A0033E5408461C82A7F3436988B69C; Path=/; domain=simpli.fi; Expires=Sat, 02-Dec-23 12:26:24 GMT; Secure;
uid_syncd=true; path=/; expires=Thu, 08 Dec 2022 12:26:24 GMT; domain=.simpli.fi; secure
uid_syncd_secure=true; path=/; expires=Thu, 08 Dec 2022 12:26:24 GMT; domain=.simpli.fi; samesite=none; secure
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
simplifi.partners.tremorhub.com/sync?UISF=06D9B23248D94823B93E69DF645A6A04
52.7.12.182200 OK 0 B URL HTTP/2 simplifi.partners.tremorhub.com/sync?UISF=06D9B23248D94823B93E69DF645A6A04
IP 52.7.12.182:0
GET /sync?UISF=06D9B23248D94823B93E69DF645A6A04 HTTP/1.1
Host: simplifi.partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:25 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/style.css
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/wp-content/themes/usb/style.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/usb/style.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 22:11:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
js.hs-scripts.com/5627136.js
104.17.211.204200 OK 0 B URL HTTP/2 js.hs-scripts.com/5627136.js
IP 104.17.211.204:0
GET /5627136.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:21 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.usbfund.com
access-control-max-age: 3600
cache-control: public, max-age=60
cf-bgj: minify
cf-polished: origSize=964
last-modified: Thu, 01 Dec 2022 11:50:33 GMT
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 97619479-2493-4cc9-ae7e-9174df0dacf4
x-trace: 2B102147BA833E4CFF170FB89367A75E8F16A3FCAC000000000000000000
cf-cache-status: HIT
age: 60
expires: Thu, 01 Dec 2022 12:27:21 GMT
server: cloudflare
cf-ray: 772bcf8e1f711bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/plugins.js
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/plugins.js
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/plugins.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.1517217412.1669871026; __ss=1669897565054; _ga_YYEX7W0G95=GS1.1.1669897565.2.0.1669897572.0.0.0; _ga=GA1.2.1900859759.1669871026; wc_visitor=100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fget-a-small-business-loan%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-0b3ceba9-3d29-1f7d-3e76-b92cdc89f8e3+..+; __ss_tk=202212%7C638835b31cd8583e2f701579; omnisendAnonymousID=NL7jssKLYteB50-20221201050346; prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; nQ_cookieId=f7abaad3-cc29-4879-cfad-fb264c70c376; _gid=GA1.2.1214475182.1669871027; _mkto_trk=id:511-LVJ-854&token:_mch-usbfund.com-1669871026855-62703; __mauuid=a543409a-1a56-419c-9c69-18595fd6e09f; __hstc=152200550.2017860626c582ff2a5a349350c8430b.1669871027572.1669871027572.1669897567341.2; hubspotutk=2017860626c582ff2a5a349350c8430b; __ss_referrer=https%3A//www.usbfund.com/get-a-small-business-loan/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; omnisendSessionID=yOaAGGPgFHiGTr-20221201122605; wc_swap=9494033493+..+9494611140+..+68836; nQ_userVisitId=e7368dfd-feb5-48cd-3bb7-542c2b668d41; _gat_UA-237731194-1=1; _gat_gtag_UA_210860007_1=1; SL_C_23361dd035530_SID=b_C4ybQkVXEDmyQDJvltR; SL_C_23361dd035530_VID=YI1Fj4fL305r3Tr_k8I_i; SL_C_23361dd035530_KEY=532e326dd2a3ae45d5a84ad0772bb857a7a355ce; ln_or=d; __hssc=152200550.1.1669897567341
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Thu, 01 Dec 2022 12:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&t=c32572da-50d2-46e1-95e0-2337673f93c2
104.17.146.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&t=c32572da-50d2-46e1-95e0-2337673f93c2
IP 104.17.146.91:0
GET /?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&t=c32572da-50d2-46e1-95e0-2337673f93c2 HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Cookie: prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:22 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_224499963=c32572da-50d2-46e1-95e0-2337673f93c2; expires=Sat, 31-Dec-2022 12:26:22 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 50
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772bcf946989b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.462db28866d53d1d25a1.js
185.76.9.15200 OK 0 B URL HTTP/2 rec.smartlook.com/es6/init.462db28866d53d1d25a1.js
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
GET /es6/init.462db28866d53d1d25a1.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 12:26:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63861b50-d477"
last-modified: Tue, 29 Nov 2022 14:46:40 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1701270485
server: CDN77-Turbo
x-77-nzt: AblMCQ2A1yf/G30CAA
x-77-nzt-ray: c0a4cc28dadb14ed709d88637a7cf70e
x-cache: HIT
x-age: 163099
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2